Collaborate Disseminate
A zero-day vulnerability affecting the Zoom client for Windows has been discovered that would allow an attacker to execute arbitrary code on remote devices. Only Windows 7 and older OSes were affected, further complicating the situation. Zoom vulnerabi… Continue reading Zero-Day Vulnerability in Zoom Affected Windows 7 Users
Mozilla suspended the Firefox Send service after it received reports that it was used by bad actors to host and send malware to unsuspecting users. Firefox Send is a service that lets people upload files and send them to other users in a secure m… Continue reading Firefox Send Used to Spread Malware, Mozilla Temporarily Stops the Service
Bad actors are using a message disguised as an official notification from the Outlook team to trick people into entering their credentials into a phishing website, leaking them in the process and exposing the company they work for. Phishing is one of t… Continue reading Fake Outlook Credential Upgrade Campaign Phishes for Employee Credentials
Researchers have found over 15 billion credentials from more than 100,000 data breaches on the dark web, including access to everything from streaming services to banking accounts and financial services. Despite what people might think about data breac… Continue reading Billions of Leaked Credentials Available on the Dark Web
More than 24.5 million records belonging to K–12 school districts and colleges in the United States have been hit by around 1,300 data breaches since 2005, according to a new report from Comparitech. Not all data breaches are intentional, or the … Continue reading US K-12 and Colleges Suffered 1,300 Data Breaches in 15 Years
The United States Secret Service issued an advisory warning of an increase in cyberattacks against managed service providers (MSP) in an effort to compromise companies using their services.
The post US Secret Service Warns of Attacks on MSPs… Continue reading US Secret Service Warns of Attacks on MSPs
A joint operation headed by European and British law agencies dismantled the Encrochat messaging service, leading to the arrests of more than 100 people as well as the seizure of numerous weapons and ammunitions, drugs and millions in criminal funds. E… Continue reading European Agencies Hack Criminal Encrochat Messaging System
A Nigerian national faces charges in the United States emanating from various cybercrime schemes that included business email compromise (BEC) frauds and a number of other alleged infractions. Ramon Olorunwa Abbas, 37, a.k.a. “Ray Hushpuppi”… Continue reading Massive BEC Scheme Run by Nigerian National Dismantled by FBI
Most Chief Information Officers (CIO) are worried about the security risks associated with the proliferation of TLS machine identities, which is aggravated by the fact that many of them don’t have an accurate account of the number of certifi… Continue reading Many CIOs Believe Expired TLS Certificates Could Affect Their Business
Microsoft released an out-of-band update for Windows 10 to patch a couple of high-severity vulnerabilities affecting the Windows Codecs Library that would allow attackers to execute arbitrary code. Windows 10 users are used to getting major updates dur… Continue reading Severe Windows 10 Vulnerabilities Fixed Ahead of Patch Tuesday