The North Korea-linked Kimsuky hacking group has been attributed to a new social engineering attack that employs fictitious Facebook accounts to targets via Messenger and ultimately delivers malware. "The threat actor created a Facebook account with a fake identity disguised as a public official working in the North Korean human rights field," South Korean cybersecurity company Genians

​Microsoft has acknowledged a new known issue causing this month's KB5037765 security update for Windows Server 2019 to fail to install with 0x800f0982 errors. [...]

The North Korean hacker group Kimsuki has been using a new Linux malware called Gomir that is a version of the GoBear backdoor delivered via trojanized software installers. [...]

Security researchers have disclosed almost a dozen security flaws impacting the GE HealthCare Vivid Ultrasound product family that could be exploited by malicious actors to tamper with patient data and even install ransomware under certain circumstances. "The impacts enabled by these flaws are manifold: from the implant of ransomware on the ultrasound machine to the access and manipulation of

The Microsoft Threat Intelligence team said it has observed a threat actor it tracks under the name Storm-1811 abusing the client management tool Quick Assist to target users in social engineering attacks. "Storm-1811 is a financially motivated cybercriminal group known to deploy Black Basta ransomware," the company said in a report published on May 15, 2024. The

Google has rolled out fixes to address a set of nine security issues in its Chrome browser, including a new zero-day that has been exploited in the wild. Assigned the CVE identifier CVE-2024-4947, the vulnerability relates to a type confusion bug in the V8 JavaScript and WebAssembly engine. It was reported by Kaspersky researchers Vasily Berdnikov and Boris

​Google has released a new emergency Chrome security update to address the third zero-day vulnerability exploited in attacks within a week. [...]

​Google is introducing multiple anti-theft and data protection features later this year, some available only for Android 15+ devices, while others will roll out to billions of devices running Android 10 and later. [...]

Today, Google announced new security features coming to Android 15 and Google Play Protect that will help block scams, fraud, and malware apps on users' devices. [...]

Nissan North America (Nissan) suffered a data breach last year when a threat actor targeted the company's external VPN and shut down systems to receive a ransom. [...]

​The U.S. Department of Justice has indicted two brothers for allegedly manipulating the Ethereum blockchain and stealing $25 million worth of cryptocurrency within approximately 12 seconds in a "first-of-its-kind" scheme. [...]

Apple's antifraud technology has blocked more than $7 billion in potentially fraudulent transactions in four years, the company states in its latest annual fraud prevention analysis. [...]

​Financially motivated cybercriminals abuse the Windows Quick Assist feature in social engineering attacks to deploy Black Basta ransomware payloads on victims' networks. [...]

The FBI has seized the notorious BreachForums hacking forum that leaked and sold stolen corporate data to other cybercriminals. [...]

Banco Santander S.A. announced it suffered a data breach impacting customers after an unauthorized actor accessed a database hosted by one of its third-party service providers. [...]

Alexey Pertsev, one of the main developers of the Tornado Cash cryptocurrency tumbler has been sentenced to 64 months in prison for his part in helping launder more than $2 billion worth of cryptocurrency. [...]

The D-Link EXO AX4800 (DIR-X4860) router is vulnerable to remote unauthenticated command execution that could lead to complete device takeovers by attackers with access to the HNAP port. [...]

Today, ​Microsoft fixed a known issue breaking VPN connections across client and server platforms after installing the April 2024 Windows security updates. [...]

The Singing River Health System is warning that it is now estimating that 895,204 people are impacted by a ransomware attack it suffered in August 2023. [...]