A hack-for-hire group, called Dark Basin, has been outed after targeting thousands of individuals and organizations worldwide - including advocacy groups and journalists, elected and senior government officials, and hedge funds - over the course of seven years. Dark Basin conducted commercial espionage on behalf of their clients, against customers' opponents involved in high-profile public events, criminal cases, financial transactions, news stories and advocacy, according to researchers at Citizen Lab. READ MORE...
A vulnerability (CVE-2020-12695) in Universal Plug and Play (UPnP), which is implemented in billions of networked and IoT devices - personal computers, printers, mobile devices, routers, gaming consoles, Wi-Fi access points, and so on - may allow unauthenticated, remote attackers to exfiltrate data, scan internal networks or make the devices participate in DDoS attacks. READ MORE...
In late May, KrebsOnSecurity alerted numerous officials in Florence, Ala. that their information technology systems had been infiltrated by hackers who specialize in deploying ransomware. Nevertheless, on Friday, June 5, the intruders sprang their attack, deploying ransomware and demanding nearly $300,000 worth of bitcoin. City officials now say they plan to pay the ransom demand, in hopes of keeping the personal data of their citizens off of the Internet. READ MORE...
Video gaming firm Nintendo has warned customers to not reuse passwords on different services after releasing an increased tally of compromised accounts. Back in April the firm first reported that it had identified 160,000 compromised accounts. Now, in an update, following an investigation by the firm, Nintendo revealed that it was adding an extra 160,000 - bringing the total to 300,000. READ MORE...
Today is Microsoft's June 2020 Patch Tuesday, and as many Windows administrators will be routinely screaming at computers, please be nice to them! With the release of the June 2020 Patch Tuesday security updates, Microsoft has released one advisory for an Adobe Flash Player update and fixes for 129 vulnerabilities in Microsoft products. Of these vulnerabilities, 11 are classified as Critical, 109 as Important, 7 as Moderate, and 2 as Low. READ MORE...
Adobe released patches for four critical flaws in Flash Player and in its Framemaker document processor as part of its regularly scheduled updates. The bugs, if exploited, could enable arbitrary code-execution. In Tuesday's June Adobe security updates, critical flaws tied to three CVEs were patched in Adobe Framemaker, which is Adobe's application designed for writing and editing large or complex documents. READ MORE...