TrickBot Gang Enters Cybercrime Elite with Fresh Affiliates

The group – which also created BazarLoader and the Conti ransomware – has juiced its distribution tactics to threaten enterprises more than ever.

1d

Missouri Vows to Prosecute ‘Hacker’ Who Disclosed Data Leak

Missouri Gov. Mike Parson launched a criminal investigation of a reporter who flagged a state website that exposed 100K+ Social-Security numbers for teachers and other state employees.

1d

Rickroll Grad Prank Exposes Exterity IPTV Bug

IPTV and IP video security is increasingly under scrutiny, even by high school kids.

2d

Verizon’s Visible Wireless Carrier Confirms Credential-Stuffing Attack

Visible says yes, user accounts were hijacked, but it denied a breach. As of today, users are still posting tales of forcibly changed passwords and getting stuck with bills for pricey new iPhones.

2d

CryptoRom Scam Rakes in $1.4M by Exploiting Apple Enterprise Features

The campaign, which uses the Apple Developer Program and Enterprise Signatures to get past Apple's app review process, remains active.

3d

Podcast: 67% of Orgs Have Been Hit by Ransomware at Least Once

Fortinet’s Derek Manky discusses a recent global survey showing that two-thirds of organizations suffered at least one ransomware attack, while half were hit multiple times.

3d

FreakOut Botnet Turns DVRs Into Monero Cryptominers

The new Necro Python exploit targets Visual Tool DVRs used in surveillance systems.

3d

Brizy WordPress Plugin Exploit Chains Allow Full Site Takeovers

A stored XSS and arbitrary file-upload bug can be paired with an authorization bypass to wreak havoc.

4d

Incident Response: 5 Principles to Boost the Infosec/Legal Relationship

Effective cyber-incident response means working well with legal. Matt Dunn, associate managing director for cyber-risk at Kroll, lays out how to do it.

4d

Mandating a Zero-Trust Approach for Software Supply Chains

Sounil Yu, CISO at JupiterOne, discusses software bills of materials (SBOMs) and the need for a shift in thinking about securing software supply chains.

4d