Restore Control Over Your Browsing Experience—Malwarebytes Browser Guard Enhances Protection Against Search Hijacking Threats
Search hijacking, also known as browser hijacking, is a sophisticated tactic employed by cybercriminals to alter a user’s browser settings without permission. This malicious activity can lead users to…

Mozilla Announces Update 139.0.1 for Firefox to Address Artifacts on Nvidia GPU Systems
Mozilla has announced the release of Firefox version 139.0.1, addressing graphical artifact issues that occurred after the previous release on May 27. This update was necessitated by user reports…

China-Linked Threat Actors Target SAP and SQL Server Vulnerabilities in Operations Across Asia and Brazil
The recent exploitation of a critical security vulnerability in SAP NetWeaver has been linked to a state-sponsored threat actor based in China, which has extended its attack campaign to…

FBI Identifies Philippine Technology Firm as Key Player in Cryptocurrency Scam Infrastructure
The FBI has issued a warning regarding the activities of a Philippines-based company identified as Funnull Technology Inc. (Funnull), which is believed to operate an infrastructure that facilitates a…

Bradford Health Systems Identifies Unusual Network Activity; Issuance of Breach Notifications Initiated This Week.
Bradford Health Systems in Alabama has issued a security notice regarding an incident that has impacted employee and patient data. On December 8, 2023, Bradford Health identified unusual activity…

Threat Actor Allegedly Breaches TikTok, Puts 428 Million Records Up for Auction
A threat actor known as “Often9” has claimed to sell the personal records of 428 million TikTok users on a dark web forum. This significant data breach allegedly includes…

Law Enforcement Disrupts AVCheck Platform Exploited by Cybercriminals for Malware Assessment
An international law enforcement operation has successfully dismantled AVCheck, a service utilized by cybercriminals for testing the detection capabilities of their malware against commercial antivirus solutions prior to its…

EDDIESTEALER Malware Circumvents Chrome’s App-Bound Encryption, Compromising Browser Data Security
A new malware campaign is distributing an advanced Rust-based information stealer, EDDIESTEALER, utilizing the widely recognized ClickFix social engineering strategy, initiated through deceptive CAPTCHA verification pages.

This campaign effectively…

Mandatory Disclosure of Ransomware Payments Commences in Australia
New ransomware payment reporting rules have been enacted in Australia, effective May 30, impacting organizations with an annual turnover of AUD $3 million (USD $1.93 million). These provisions, integrated…

Comstar LLC Enters into Corrective Action Plan and Settlement Agreement with HHS OCR
In May 2022, it was reported that Comstar LLC, an ambulance billing service based in Massachusetts, initiated notifications to an undisclosed number of individuals following a data security breach…

Revival of Haozi Phishing Service in China: A Threat Amplifying Criminal Revenues
A Chinese-language platform known as Haozi is revolutionizing the landscape of cybercrime by providing a PhaaS (Phishing as a Service) solution that requires minimal technical expertise. This plug-and-play service…

Exploitation of Critical Vulnerability in vBulletin Forum Software by Cyber Threat Actors
Recent discoveries have identified two critical vulnerabilities in the open-source forum software vBulletin, one of which is confirmed to be actively exploited in the wild.

The identified flaws, designated…

Transforming from Compliance Constraints to Enabling Innovation: A Healthcare CISO’s Path to Advancing Modern Care Solutions
When Jason Elrod, CISO of MultiCare Health System, articulates the challenges of legacy healthcare IT environments, he underscores a critical perspective: “Healthcare often progresses in reverse, focusing on the…

US Banks Advocate for Repeal of Cyber Disclosure Regulation
The US banking sector is actively seeking the revocation of a recent rule from the US Securities and Exchange Commission (SEC) regarding the reporting of cyber incidents. The coalition…

Mandatory Disclosure of Ransom Payments by Australian Cybercrime Victims to Government Authorities
Australia has recently implemented groundbreaking legislation that mandates organizations to report any extortion payments made to cybercriminals as a result of ransomware attacks. This measure positions Australia as the…

Critical Vulnerabilities in Linux Enable Exfiltration of Password Hashes through Core Dumps in Ubuntu, RHEL, and Fedora
Two information disclosure vulnerabilities have been identified in Apport and systemd-coredump, the core dump handling systems used in various Linux distributions, including Ubuntu, Red Hat Enterprise Linux, and Fedora.…

GangExposed Unveils Identity of Conti Leaders in Significant Ransomware Data Disclosure
A whistleblower, operating under the alias GangExposed, has unveiled significant details regarding key individuals associated with the Conti and Trickbot ransomware groups. This individual has released a substantial cache…

Transforming Enterprise Operations in 2025: The Impact of Flowable’s Advanced Automation Solutions
As organizations increasingly encounter the challenge of maximizing output while minimizing resource expenditure, automation platforms are emerging as essential tools for operational efficiency. Flowable stands out as a robust…

Understanding Facebook’s Data Collection Practices: Insights from Lock and Code S06E11
This week on the Lock and Code podcast, we delve into the extensive data that Facebook collects about its users.

In an effort to enhance transparency, Facebook introduced an…

Impersonation of Recruiter Communications Affects CFOs Utilizing Authentic NetBird Tool Across Six Global Regions
Cybersecurity professionals have identified a sophisticated spear-phishing campaign leveraging a legitimate remote access tool, Netbird, to target Chief Financial Officers (CFOs) and financial executives at institutions including banks, energy…