Cybersecurity

Cyber Radicalization by Bangladeshi Islamists

Militant Islamism has posed a significant challenge to Bangladesh since the 1980s, with various conflicts in the Middle East serving as significant motivating factors. The Palestinian struggle for an independent state motivated the first generation of militants in Bangladesh…

Teslas and other Bluetooth-enabled locks can be hacked

The cybersecurity firm NCC Group just demonstrated that millions of locks worldwide can be unlocked by hackers using a vulnerability in Bluetooth technology, and a Tesla was the company’s prime example. Tesla vehicles, like the Model 3 and Model Y, use a technology…

‘Multi-tasking doctor’ was mastermind behind ‘Thanos’ ransomware builder, DOJ says

A French-Venezuelan physician created the “Thanos” ransomware builder and other tools used by cybercriminals, according to charges unveiled Monday by the Department of Justice. The criminal complaint, unsealed in a Brooklyn federal court, said 55-year-old Moises Luis…

Sysrv-K Botnet Targets Windows, Linux

Microsoft researchers say they are tracking a botnet that is leveraging bugs in the Spring Framework and WordPress plugins. Unpatched vulnerabilities in the Spring Framework and WordPress plugins are being exploited by cybercriminals behind the Sysrv botnet to target…

UpdateAgent Returns with New macOS Malware Dropper Written in Swift

A new variant of the macOS malware tracked as UpdateAgent has been spotted in the wild, indicating ongoing attempts on the part of its authors to upgrade its functionalities. "Perhaps one of the most identifiable features of the malware is that it relies on the AWS infrastructure…

NVIDIA fixes ten vulnerabilities in Windows GPU display drivers

NVIDIA has released a security update for a wide range of graphics card models, addressing four high-severity and six medium-severity vulnerabilities in its GPU drivers. The security update fixes vulnerabilities that can lead to denial of service, information disclosure…

Ransomware Hits American Healthcare Company Omnicell

Multinational company Omnicell recently confirmed that it had experienced a data breach after following a reported ransomware attack, impacting internal systems. The company, headquartered in Mountain View, California, USA, learned of the ransomware attack, which…

CISA warns admins to patch actively exploited Spring, Zyxel bugs

The Cybersecurity and Infrastructure Security Agency (CISA) has added two more vulnerabilities to its list of actively exploited bugs, a code injection bug in the Spring Cloud Gateway library and a command injection flaw in Zyxel firmware for business firewalls and…

Hackers target Tatsu WordPress plugin in millions of attacks

Hackers are massively exploiting a remote code execution vulnerability, CVE-2021-25094, in the Tatsu Builder plugin for WordPress, which is installed on about 100,000 websites. Up to 50,000 websites are estimated to still run a vulnerable version of the plugin, although a patch…

Costa Rican president claims collaborators are aiding Conti's ransomware extortion efforts

Collaborators within Costa Rica are helping the notorious Conti ransomware group extort the country’s government, the country’s president said during a Monday press conference, backing up claims the group made on its website the same day. The president, Rodrigo Chaves, cited…