Jeremy McClure

The botnet can be used to mount different kinds of attacks, including code-execution and DDoS.

DarkCrewFriends Returns with Botnet Strategy

Researchers believe that Click2Gov, municipal payment software, may be at the heart of this most recent government security incident.

8 U.S. City Websites Targeted in Magecart Attacks

The carding store victimized mainly U.S. citizens and is responsible for $20 million in fraudulent purchases.

‘Cardplanet’ Operator Sentenced to 9 Years for Selling Stolen Credit Cards

The creator of the Satori/Okiru, Masuta and Tsunami/Fbot botnets has been sentenced to prison for compromising hundreds of thousands of devices.

Satori Botnet Creator Sentenced to 13 Months in Prison

App will stop reading users’ device cut-and-paste data after a new banner alert in an Apple update uncovered the activity.

TikTok To Stop Clipboard Snooping After Apple Privacy Feature Exposes Behavior

Lawmakers proposed a new bill that would ban the use of facial recognition by law enforcement nationwide.

Nationwide Facial Recognition Ban Proposed By Lawmakers

A first-stage malware loader spotted in active campaigns has added additional exploits and a new backdoor capability.

Golang Worm Widens Scope to Windows, Adds Payload Capacity

Several high-severity flaws in Nvidia’s GPU display drivers for Windows users could lead to code-execution, DoS and more.

Nvidia Warns Windows Gamers of Serious Graphics Driver Bugs

Threat actors shift focus from COVID-19 to employee coronavirus training and current events like Black Lives Matter as cyber-attacks continue to rise.

Office 365 Users Targeted By ‘Coronavirus Employee Training’ Phish

The CryCryptor malware strain is a brand-new family of threats, leveraging COVID-19 to spread.

Emerging Ransomware Targets Photos, Videos on Android Devices

Ongoing spear-phishing attacks aim at stolen Windows credentials for ICS suppliers worldwide.

Steganography Anchors Pinpoint Attacks on Industrial Targets

Attackers managed to compromise NTT Communication’s Active Directory server and a construction information management server.

NTT Communications Data Breach Affects Customers, Threatens Supply Chain

The Russian spy group, a.k.a. BlackEnergy, is actively compromising Exim mail servers via a critical security vulnerability.

NSA Warns of Sandworm Backdoor Attacks on Mail Servers

Google TAG report reveals that “hack for hire” firms are tapping into the coronavirus pandemic via WHO phishing lures.

‘Hack-For-Hire’ Firms Spoof WHO To Target Google Credentials

Watchdog group said company has violated the Illinois BIPA and ‘will end privacy as we know it’ without intervention.

ACLU Sues Clearview AI Over Faceprint Collection, Sale

The DDoS group sets itself apart by using exploits — but it doesn’t always pan out.

Inside the Hoaxcalls Botnet: Both Success and Failure

Attackers compromised six Cisco VIRL-PE servers that are affected by critical SaltStack vulnerabilities.

Hackers Compromise Cisco Servers Via SaltStack Flaws

The lawsuit, filed against Google by Arizona’s Attorney General, alleges that the tech giant uses “deceptive and unfair conduct” to obtain users’ location data.

Google Location Tracking Lambasted in Arizona Lawsuit

Microsoft has warned on a new breed of patient ransomware attacks that lurk in networks for weeks before striking.

PonyFinal Ransomware Targets Enterprise Servers Then Bides Its Time

Phishing campaigns targeting enterprises in U.S. and Germany have been used to nab enterprise mailing info, passwords and certificates.

Valak Loader Revamped to Rob Microsoft Exchange Servers