The industrial automation giant ABB confirmed it was hit by a ransomware attack earlier this month that resulted in the theft of unspecified data. A threat actor accessed ABB's IT environment and deployed ransomware that is not self-propagating, impacting a "limited number" of servers and endpoints, the Switzerland-based company said last week in a press release and FAQ about the attack. READ MORE...
I know this will come as a shock to many of you, but scammers have once again succeeded in stealing a lot of money from cryptocurrency investors. The Twitter account of American DJ and electronic music producer Steve Aoki, who is considered something of an "influencer" in the world of cryptocurrency, lies at the heart of the scam. According to a tweet posted by self-proclaimed blockchain sleuth ZachXBT, a hack of Aoki's Twitter account cost cryptoinvestors thousands of dollars. READ MORE...
A number of Discord communities focused on cryptocurrency have been hacked this past month after their administrators were tricked into running malicious Javascript code disguised as a Web browser bookmark. According to interviews with victims, several of the attacks began with an interview request from someone posing as a reporter for a crypto-focused news outlet online. Those who take the bait are sent a link to a Discord server that appears to be the official Discord of the crypto news site. READ MORE...
Antivirus company Doctor Web has identified spyware in over 100 Android applications that had more that 421 million cumulative downloads in Google Play. The malicious module, which Doctor Web named 'SpinOk', is distributed as a marketing SDK. On victims' devices, it can collect information about files, can send files to the attackers, and can steal clipboard content. READ MORE...
Salesforce customers are abandoning their sites without deactivating them, leaving sensitive corporate, vendor, and user data behind. The problem occurs within what the service calls "Communities," busy sites that allow partners, vendors, and customers to collaborate within a company's Salesforce environment. By their nature, Communities contain lots of potentially high-value business and personal information, which can be exposed when administrators aren't diligent enough. READ MORE...
A zero-day vulnerability affecting Barracuda Networks email security appliances has been exploited to deploy malware and steal data from organizations for several months before it was discovered. The zero-day, tracked as CVE-2023-2868 and described as a remote command injection issue, impacts Email Security Gateway (ESG) appliances running versions 5.1.3.001 through 9.2.0.006. Barracuda became aware of attacks targeting its product on May 18 and confirmed the existence of a new vulnerability the next day. READ MORE...
The premium WordPress plugin 'Gravity Forms,' currently used by over 930,000 websites, is vulnerable to unauthenticated PHP Object Injection. Gravity Forms is a custom form builder website owners use for creating payment, registration, file upload, or any other form required for visitor-site interactions or transactions. On its website, Gravity Forms claims it is used by a wide variety of large companies, including Airbnb, ESPN, Nike, NASA, PennState, and Unicef. READ MORE...
The cyber-underground menu of criminal services now includes on-demand, human-assisted CAPTCHA-breaking functionality, researchers are warning - meaning that website admins should look to implement additional anti-bot protections as a result. CAPTCHAs are familiar to most Internet users as challenges that are used to confirm that they're human. The Turing test-adjacent puzzles usually involve typing in a word presented as blurred or distorted text, or clicking all photos in a grid with a certain object. READ MORE...