Cybersecurity

Notorious Vietnamese hacker turns government cyber agent

At the height of his career, Vietnamese hacker Ngo Minh Hieu made a fortune stealing the personal data of hundreds of millions of Americans. Now he has been recruited by his own authoritarian government to hunt, he says, the kind of cyber criminal he once used to be…

Alleged leader of Nigerian email fraud group has been captured, Interpol says

Interpol said Wednesday that it struck a major blow against a cybercrime group known for business email compromise (BEC) scams aimed at stealing money from companies around the world. The international law enforcement agency announced that the cybercrime unit of…

Link Found Connecting Chaos, Onyx and Yashma Ransomware

A slip-up by a malware author has allowed researchers to taxonomize three ransomware variations going by different names. For a year now, threat actors have been using different versions of the same ransomware builder – “Chaos” – to attack governments, corporations…

Zero-Click Zoom Bug Allows Code Execution Just by Sending a Message

A vulnerability chain discovered in Zoom's chat functionality can be exploited to allow zero-click remote code execution (RCE), threat hunters have revealed. Google's Project Zero uncovered an attack path that would allow cyber adversaries to silently force a victim to…

Organizations Urged to Fix 41 Vulnerabilities Added to CISA’s Catalog of Exploited Flaws

The Cybersecurity and Infrastructure Security Agency (CISA) has added 41 vulnerabilities to its catalog of known exploited flaws this week. The US federal agency has urged all organizations to remediate these vulnerabilities promptly to “reduce their exposure to…

BPFDoor malware uses Solaris vulnerability to get root privileges

New research into the inner workings of the stealthy BPFdoor malware for Linux and Solaris reveals that the threat actor behind it leveraged an old vulnerability to achieve persistence on targeted systems. BPFDoor is a custom backdoor that has been used largely undetected for…

Conti leaks data stolen during January attack on Oregon county

The Conti ransomware gang has published all of the data it stole during a January attack on the government servers of Linn County, Oregon. The group — which appears to be reorganizing itself, according to cybersecurity experts — released nearly 1,500 documents…

New ‘Cheers’ Linux ransomware targets VMware ESXi servers

A new ransomware named ‘Cheers’ has appeared in the cybercrime space and has started its operations by targeting vulnerable VMware ESXi servers. VMware ESXi is a virtualization platform commonly used by large organizations worldwide, so encrypting them typically…

GoodWill Ransomware Demands People Help the Most Vulnerable

‘Ransomware with a cause’ has been detected in New Delhi, India. The cryptoviral extortion demands that people donate clothing to the homeless, provide children with food in branded pizza shops and offer financial assistance to those in urgent need of medical care…

Chrome 102 Patches 32 Vulnerabilities

Google on Tuesday announced the stable channel release of Chrome 102, which patches 32 vulnerabilities, including a critical flaw reported by an anonymous researcher. The critical security hole, tracked as CVE-2022-1853, has been described as a use-after-free bug affecting…