Posted inArticles
From Schneier on Security – Troy Hunt Gets Phished
In case you need proof that anyone, even people who do cybersecurity for a living, Troy Hunt has a long, iterative story on his webpage about how he got phished.…
Posted inNews
From The Hacker News – PJobRAT Malware Campaign Targeted Taiwanese Users via Fake Chat Apps
An Android malware family previously observed targeting Indian military personnel has been linked to a new campaign likely aimed at users in Taiwan under the guise of chat apps.
"PJobRAT can steal SMS messages, phone contacts, device and app information, documents, and media files from infected Android devices," Sophos security researcher Pankaj Kohli said in a Thursday analysis.
PJobRAT, first
.webp)
Posted inNews
From Cyber Security News – BlackLock Ransomware Hacked 40+ Organization Within Two Months
BlackLock ransomware has emerged as one of the most notorious cybersecurity threats of 2025, compromising more than 40 organizations within just two months. The fast-rising ransomware group has targeted victims…
Posted inArticles
From Krebs on Security – ClickFix: How to Infect Your PC in Three Easy Steps
A clever malware deployment scheme first spotted in targeted attacks last year has now gone mainstream. In this scam, dubbed "ClickFix," the visitor to a hacked or malicious website is…
.webp)
Posted inNews
From Cyber Security News – Microsoft Warns of Cyber Attack Mimic Booking .com To Deliver Password Stealing Malware
Microsoft Threat Intelligence has identified an ongoing phishing campaign impersonating Booking.com to deliver credential-stealing malware. The campaign, which began in December 2024, targets hospitality organizations in North America, Oceania, Asia,…
Posted inNews
From Cyber Security News – LibreOffice Vulnerability Let Attackers Execute Arbitrary Script Using Macro URL
A critical security vulnerability in LibreOffice tracked as CVE-2025-1080, has exposed millions of users to potential remote code execution attacks through manipulated macro URLs. Patched in versions 24.8.5 and 25.2.1…
Posted inNews
From Dark Reading – Bogus ‘BianLian’ Gang Sends Snail-Mail Extortion Letters
The letters mimic typical ransom notes and threaten to delete or leak compromised data if payments aren't made, though none of the organizations that received them had active ransomware attacks. Read…
Posted inArticles
From Graham Cluley – Fake police call cryptocurrency investors to steal their funds
Have you had a phone call from police about your cryptocurrency wallet? Be on your guard - you could be about to be scammed. Read more in my article on…
Posted inNews
From Cyber Security News – Hackers Abused Google & PayPal’s Infrastructure to Steal Users Personal Data
Security researchers have uncovered a coordinated attack campaign exploiting vulnerabilities in Google’s advertising ecosystem and PayPal’s merchant tools to steal sensitive user data. The operation leverages Google Search ads impersonating…
Posted inNews
From Security Week – Alabama Man Pleads Guilty to Hacking SEC’s X Account
[[{"value":"Eric Council Jr. pleaded guilty to hacking the X (formerly Twitter) account of the US Securities and Exchange Commission. The post Alabama Man Pleads Guilty to Hacking SEC’s X Account…
Posted inNews
From Cyber Security News – 12K+ KerioControl Firewall Instances Vulnerable to 1-Click RCE Exploit
A critical security vulnerability, CVE-2024-52875, has been identified in GFI KerioControl firewalls, affecting versions 9.2.5 through 9.4.5. This flaw, which can be exploited for remote code execution (RCE), has already…
.webp)
Posted inNews
From Cyber Security News – NetSupport RAT Grant Attackers Full Access To Victims Systems
Cybersecurity experts have observed a significant increase in the use of the NetSupport Remote Access Trojan (RAT) in recent months, a malicious tool that allows attackers to gain full control…