Blog - Page 492 of 939

Hackers are taking over CEO accounts with rogue OAuth apps

Threat analysts have observed a new campaign named ‘OiVaVoii’, targeting company executives and general managers with malicious OAuth apps and custom phishing lures sent from hijacked Office 365 accounts. […]

28 Jan

Finnish diplomats’ phones infected with NSO Group Pegasus spyware

Finland’s Ministry for Foreign Affairs says devices of Finnish diplomats have been hacked and infected with NSO Group’s Pegasus spyware in a cyber-espionage campaign. […]

28 Jan

Finland warns of Facebook accounts hijacked via Messenger phishing

Finland’s National Cyber Security Centre (NCSC-FI) warns of an ongoing phishing campaign attempting to hijack Facebook accounts by impersonating victims’ friends in Facebook Messenger chats. […]

28 Jan

Microsoft Outlook RCE zero-day exploits now selling for $400,000

Exploit broker Zerodium has announced a pay jump to 400,000 for zero-day vulnerabilities that allow remote code execution (RCE) in Microsoft Outlook email client. […]

28 Jan

QNAP force-installs update after DeadBolt ransomware hits 3,600 devices

QNAP force-updated customer’s Network Attached Storage (NAS) devices with firmware containing the latest security updates to protect against the DeadBolt ransomware, which has already encrypted over 3,600 devices. […]

27 Jan

DeepDotWeb admin imprisoned for advertising illegal dark web markets

An Israeli citizen who operated DeepDotWeb (DDW), a news site and review site for dark web sites, has received a sentence of 97 months in prison for money laundering and was ordered to forfeit $8,414,173. […]

27 Jan

Taiwanese Apple and Tesla contractor hit by Conti ransomware

Delta Electronics, a Taiwanese electronics company and a provider for Apple, Tesla, HP, and Dell, disclosed that it was the victim of a cyberattack discovered on Friday morning. […]

27 Jan

Lazarus hackers use Windows Update to deploy malware

North Korean-backed hacking group Lazarus has added the Windows Update client to its list of living-off-the-land binaries (LoLBins) and is now actively using it to execute malicious code on Windows systems. […]

27 Jan

Microsoft warns of multi-stage phishing campaign leveraging Azure AD

Microsoft’s threat analysts have uncovered a large-scale, multi-phase phishing campaign that uses stolen credentials to register devices onto the target’s network and use them to distribute phishing emails. […]

27 Jan

Microsoft: Windows 11 now in broad deployment for eligible devices

Microsoft says Windows 11 has now entered the broad deployment phase, making it available for everyone with an eligible device via Windows Update. […]