Author Archives: Elizabeth Montalbano

GEICO Alerts Customers Hackers Stole Driver License Data for Two Months

Posted on April 20, 2021 by Elizabeth Montalbano

The second-largest auto insurance provider in the U.S. has since fixed the vulnerability that exposed information from its website. Continue reading GEICO Alerts Customers Hackers Stole Driver License Data for Two Months→

Google Project Zero Cuts Bug Disclosure Timeline to a 30-Day Grace Period

Posted on April 16, 2021 by Elizabeth Montalbano

The zero-day flaw research group has revised its disclosure of the technical details of vulnerabilities in the hopes of speeding up the release and adoption of fixes. Continue reading Google Project Zero Cuts Bug Disclosure Timeline to a 30-Day Grace Period→

Attackers Target ProxyLogon Exploit to Install Cryptojacker

Posted on April 15, 2021 by Elizabeth Montalbano

Threat actors targeted compromised Exchange servers to host malicious Monero cryptominer in an “unusual attack,” Sophos researchers discovered. Continue reading Attackers Target ProxyLogon Exploit to Install Cryptojacker→

100,000 Google Sites Used to Install SolarMarket RAT

Posted on April 14, 2021 by Elizabeth Montalbano

Search-engine optimization (SEO) tactics direct users searching for common business forms such as invoices, receipts or other templates to hacker-controlled Google-hosted domains. Continue reading 100,000 Google Sites Used to Install SolarMarket RAT→

Chrome Zero-Day Exploit Posted on Twitter

Posted on April 13, 2021 by Elizabeth Montalbano

An update to Google’s browser that fixes the flaw is expected to be released on Tuesday. Continue reading Chrome Zero-Day Exploit Posted on Twitter→

Data from 500M LinkedIn Users Posted for Sale Online

Posted on April 9, 2021 by Elizabeth Montalbano

Like the Facebook incident earlier this week, the information — including user profile IDs, email addresses and other PII — was scraped from the social-media platform. Continue reading Data from 500M LinkedIn Users Posted for Sale Online→

Hackers Exploit Fortinet Flaw in Sophisticated Cring Ransomware Attacks

Posted on April 8, 2021 by Elizabeth Montalbano

Industrial enterprises in Europe are target of campaign, which forced a shutdown of industrial processes in at least one of its victims’ networks, according to researchers. Continue reading Hackers Exploit Fortinet Flaw in Sophisticated Cring Ransomware Attacks→

Facebook: Stolen Data Scraped from Platform in 2019

Posted on April 7, 2021 by Elizabeth Montalbano

The flaw that caused the leak of personal data of more than 533 million users over the weekend no longer exists; however, the social media giant still faces an investigation by EU regulators. Continue reading Facebook: Stolen Data Scraped from Platform in 2019→

Conti Gang Demands $40M Ransom from Florida School District

Posted on April 6, 2021 by Elizabeth Montalbano

New details of negotiation between attackers and officials from Broward County Public Schools emerge after a ransomware attack early last month. Continue reading Conti Gang Demands $40M Ransom from Florida School District→

Robinhood Warns Customers of Tax-Season Phishing Scams

Posted on April 2, 2021 by Elizabeth Montalbano

Attackers are impersonating the stock-trading broker using fake websites to steal credentials as well as sending emails with malicious tax files. Continue reading Robinhood Warns Customers of Tax-Season Phishing Scams→