Skip to main content

Security News

Filter by:

Getting ready for a post-quantum world

Under Data Encryption, the CISA Zero Trust Maturity Model v2. cites the criticality of “cryptographic agility” on the third (out of four) level of maturity. Cryptographic agility is the ability to change the underlying cryptographic algorithms in applications and communications channels. I...
AT&T Cybersecurity 15 Sep 2023 0 Views

MGM Resorts ESXi servers allegedly encrypted in ransomware attack

An affiliate of the BlackCat ransomware group, also known as APLHV, is behind the attack that disrupted MGM Resorts’ operations, forcing the company to shut down IT systems.
Bleeping Computer 15 Sep 2023 4306 Views

New 3AM Ransomware Used as a Backup to LockBit Infection

A new ransomware family dubbed 3AM has emerged in the threat landscape. It was detected in an attack by a LockBit affiliate who attempted to deploy the ransomware when LockBit was blocked on the targeted network.
Cyware News 15 Sep 2023 0 Views

Windows 11 ‘ThemeBleed’ RCE bug gets proof-of-concept exploit

Proof-of-concept exploit code has been published for a Windows Themes vulnerability tracked as CVE-2023-38146 that allows remote attackers to execute code.
Bleeping Computer 15 Sep 2023 523 Views

When LockBit Ransomware Fails, Attackers Deploy Brand-New '3AM'

Nothing good happens after 2 a.m., they say, especially when hackers have two kinds of ransomware at their disposal.
Dark Reading 14 Sep 2023 525 Views

Check Point Research reports a large-scale phishing attack targeting over 40 Colombian based companies

Over the past two months, Check Point researchers have come across a novel large-scale phishing campaign that specifically targeted over 40 prominent companies spanning various industries in Colombia. The primary objective of the attackers was to surreptitiously implant the infamous “Remcos” malware onto victims...
Check Point 13 Sep 2023 101 Views

Sophisticated Phishing Campaign Deploying Agent Tesla, OriginBotnet, and RedLine Clipper

A sophisticated phishing campaign is using a Microsoft Word document lure to distribute a trifecta of threats, namely Agent Tesla, OriginBotnet, and RedLine Clipper, to gather a wide range of information from compromised Windows machines.
Cyware News 13 Sep 2023 503 Views

Google fixes another Chrome zero-day bug exploited in attacks

Google released emergency security updates to fix the fourth Chrome zero-day vulnerability exploited in attacks since the start of the year. [...]
Bleepingcomputer 12 Sep 2023 584 Views

Microsoft will block 3rd-party printer drivers in Windows Update

Microsoft will block third-party printer driver delivery in Windows Update as part of a substantial and gradual shift in its printer driver strategy over the next 4 years. [...]
Bleepingcomputer 12 Sep 2023 622 Views

Unearthed touchscreen iMac G3 prototype evokes a very different era of Apple

25 years ago, Apple was cool with firms hacking up kiosk-friendly touch iMacs.
Ars Technica 12 Sep 2023 4695 Views