Unnamed org compromised with two malware sets An unknown attacker has abused a couple of flaws in Ivanti Endpoint Manager Mobile (EPMM) and deployed two sets of malware against an unnamed organization, according to the US Cybersecurity and Infrastructure Security Agency.… READ MORE HERE…
Outside experts say the vulnerability has probably already been exploited Budding ransomware crooks have another shot at exploiting Fortra’s GoAnywhere MFT product now that a new 10/10 severity vulnerability needs patching.… READ MORE HERE…
Bad opsec Thalha Jubair, one of the two UK teens arrested on Tuesday and accused of being members of the notorious Scattered Spider cybercrime gang, allegedly played a role in bilking more than 100 organizations out of at least $115 million in ransom payments. The cops nabbed him after following a number of clues, including paying for gift cards from a wallet on the same server that also held wallets receiving extortion payments.… READ MORE HERE…
Until Microsoft lobbed it into a virtual volcano A security researcher claims to have found a flaw that could have handed him the keys to almost every Entra ID tenant worldwide.… READ MORE HERE…
Sixth such Chrome flaw this year spotted by the Chocolate Factory, already in play Google pushed an emergency patch for a high-severity Chrome flaw, already under active exploitation. So it’s time to make sure you’re running the most recent version of the web browser.… READ MORE HERE…
Decisive action comes nearly a year after the attack and first arrest took place Two teenagers are set to appear in court today after being charged with offences related to the cyberattack on Transport for London (TfL) in August 2024.… READ MORE HERE…
As the Trump administration guts efforts to counter election disinfo The Russian troll farm that in the lead-up to the 2024 US presidential election posted a bizarro video claiming Democratic candidate Kamala Harris was a rhino poacher, is back with hundreds of new fake news websites serving up phony political commentary with an AI assist.… READ MORE HERE…
Prosecutors say Conor Fitzpatrick’s crimes caused ‘incalculable’ damage The founder of the popular cybercrime website BreachForums will spend three years in prison after previously being let off with a slap on the wrist.… READ MORE HERE…
Redmond names alleged ringleader, claims 5K+ creds stolen and $100k pocketed Microsoft has seized 338 websites associated with RaccoonO365 and identified the leader of the phishing service – Joshua Ogundipe – as part of a larger effort to disrupt what Redmond’s Digital Crimes Unit calls the “fastest-growing tool used by cybercriminals to steal Microsoft 365 usernames and passwords.”… READ MORE HERE…
Tech evolved from PoC to global campaign in under two months An attack called FileFix is masquerading as a Facebook security alert before ultimately dropping the widely used StealC infostealer and malware downloader.… READ MORE HERE…