BillQuick Billing App Rigged to Inflict Ransomware
A SQL injection bug in the BillQuick billing app has not only leaked sensitive information, it’s also let malicious actors remotely execute code and deploy ransomware.
Read moreHacks
SolarWinds APT Targets Tech Resellers in Latest Supply-Chain Cyberattacks
The Nobelium group, linked to Russia’s spy agency, is looking to use resellers as a path to infiltrate their valuable downstream customers – and it’s working.
Read moreGoogle Crushes YouTube Cookie-Stealing Channel Hijackers
Google has caught and brushed off a bunch of cookie-stealing YouTube channel hijackers who were running cryptocurrency scams on, or auctioning off, ripped-off channels.
Read moreLyceum APT Returns, This Time Targeting Tunisian Firms
The APT, which targets Middle-Eastern energy firms & telecoms, has been relatively quiet since its exposure but not entirely silent. It’s kept up attacks through 2021 and is working on retooling its arsenal yet again.
Read moreTwitter Suspends Accounts Used to Snare Security Researchers
The accounts were used to catfish security researchers into downloading malware in a long-running cyber-espionage campaign attributed to North Korea.
Read moreVerizon’s Visible Wireless Carrier Confirms Credential-Stuffing Attack
Visible says yes, user accounts were hijacked, but it denied a breach. As of today, users are still posting tales of forcibly changed passwords and getting stuck with bills for pricey new iPhones.
Read moreFreakOut Botnet Turns DVRs Into Monero Cryptominers
The new Necro Python exploit targets Visual Tool DVRs used in surveillance systems.
Read moreMicrosoft Kills Bug Being Exploited in MysterySnail Espionage Campaign
Microsoft’s October 2021 Patch Tuesday included security fixes for 74 vulnerabilities, one of which is a zero-day being used to deliver the MysterySnail RAT to Windows servers.
Read moreIncident Response: 5 Principles to Boost the Infosec/Legal Relationship
Effective cyber-incident response means working well with legal. Matt Dunn, associate managing director for cyber-risk at Kroll, lays out how to do it.
Read moreNavy Warship’s Facebook Page Hacked to Stream ‘Age of Empires’ Gaming
The destroyer-class USS Kidd streamed hours of game play in a funny incident that has serious cybersecurity ramifications.
Read more