NSA Issues Guidance On Securing Wireless Devices In Public Settings
the Cybersecurity Information Sheet, “Securing Wireless Devices in Public Settings” today to help National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) teleworkers identify potential threats and minimize risks to their wireless devices and data.
No More Ransom Saves Nearly €1 Billion In Ransomware Payments In 5 Years
The No More Ransom project celebrates its fifth anniversary after helping over six million ransomware victims recover their files and saving them almost €1 billion in ransomware payments.
Clubhouse Denied Data Breach Exposing Users Phone Number
The company also said that it continues to invest in industry-leading security practices as privacy and security are of the utmost importance to Clubhouse.
Nearly 4 Million Phone Number Of Clubhouse Users Allegedly Leaked On Hackers Forum
Nearly four million phone numbers of Clubhouse users have been allegedly leaked and are ‘up for sale’ on the Dark Web.
Kaseya Obtains Universal Decryptor For REvil Ransomware Victims
it’s unclear how Kaseya got the decryptor, but the company said it was obtained from a “trusted third party.” Cybersecurity company Emsisoft verified the decryptor and confirmed that it works properly, Kaseya said.
What Is Pegasus And How Does It Hack Phones?
Pegasus is a remote access tool (RAT) with spyware capabilities. It is developed by the Israeli cyberarms firm NSO Group that can infiltrate Android devices and certain versions of Apple’s iOS.
Chinese Hackers Breached Over A Dozen US Pipeline Operators
The U.S. Government identified and tracked 23 U.S. natural gas pipeline operators targeted from 2011 to 2013 in this spearphishing and intrusion campaign. Of the known targeted entities, 13 were confirmed compromises, 3 were near misses, and 7 had an unknown depth of intrusion.
Microsoft Seized 17 Domains Used To Scam Office 365 Users
Microsoft’s Digital Crimes Unit (DCU) has seized 17 malicious domains used by scammers in a business email compromise (BEC) campaign targeting the company’s customers.
Critical SQL Injection Vulnerability Patched In WooCommerce
A critical SQL injection vulnerability was discovered in WooCommerce, the most popular e-Commerce plugin used by over 5 million WordPress sites.
Moldova’s Court of Accounts Suffers Cyberattack, Public Databases And Audits Destroyed
Moldova’s “Court of Accounts” has suffered a cyberattack resulting in the agency’s public databases and audits being destroyed.
US State Department Offering $10 Million Rewards For State-Backed Hackers
The U.S. Department of State’s Rewards for Justice (RFJ) program is offering a reward of up to $10 million for information leading to the identification or location of any person who, while acting at the direction or under the control of a foreign government, participates in malicious cyber activities against U.S. critical infrastructure in violation of the Computer Fraud and Abuse Act (CFAA).
SonicWall Issued ‘Urgent Security Notice’ About Ransomware Targeting EOL SMA 100 VPN Appliances
SonicWall has issued an “urgent security notice” warning customers of ransomware attacks targeting unpatched end-of-life (EoL) Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products.
Chinese Hackers Behind SolarWinds Attack: Microsoft
Tech giant Microsoft has revealed that themassive SolarWinds cyber attack was operated by a group of hackers from China.
Kaseya Patches VSA Vulnerabilities Used In REvil Ransomware Attack
Kaseya has released a security update for the VSA zero-day vulnerabilities used by the REvil ransomware gang to attack MSPs and their customers.
Iran’s Transport Ministry Hit By A Cyberattack
Computer systems of the staff of the Ministry of Roads and Urban Development were the subject of the attack which resulted in the ministry’s portal and sub-portal sites becoming unavailable, the TV channel reported.
Chinese Hackers Targeting SBI Users Via Phishing Scam
Chinese hackers are targeting the State Bank of India (SBI) users with phishing scams, asking them to update their KYC using a particular website link and offering free gifts worth Rs 50 lakh from the bank via WhatsApp message.
Google Removes 9 Android Apps For Stealing Facebook Credentials
Tech giant Google has removed 9 android apps from the Play Store after it was found these apps stole user’s Facebook login credentials.
REvil Ransomware Group Demands $70 Million To Decrypt All Kaseya Attack Victims
The ransomware group behind the Kaseya supply-chain attack is demanding $70 million ransom in Bitcoin for the tool that allows all affected businesses to recover their files.
REvil Ransomware Group Is Increasing Ransom For Kaseya Ransomware Attack Victims
Last week, a massive REvil ransomware attack affects multiple managed service providers and their clients through a reported Kaseya supply-chain attack and now the ransomware gang is increasing the ransom demands.