EvilQuest Mac Ransomware Has Keylogger, Crypto Wallet-Stealing Abilities
A rare, new Mac ransomware has been discovered spreading via pirated software packages.
StrongPity APT Back with Kurdish-Aimed Watering Hole Attacks
The spy malware is being delivered via a complex infrastructure with multiple layers, in an effort to avoid analysis.
UCSF Pays $1.14M After NetWalker Ransomware Attack
UCSF has paid more than $1 million after a ransomware attack encrypted data related to “important” academic research on several servers.
CISA: Nation-State Attackers Likely to Exploit Palo Alto Networks Bug
An authentication-bypass vulnerability allows attackers to access network assets without credentials when SAML is enabled on certain firewalls and enterprise VPNs.
How to Safeguard Data When the Majority of Your Workforce is Remote
More employees working remotely most likely means an increased reliance on cloud services and applications.
REvil Ransomware Gang Adds Auction Feature for Stolen Data
An anonymous bidding mechanism enhances the REvil group’s double-extortion game.
Tuesday’s Magento 1 EOL Leaves Clock Ticking on 100K Online Stores
Adobe and payment-card companies are making last-minute pleas for e-commerce sites to update to Magento 2, to avoid Magecart attacks and more.
AWS Facial Recognition Platform Misidentified Over 100 Politicians As Criminals
Comparitech’s Paul Bischoff found that Amazon’s facial recognition platform misidentified an alarming number of people, and was racially biased.
Unpatched Wi-Fi Extender Opens Home Networks to Remote Control
The Homeplug device, from Tenda, suffers from web server bugs as well as a DoS flaw.
DarkCrewFriends Returns with Botnet Strategy
The botnet can be used to mount different kinds of attacks, including code-execution and DDoS.