Joomla! vulnerability is being actively exploited

The Cybersecurity and Infrastructure Security Agency (CISA) has added a vulnerability for the Joomla! Content Management System (CMS) to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This means that Federal Civilian Executive Branch (FCEB) agencies need Read More …

Financial Fraud APK Campaign

During Unit 42 ivestigation discovering threats in legitimate network traffic, activity generated by a certain type of Android Package Kit (APK) files kept hitting their radar. The research revealed a family of malicious APKs targeting Chinese users that steals victim Read More …

Dallas says cyberattack targeted more people than previously disclosed

Hackers who targeted the city of Dallas had access to the addresses, Social Security numbers and other personal information of nearly 300 more people than what had been previously disclosed to the public, city officials now say. The city’s spokesperson Read More …

Atomic Stealer rings in the new year with updated version

Last year, Malwarebytes Labs researchers documented malware distribution campaigns both via malvertising and compromised sites delivering Atomic Stealer (AMOS) onto Mac users. This stealer has proven to be quite popular in the criminal underground and its developers have been adding Read More …

Texas-based care provider HMG Healthcare says hackers stole unencrypted patient data

Texas-based care provider HMG Healthcare has confirmed that hackers accessed the personal data of residents and employees, but says it has been unable to determine what types of data were stolen. HMG Healthcare is headquartered in The Woodlands, Texas, and Read More …

Thailand: Elderly to get anti-scam education as cybercrime explodes

Alarmed by research indicating that the elderly are the most vulnerable to fraudsters, Thailand’s Ministry of Social Development and Human Security and CIB cybercrime investigators will collaborate with partners to provide digital literacy to senior people nationwide. The minister, Varawut Read More …

SEC says ‘compromised’ account to blame for tweet approving Bitcoin ETF

The Securities and Exchange Commission (SEC) said Tuesday that a post sent from the agency’s account on the social platform X/Twitter announcing the approval of a long-awaited bitcoin exchange-traded fund was “unauthorized”, and that the agency’s account had been “compromised”. Read More …

AI aids nation-state hackers but also helps US spies to find them, says NSA cyber director

Nation state-backed hackers and criminals are using generative AI in their cyberattacks, but U.S. intelligence is also using artificial intelligence technologies to find malicious activity, according to a senior U.S. National Security Agency official. “We already see criminal and nation Read More …

Fidelity National Financial says hackers stole data on 1.3 million customers

Real estate services giant Fidelity National Financial (FNF) has confirmed hackers stole data on 1.3 million of its customers during a November cyberattack that knocked the company offline for a week. FNF said in a filing Tuesday with federal regulators: Read More …