Data belonging to a California community college has been compromised in a “sophisticated” cyberattack.  Adversaries struck the Ohlone Community College District (OCCD) network in Fremont on January 20, 2022, disrupting access to certain files.…

Security researchers at Kaspersky recently published their Spam and Phishing in 2021 report.  In 2021 nearly half of emails destined for inboxes were classed as spam, with Russia the biggest culprit.  Most of the spam came from machines in…

Master decryption keys have been released for the Maze, Sekhmet, and Egregor ransomware strains. The alleged malware developer released the master ransomware keys for these three strains on the Bleeping Computer forums. The security firm, Emsisoft, has…

Onapsis Research Labs and the software company, SAP, discovered critical vulnerabilities affecting SAP applications using SAP Internet Communication Manager (ICM). Organizations use SAP applications to manage critical business processes, such as…

Attackers have increasingly targeted Linux environments due to the frequent use of Linux as the basis for cloud services, virtual-machine hosts, and container-based infrastructure. According to VMware's "Exposing Malware in Linux-Based Multi-Cloud…

Security researchers at Defiant, a WordPress security company, discovered that thousands of WordPress websites were impacted by three remote code execution vulnerabilities that were identified in the PHP Everywhere plugin. With more than 30,000 downloads…

The UK, US, and Australian authorities have issued a new warning for critical infrastructure (CNI) providers after a surge in ransomware attacks over the past year.  The joint cybersecurity advisory comes from the UK’s National Cyber Security Centre…

Software-Over-The-Air (SOTA) updates can help hackers steal a car, depending on the vehicle's level of SOTA capability and its level of communication security. A vehicle would directly receive SOTA updates from a cloud-based server. SOTA is an important…

In collaboration with MalwareHunterTeam, Minerva Labs analyzed a malicious Telegram installer that threat actors are using to infect victims with the Purple Fox rootkit. The researchers found that the malicious Telegram installer is a compiled AutoIt…

According to a report recently released by HYPR and Cybersecurity Insiders, many organizations remain vulnerable to credential attacks because of inadequate Multi-Factor Authentication (MFA) and a general lack of urgency about the growing threat…

According to new research from TSB, romance fraud losses surged by 91% during COVID-19 compared to pre-pandemic levels.  The bank said it had observed cases of romance fraud double in the pandemic as a result of the shift to online dating amid…

A cyberattack on a community college in Tennessee may have exposed the personal data of students, staff, and faculty.   Adversaries struck Pellissippi State Community College (PSCC) with ransomware on December 5, 2021.  The attack shut down…