Cybercrime , Fraud Management & Cybercrime Browser Data, Crypto Wallets and Chat Apps Are Also Top Targets, Researchers Report Mathew J. Schwartz (euroinfosec) • November 13, 2023 Image: Shutterstock In the dubious race for popularity among cybercriminals, Redline Stealer appears to be far and away attackers’ top choice for malware built to steal […]
Millions of browser-based cryptocurrency wallets are affected by an open-source software vulnerability that can be abused by attackers to steal over $1 billion worth of cryptocurrency. The vulnerability, dubbed as Randstorm, affects the 0.13 version of Bitcoin JS, a popular JavaScript library used to generate cryptocurrency wallets. More in detail The vulnerability primarily affects multiple […]
Millions of cryptocurrency wallets created between 2011 and 2015 are potentially affected by an open source software vulnerability and might need to be regenerated, according to new research from Unciphered. While helping a customer regain access to a locked Bitcoin wallet last year, Unciphered discovered issues in the open source JavaScript Bitcoin library BitcoinJS that […]
The UK’s critical infrastructure (CNI) providers face a persistent and critical threat from emboldened state-backed and aligned actors, a leading UK cybersecurity agency has warned. The National Cyber Security Centre (NCSC), part of GCHQ, issued the warning in its Annual Review 2023. Over the past year it has repeatedly sounded the alarm over the activity […]
Breach Notification , Cybercrime , Fraud Management & Cybercrime 6 Data Breach Have Been Filed Against the Company in the Past Week Marianne Kolbasuk McGee (HealthInfoSec) • November 14, 2023 Postmeds, which operates as Truepill, is notifying 2.36 million patients that their information was compromised in a recent hacking incident. (Image: Truepill) A […]
The IPStorm botnet evolved since 2019, targeting Windows, Linux, Mac, and Android devices, using the InterPlanetary File System (IPFS) network to hide its activities and offering access to thousands of compromised systems for a high price.
What do basketball teams, government agencies, and car manufacturers have in common? Each one has been breached, having confidential, proprietary, or private information stolen and exposed by insiders. In each case, the motivations and methods varied, but the risk remained the same: insiders have access to too much data with too few controls. Insider threats […]
Nov 15, 2023NewsroomPatch Tuesday / Zero-Day Microsoft has released fixes to address 63 security bugs in its software for the month of November 2023, including three vulnerabilities that have come under active exploitation in the wild. Of the 63 flaws, three are rated Critical, 56 are rated Important, and four are rated Moderate in severity. […]
VMware has disclosed a critical authentication bypass vulnerability (CVE-2023-34060) affecting its Cloud Director appliance deployments. The flaw only affects upgraded versions of the VCD Appliance 10.5.