Security News, Assessments & Alerts

Security Issues, Vulnerabilities, Exploits & Government Alerts

Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks

Mar 03, 2025Ravie LakshmananRansomware / Vulnerability Threat actors have been exploiting a security vulnerability in Paragon Partition Manager’s BioNTdrv.sys driver in ransomware attacks to escalate privileges and execute arbitrary code. The zero-day flaw (CVE-2025-0289) is…

U.K. ICO Investigates TikTok, Reddit, and Imgur Over Children’s Data Protection Practices

Mar 03, 2025Ravie LakshmananData Privacy / Compliance The U.K.’s Information Commissioner’s Office (ICO) has opened an investigation into online platforms TikTok, Reddit, and Imgur to assess the steps they are taking to protect children between…

Alerts on Zero-Day Exploits, AI Breaches, and Crypto Heists

Mar 03, 2025Ravie Lakshmanan This week, a 23-year-old Serbian activist found themselves at the crossroads of digital danger when a sneaky zero-day exploit turned their Android device into a target. Meanwhile, Microsoft pulled back the…

The New Ransomware Groups Shaking Up 2025

In 2024, global ransomware attacks hit 5,414, an 11% increase from 2023. After a slow start, attacks spiked in Q2 and surged in Q4, with 1,827 incidents (33% of the year’s total). Law enforcement actions…

Vo1d Botnet’s Peak Surpasses 1.59M Infected Android TVs, Spanning 226 Countries

Mar 03, 2025Ravie LakshmananMobile Security / Botnet Brazil, South Africa, Indonesia, Argentina, and Thailand have become the targets of a campaign that has infected Android TV devices with a botnet malware dubbed Vo1d. The improved…

Mozilla Updates Firefox Terms Again After Backlash Over Broad Data License Language

Mar 01, 2025Ravie LakshmananPrivacy / Data Protection Firefox browser maker Mozilla on Friday updated its Terms of Use a second time within a week following criticism overbroad language that appeared to give the company the…

Amnesty Finds Cellebrite’s Zero-Day Used to Unlock Serbian Activist’s Android Phone

Feb 28, 2025Ravie LakshmananMobile Security / Zero-Day A 23-year-old Serbian youth activist had their Android phone targeted by a zero-day exploit developed by Cellebrite to unlock the device, according to a new report from Amnesty…

a Double-Edged Sword for IT Teams – Essential Yet Exploitable

Remote Desktop Protocol (RDP) is an amazing technology developed by Microsoft that lets you access and control another computer over a network. It’s like having your office computer with you wherever you go. For businesses,…

Fake CAPTCHA PDFs Spread Lumma Stealer via Webflow, GoDaddy, and Other Domains

Cybersecurity researchers have uncovered a widespread phishing campaign that uses fake CAPTCHA images shared via PDF documents hosted on Webflow’s content delivery network (CDN) to deliver the Lumma stealer malware. Netskope Threat Labs said it…

Microsoft Exposes LLMjacking Cybercriminals Behind Azure AI Abuse Scheme

Feb 28, 2025Ravie LakshmananAPI Security / AI Security Microsoft on Thursday unmasked four of the individuals that it said were behind an Azure Abuse Enterprise scheme that involves leveraging unauthorized access to generative artificial intelligence…

« Previous
1
…
205
206
207
208
209
…
451
Next »