Cybercrime | News, how-tos, features, reviews, and videos

canberra act shutterstock 212068249
north korea statue pyongyang

email popup warning window phishing cybersecurity security

Guardz releases AI-powered phishing protection solution for SMEs, MSPs

Solution combines email security, web browsing protection, perimeter posture, and awareness culture to help tackle phishing attacks.

barracuda 1200x800

Barracuda urges customers to replace vulnerable appliances immediately

A patch for the vulnerability, which has been exploited since October 2022, had been issued by Barracuda last month to stop the exploit from allowing ESG backdooring.

major cyber attack global international cybersecurity

Clop extortion gang gives MOVEit exploit victims one week to reach out

At least 20 organizations have been compromised by Clop's MOVEit exploit, according to new research.

Android mobile phone code

Over 60,000 Android apps infected with adware-pushing malware

While currently used to push adware, the campaign can redirect users to other types of malware, such as banking Trojans, to steal credentials and financial information or ransomware.

VMware: Why CISOs Are Looking to Lateral Security to Mitigate Ransomware

Traditional malware increasingly takes advantage of ChatGPT for attacks

As exploits against vulnerabilities increase overall, Palo Alto Networks' research unit has observed a jump in attempts to mimic ChatGPT through squatting domains.

quantum computing digital communication network security

ChatGPT creates mutating malware that evades detection by EDR

Mutating, or polymorphic, malware can be built using the ChatGPT API at runtime to effect advanced attacks that can evade endpoint detections and response (EDR) applications.

Toyota Concept-i

Cloud misconfiguration causes massive data breach at Toyota Motor

Vehicle data and customer information were exposed for over eight years due to a cloud misconfiguration at Toyota Motor that impacted over 260,000 customers.

8 code driven security

Clop ransomware gang exploits the MOVEit Transfer vulnerability to steal data

At least one organization, UK payroll provider Zellis, has confirmed a breach via the MOVEit utility.

Bitcoin symbol on the ground surrounded by crime scene tape and forensic evidence markers.

Atomic Wallet hack leads to at least $35M in stolen crypto assets

The biggest victim of the cryptocurrency hack on Atomic Wallet was an individual who reportedly lost $7.95 million in Tether. 

Two people review information on a tablet in an office workspace.

Federal cyber incidents reveal challenges of implementing US National Cybersecurity Strategy

As federal government cybersecurity incidents continue to mount, the Biden administration's National Cybersecurity Strategy should help, although experts say implementing it won't be easy.

angry face emoji on mobile phone

Russia points finger at US for iPhone exploit campaign that also hit Kaspersky Lab

The Operation Triangulation surveillance campaign infects Apple iPhones without the need for user action and is difficult to detect.

green tree python

Attackers use Python compiled bytecode to evade detection

Newly discovered campaign takes advantage of the fact that most vulnerability scanning tools don't read compiled open-source software.

hacker handcuffs laptop cybercrime cyber crime arrested

What is the Cybercrime Atlas? How it can help disrupt cybercrime

The Cybercrime Atlas aims to map the cybercriminal ecosystem worldwide and allow global law enforcement agencies to access that information when fighting cybercrime.

05 malware

Gigabyte firmware component can be abused as a backdoor

Attackers can abuse the UEFI firmware to inject executable malware code into the Windows kernel, compromising systems.


Barracuda patches zero-day vulnerability exploited since October

The vulnerability stemmed from incomplete input validation of user-supplied .tar files.

fishing phishing survival competition different point of view

Phishing remained the top identity abuser in 2022: IDSA report

The survey revealed phishing as the most common identity-related incident in 2022, with “emails” as the most popular type.

major cyber attack global international cybersecurity

AI-automated malware campaigns coming soon, says Mikko Hyppönen

The industry pioneer also expects cybersecurity to remain a growth business for years and sees Russian hacktivists as demoralizing European infosec teams.

Can your employer spy on your iPhone or Android phone?

Screen recording Android app found to be spying on users

iRecorder was a legitimate app made available on Google Play Store in September 2021. A remote access trojan AhRat was most likely added to it a year later.

Load More