In a joint bulletin released by cybersecurity authorities from multiple countries, it has been revealed that the notorious LockBit ransomware gang has extorted a staggering $91 million from approximately 1,700 US organizations since 2020. The bulletin was published by the US Cybersecurity and
On Monday, the Office of the Director of National Intelligence released a report providing new information on how U.S. intelligence agencies have taken advantage of the commercial availability of data on American citizens. The partially declassified report, dated January 2022, has a redacted author
Trend Micro researchers have shed light on the emergence of an advanced malware obfuscation engine called BatCloak. This highly sophisticated tool has demonstrated a remarkable ability to outsmart antivirus solutions, posing new challenges for the cybersecurity community. Running analysis and
US and British cybersecurity officials have issued a warning about an emerging surge of cyber-intrusions targeting the MOVEit file transfer software. MOVEit is widely used by corporations to securely exchange highly sensitive data, making it a valuable target for cybercriminals. The breaches have
A novel phishing technique known as "File Archiver in the Browser'' could leverage .ZIP domains to deceive users into opening malicious files. Google recently introduced the option to register .ZIP and .MOV domains, which sparked debates about potential cybersecurity risks as these are the same as
Microsoft has agreed to pay $20 million to the Federal Trade Commission (FTC) to settle charges regarding the improper collection and storage of childrens’ data via Xbox Live. The FTC alleged that the tech giant collected childrens’ data without their parent’s consent. In some cases, this data was
A cybersecurity firm, CloudSEK, has discovered many apps infected with SpinOk malware on the Google Play store after an extensive investigation. Their research team identified 193 infected apps, 43 of which were still active on the Google Play Store within the past week. The SpinOk Malware was
A global Magecart attack has wreaked havoc on numerous eCommerce websites, compromising thousands of customers' personal data and credit card information. The sophisticated cybercriminal group responsible for the attack has been injecting malicious scripts into legitimate websites, including
Amazon has agreed to pay a combined $30.8 million to settle privacy allegations brought forth by the Federal Trade Commission (FTC). The lawsuit revolved around privacy lapses related to Amazon's Ring doorbell units and its Alexa assistant. Of the total settlement amount, $5.8 million will be paid
A team of researchers from Varonis Threat Labs recently made a significant discovery regarding certain Salesforce sites. These sites, known as Salesforce Ghost Sites, were once active sites that were left unattended. By exploiting vulnerabilities in the host headers of these websites, malicious