Skip to main content

Security News

Filter by:

Thousands lured with blue badges in Instagram phishing attack

A new Instagram phishing campaign is underway, attempting to scam users of the popular social media platform by luring them with a blue-badge offer.
Bleepingcomputer 2 Sep 2022 219 Views

Microsoft found TikTok Android flaw that let hackers hijack accounts

Microsoft found and reported a high severity flaw in the TikTok Android app in February that allowed attackers to "quickly and quietly" take over accounts with one click by tricking targets into clicking a specially crafted malicious link.
Bleepingcomputer 1 Sep 2022 220 Views

Chrome extensions with 1.4 million installs steal browsing data

Threat analysts at McAfee found five Google Chrome extensions that steal track users’ browsing activity. Collectively, the extensions have been downloaded  more then 1.4  million times.
Bleepingcomputer 31 Aug 2022 247 Views

LockBit ransomware gang gets aggressive with triple-extortion tactic

LockBit ransomware gang announced that it is improving defenses against distributed denial-of-service (DDoS) attacks and working to take the operation to triple extortion level. [...]
Bleepingcomputer 29 Aug 2022 272 Views

Fake 'Cthulhu World' P2E project used to push info-stealing malware

Hackers have created a fake 'Cthulhu World' play-to-earn community, including websites, Discord groups, social accounts, and a Medium developer site, to distribute the Raccoon Stealer, AsyncRAT, and RedLine password-stealing malware infections on unsuspecting victims....
Bleepingcomputer 27 Aug 2022 235 Views

Hackers abuse Genshin Impact anti-cheat system to disable antivirus

Hackers are abusing an anti-cheat system driver for the immensely popular Genshin Impact game to disable antivirus software while conducting ransomware attacks.
Bleepingcomputer 26 Aug 2022 284 Views

Hackers adopt Sliver toolkit as a Cobalt Strike alternative

Threat actors are dumping the Cobalt Strike penetration testing suite in favor of similar frameworks that are less known. After Brute Ratel, the open-source, cross-platform kit called Sliver is becoming an attractive alternative.
Bleepingcomputer 26 Aug 2022 268 Views

Phishing attacks abusing SaaS platforms see a massive 1,100% growth

Threat actors are increasingly abusing legitimate software-as-a-service (SaaS) platforms like website builders and personal branding spaces to create malicious phishing websites that steal login credentials. [...]
Bleepingcomputer 24 Aug 2022 305 Views

Fake DDoS Protection Alerts Distribute Dangerous RAT

Threat actors are spoofing Cloudflare DDoS bot-checks in an attempt to drop a remote-access Trojan (RAT) on systems belonging to visitors to some previously compromised WordPress websites. [...]
darkreading 23 Aug 2022 309 Views

Over 80,000 exploitable Hikvision cameras exposed online

Security researchers have discovered over 80,000 Hikvision cameras vulnerable to a critical command injection flaw that's easily exploitable via specially crafted messages sent to the vulnerable web server. [...]
Bleepingcomputer 23 Aug 2022 319 Views