Do you have problems configuring Microsoft's Defender? You might not be alone: Microsoft admitted that whatever it's using for its defensive implementation exacerbated yesterday's Azure instability. No one has blamed the actual product named "Windows Defender," we must note. According to Microsoft, the initial trigger event for yesterday's outage, which took out great swathes of the web, was a distributed denial-of-service (DDoS) attack. READ MORE...
The City of Columbus, Ohio, says it stopped a July 18 ransomware attack, but it is still investigating the amount of data the attackers had accessed. Initially disclosed on July 19 in a Facebook post, the incident forced Columbus to take systems offline for containment purposes, which led to multiple city services being disrupted. The 911 and 311 systems remained unaffected by the attack. READ MORE...
The developers of EvilProxy - a phishing kit dubbed the "LockBit of phishing" - have produced guides on using legitimate Cloudflare services to disguise malicious traffic. This adds to the ever-growing arsenal of tools offering criminals who lack actual technical expertise to get into the digital thievery biz. EvilProxy is a reverse-proxy phishing kit sold on dark-web marketplaces, earning it the moniker "phishing-as-a-service" (PhaaS). READ MORE...
A mysterious family of Android malware with a demonstrated history of effectively concealing its myriad spying activities has once again been found in Google Play after more than two years of hiding in plain sight. The apps, disguised as file-sharing, astronomy, and cryptocurrency apps, hosted Mandrake, a family of highly intrusive malware that security firm Bitdefender called out in 2020. Bitdefender said the apps appeared in two waves, one in 2016 through 2017 and again in 2018 through 2020. READ MORE...
A novel malware with more than 107,000 samples that has been targeting Android devices for more than two years is stealing SMS messages to acquire one-time passwords (OTPs) and other sensitive user data for further malicious activity. The malware, aptly dubbed "SMS Stealer" and which has a substantial cybercriminal infrastructure behind it, spreads via dynamically changing mobile apps distributed through Telegram messages or ads for legitimate apps. READ MORE...
Zscaler is aware of a company that paid a record-breaking $75 million ransom to the Dark Angels ransomware group, the cybersecurity firm revealed in its ThreatLabz 2024 Ransomware Report. Data collected by the company between April 2023 and April 2024 shows an 18% year-over-year increase in ransomware attacks, according to the report. As for the record-breaking ransom payment, the company said it was paid by an unnamed victim in early 2024. READ MORE...
More than a million domain names - including many registered by Fortune 100 firms and brand protection companies - are vulnerable to takeover by cybercriminals thanks to authentication weaknesses at a number of large web hosting providers and domain registrars, new research finds. Your Web browser knows how to find a site like example.com thanks to the global Domain Name System (DNS). READ MORE...