Google Chrome warns uBlock Origin may soon be disabled
Google Chrome is now encouraging uBlock Origin users who have updated to the latest version to switch to other ad blockers before Manifest v2 extensions are disabled. As uBlock Origin lead developer and maintainer Raymond Hill explained on Friday, this is the result of Google deprecating support for the Manifest v2 (MV2) extensions platform in […]
New Android malware wipes your device after draining bank accounts
A new Android malware that researchers call ‘BingoMod’ can wipe devices after successfully stealing money from the victims’ bank accounts using the on-device fraud technique. Promoted through text messages, the malware poses as a legitimate mobile security tool and can steal up to 15,000 EUR per transaction. According to researchers analyzing it, BingoMod is currently under […]
FBI warns of scammers posing as crypto exchange employees
The Federal Bureau of Investigation (FBI) warns of scammers posing as employees of cryptocurrency exchanges to steal funds from unsuspecting victims. While the FBI didn’t share what prompted today’s public service announcement, it was likely motivated by a surge of reports of fraudsters using this tactic to access victims’ accounts and siphon off their digital […]
Microsoft says massive Azure outage was caused by DDoS attack
Microsoft confirmed today that a nine-hour outage on Tuesday, which took down and disrupted multiple Microsoft 365 and Azure services worldwide, was triggered by a distributed denial-of-service (DDoS) attack. Redmond says the outage impacted Microsoft Entra, some Microsoft 365 and Microsoft Purview services (including Intune, Power BI, and Power Platform), as well as Azure App […]
Dark Angels ransomware receives record-breaking $75 million ransom
A Fortune 50 company paid a record-breaking $75 million ransom payment to the Dark Angels ransomware gang, according to a report by Zscaler ThreatLabz. “In early 2024, ThreatLabz uncovered a victim who paid Dark Angels $75 million, higher than any publicly known amount— an achievement that’s bound to attract the interest of other attackers looking […]
CISA warns of VMware ESXi bug exploited in ransomware attacks
CISA has ordered U.S. Federal Civilian Executive Branch (FCEB) agencies to secure their servers against a VMware ESXi authentication bypass vulnerability exploited in ransomware attacks. Broadcom subsidiary VMware fixed this flaw (CVE-2024-37085) discovered by Microsoft security researchers on June 25 with the release of ESXi 8.0 U3. CVE-2024-37085 allows attackers to add a new user […]
New Specula tool uses Outlook for remote code execution in Windows
Microsoft Outlook can be turned into a C2 beacon to remotely execute code, as demonstrated by a new red team post-exploitation framework named “Specula,” released today by cybersecurity firm TrustedSec. This C2 framework works by creating a custom Outlook Home Page using WebView by exploiting CVE-2017-11774, an Outlook security feature bypass vulnerability patched in October 2017. “In […]
NVIDIA Begins Sampling Its Next-Gen AI Powerhouse, Blackwell, All Over The World, Mass Production On-Track
NVIDIA will begin sampling the first Blackwell AI accelerators across the globe this week as the firm demonstrates unparalleled performance with its next-gen architecture. NVIDIA CEO Jensen Huang Provides Update On Blackwell At The SIGGRAPH, Sampling Starts This Week, Also Reveals Several New “AI Bits” It was a delight to see NVIDIA’s CEO Jensen Huang […]
Intel Lunar Lake “Core Ultra 200V” Officially Launches on 3rd September: Next-Gen CPU, GPU & NPU For Thin & Light Laptops
Intel has officially announced that it will be launching its next-gen Lunar Lake “Core Ultra 200V” CPUs on 3rd September. Intel’s Next-Gen Lunar Lake “Core Ultra 200V” CPUs Headed To Thin & Light Laptops With Massive Architectural Changes The Intel Lunar Lake CPUs will be a major breakthrough for Team Blue with a combination of new architectures […]
1 million HotJar users vulnerable to XSS attacks
By combining OAuth features with an age-old cross-site scripting (XSS) vulnerability, Salt Labs researchers were able to take over any account in HotJar and Business Insider online services. Because HotJar serves more than 1 million websites, including, Adobe, Microsoft, T-Mobile, and Nintendo, security pros considered the issue serious, even though many protections were layered into […]