The Register

Snoops exploited Fortinet firewalls with 'probable' 0-day

Miscreants running a "mass exploitation campaign" against Fortinet firewalls, which peaked in December, may be using an unpatched zero-day vulnerability to compromise the equipment.

Security Professionals Baited by Fake Windows LDAP Exploits

Trend Micro spotted what appears to be a fork of the legitimate LDAPNightmare PoC exploit, initially published by SafeBreach Labs on January 1. But the "forked" exploit PoC actually leads to the download and execution of information-stealing malware.

Crims Backdoored Their Backdoors. Then the Domains Lapsed

Thousands of vulnerable backdoors exist on expired domains and abandoned infrastructure, exposing government and academic hosts to potential hijacking by malicious actors.

Scammers use you're fired lures in phishing campaign

The attack begins with an email that appears to be a legal notice informing recipients their employment has been terminated. In one of these scams, the email uses the subject line "Action Required: Tribunal Proceedings Against You".

Volunteer DEF CON hackers get ready to secure US water

DEF CON launched the Franklin Project to secure US water systems, starting with six firms. Partnering with the NRWA and University of Chicago, volunteers aim to fix vulnerabilities, raise awareness, and bolster defenses for 50,000 water suppliers.

SafePay ransomware gang claims attack on UK's Microlise

The new SafePay ransomware gang has claimed responsibility for the attack on UK telematics biz Microlise, giving the company less than 24 hours to pay its extortion demands before leaking data.

Scammers resort to physical Swiss post to spread malware

Citizens have been getting crafted letters faked to look like they have been sent from the nation's Federal Office of Meteorology and Climatology. They tell recipients to scan a QR code and download a "Severe Weather Warning App" for Android.

Operation Synergia II Sees Interpol Swoop on Cybercriminals

Interpol's Operation Synergia II resulted in 41 arrests and the seizure of hardware used for criminal activities around the world. Working with various partners, the operation targeted cybercriminals engaging in phishing, ransomware, and data theft.

Apple Opens Private Cloud Compute to Public Scrutiny

Apple introduced the Private Cloud Compute platform during its Worldwide Developer Conference for running AI applications, and is now seeking help from the public to identify security vulnerabilities.

More WhatsApp Privacy Concerns Over OS, Device Info Leaks

Security researchers at Zengo found that WhatsApp generates different message IDs based on the operating system, creating unique and persistent identities for each linked device.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags