Fraudster Sentenced To Prison For Long-Running Phone Unlocking Scheme That Defrauded AT&T
Muhammad Fahd, a citizen of Pakistan and Grenada, was sentenced to 12 years in prison for his leadership role in a seven-year scheme to unlawfully unlock nearly 2 million phones to defraud AT&T Inc.
US Government Sites Are Showing Porn And Viagra Ads
Security researcher Zach Edwards has discovered that various US government and military websites have been hosting porn and Viagra ads, in the last year.
Bitdefender Releases Master Decrypter For REvil Ransomware Victims
Bitdefender has released a free master decryptor for the REvil ransomware in collaboration with a trusted law enforcement partner.
Scammers Defraud Victims Of Millions Of Dollars In New Trend In Romance Scams: FBI
The Federal Bureau of Investigation (FBI) warned today that scammers are defrauding victims via online romance scams, persuading individuals to send money to allegedly invest or trade cryptocurrency.
Ransomware Encrypts South Africa’s Entire Dept Of Justice Network
The Department of Justice’s IT system in South Africa suffers a security breach that has encrypted its entire network. The breach was effected through ransomware on the evening of 6 September 2021.
HP OMEN Gaming Hub Privilege Escalation Bug Hits Millions Of Gaming Devices
Attackers could exploit these vulnerabilities to locally escalate to kernel-mode privileges. With this level of access, attackers can disable security products, overwrite system components, corrupt the OS, or perform any malicious operations unimpeded.
Japan To Introduce Tougher Punishment To Combat Cybercrime
Japanese Justice Minister Yoko Kamikawa said on Tuesday that the country is considering the introduction of a tougher jail sentence as part of penalties for cybercrimes.
Huawei ‘Infiltrates’ Cambridge University Research Centre
Huawei has been accused of “infiltrating” a Cambridge University research center after most of its academics were found to have ties with the Chinese company, The Times, UK reported.
51% Of Asia-Pacific Companies Blame Cyberattacks On Unknown Assets
A new poll by MIT Technology Review Insights, in association with Palo Alto Networks, uncovers the complex challenges Asia-Pacific companies face in securing networks and systems for remote workers in the post-pandemic era.
MyRepublic Singapore Data Breach Exposes Nearly 80k Users’ Personal Info
MyRepublic Singapore has disclosed a data breach exposing the personal information of approximately 80,000 mobile subscribers.
500k Fortinet VPN Accounts Credentials Leaked Online
Hacker has leaked a list of almost 500,000 Fortinet VPN login names and passwords that were allegedly scraped from exploitable devices last summer.
6 Tips For Staying Safe From Ransomware Attacks
Ransomware is malware that employs encryption to hold a victim’s information at ransom. It encrypts the victim’s files, making them inaccessible, and demands a ransom payment to decrypt them.
Babuk Ransomware’s Full Source Code Leaked On The Dark Web
A hacker has leaked the complete source code for the Babuk ransomware on a Russian-speaking hacking forum.
FBI Warns About An Increase In Sextortion Complaints
The FBI Internet Crime Complaint Center (IC3) warns about a large increase in the number of sextortion complaints.
Over 1 Million Sites Affected By Gutenberg Template Library & Redux Framework Vulnerabilities
One vulnerability allowed users with lower permissions, such as contributors, to install and activate arbitrary plugins and delete any post or page via the REST API. A second vulnerability allowed unauthenticated attackers to access potentially sensitive information about a site’s configuration.
How To Protect Your Business From Phishing Scams
Phishing scams have been around for a long time, but the internet has made it even easier for criminals to trick victims into handing over sensitive information. Employee emails are at the heart of many phishing attacks, as they are often the primary way for hackers to gain access to your employees’ financial information and access to critical internal systems.
Ragnarok Ransomware Shuts Down Its Operation And Releases Master Decryptor
Ragnarok ransomware gang has released the master key that can decrypt files locked with their malware.
Default Settings In Microsoft Tool Exposes 38 Million Users’ Data
A default permissions settings in Microsoft Power Apps might have exposed data of 38 million users online.
Critical Authentication Bypass Vulnerability Patched In Booster For WooCommerce Plugin
In order to exploit this vulnerability, an attacker would need to execute two actions. The first action an attacker would need to perform involves sending a request to the vulnerable site’s home URL with the wcj_user_id parameter set to the user ID that the attacker would like to impersonate. This would likely be set to a user ID of 1 because the first user account typically created on WordPress sites is the administrative user account and this is rarely changed.