Skip to main content

Security News

Filter by:

Microsoft to retire Exchange Online client access rules in a year

Microsoft announced today that it will retire Client Access Rules (CARs) in Exchange Online within a year, by September 2023.
BleepingComputer 28 Sep 2022 305 Views

North Korea's Lazarus Hackers Targeting macOS Users Interested in Crypto Jobs

The infamous Lazarus Group has continued its pattern of leveraging unsolicited job opportunities to deploy malware targeting Apple's macOS operating system.
The Hacker News 28 Sep 2022 206 Views

Hackers use PowerPoint files for 'mouseover' malware delivery

Hackers believed to work for Russia have started using a new code execution technique that relies on mouse movement in Microsoft PowerPoint presentations to trigger a malicious PowerShell script.
BleepingComputer 27 Sep 2022 219 Views

New Erbium password-stealing malware spreads as game cracks, cheats

The new 'Erbium' information-stealing malware is being distributed as fake cracks and cheats for popular video games to steal victims' credentials and cryptocurrency wallets.
BleepingComputer 27 Sep 2022 218 Views

Hackers Using Fake CircleCI Notifications to Hack GitHub Accounts

GitHub has put out an advisory detailing what may be an ongoing phishing campaign targeting its users to steal credentials and two-factor authentication (2FA) codes by impersonating the CircleCI DevOps platform.
The Hacker News 26 Sep 2022 203 Views

Microsoft SQL servers hacked in TargetCompany ransomware attacks

Vulnerable Microsoft SQL servers are being targeted in a new wave of attacks with FARGO ransomware, security researchers are warning.
BleepingComputer 26 Sep 2022 150 Views

Hackers stealing GitHub accounts using fake CircleCI notifications

GitHub is warning of an ongoing phishing campaign that started on September 16 and is targeting its users with emails that impersonate the CircleCI continuous integration and delivery platform.
BleepingComputer 23 Sep 2022 203 Views

Microsoft Exchange servers hacked via OAuth apps for phishing

Microsoft says a threat actor gained access to cloud tenants hosting Microsoft Exchange servers in credential stuffing attacks, with the end goal of deploying malicious OAuth applications and sending phishing emails.
BleepingComputer 23 Sep 2022 199 Views

Deepfake audio has a tell and researchers can spot it

Imagine the following scenario. A phone rings. An office worker answers it and hears his boss, in a panic, tell him that she forgot to transfer money to the new contractor before she left for the day and needs him to do it. She gives...
arstechnica 21 Sep 2022 365 Views

American Airlines discloses data breach after employee email compromise

American Airlines has notified customers of a recent data breach after attackers compromised an undisclosed number of employee email accounts and gained access to sensitive personal information. [...]
Bleepingcomputer 20 Sep 2022 214 Views