Bleeping Computer

Hackers leaked altered Pfizer data to sabotage trust in vaccines

The European Medicines Agency (EMA) today revealed that some of the stolen Pfizer/BioNTech vaccine candidate data was doctored by threat actors before being leaked online with the end goal of undermining the public's trust in COVID-19 vaccines.

Windows Finger command abused by phishing to download malware

The 'Finger' command is a utility that originated in Linux/Unix operating systems that allows a local user to retrieve a list of users on a remote machine or information about a particular remote user.

Scotland environmental regulator hit by ‘ongoing’ ransomware attack

The Scottish Environment Protection Agency (SEPA) confirmed on Thursday that some of its contact center, internal systems, processes, and internal communications were affected following a ransomware attack that took place on Christmas Eve.

Verified Twitter accounts hacked in $580k ‘Elon Musk’ crypto scam

Over the past week, security researcher MalwareHunterTeam has seen an uptick in verified Twitter accounts hacked in a scam promoting another fake Elon Musk cryptocurrency giveaway.

Undisclosed Apache Velocity XSS vulnerability impacts GOV sites

An undisclosed Cross-Site Scripting (XSS) vulnerability in Apache Velocity Tools can be exploited by unauthenticated attackers to target government sites, including NASA.

Windows 10 zero-day bug corrupts your hard drive on seeing this file's icon

When exploited, this vulnerability can be triggered by a single-line command to instantly corrupt an NTFS-formatted hard drive, with Windows prompting the user to restart their computer to repair the corrupted disk records.

Hackers Bypassed MFA to Access Cloud Service Accounts

The US Cybersecurity and Infrastructure Security Agency (CISA) said today that threat actors bypassed multi-factor authentication (MFA) authentication protocols to compromise cloud service accounts.

New SolarLeaks Site Claims to Sell Data Stolen in SolarWinds Attacks

The website claims to be selling Microsoft source code and repositories for $600,000. Microsoft confirmed that threat actors accessed their source code during their SolarWinds breach.

New Zealand Reserve Bank breached using bug patched on Xmas Eve

A statement released by Accellion yesterday states that they became aware of a vulnerability in their legacy FTA service in mid-December, and a patch was deployed to all customers.

Mac malware uses 'run-only' AppleScripts to evade analysis

A recently observed variant makes analyzing even more difficult as it embeds a run-only AppleScript into another scripts and uses URLs in public web pages to download the actual Monero miner.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags