Tag: security
No, the government isn’t fining you for a traffic offense — it’s malware
No, your company’s vehicle wasn’t involved in a car crash, and you’re not getting a five-figure fine for it from the government – it’s all an elaborate scheme to get you to install information-stealing malware on your computer, experts have warned. Cybersecurity researchers from the Cofense Intelligence Team recently published…
Read More
Millions of SurveyLama users have data exposed in major breach
Online survey platform SurveyLama suffered a data breach in which sensitive data on more than four million people were exposed. The company confirmed the breach to Troy Hunt, the creator of the Have I Been Pwned? website which aggregates email addresses exposed in data breaches. According to BleepingComputer, the breach…
Read More
This previously unknown malware has some crafty tricks for avoiding antivirus
Cybersecurity researchers from Trend Micro have uncovered a brand new piece of malware that uses an unusual method of hiding from antivirus programs. The malware is called UNAPIMON, and is apparently being used by Winnti, an established Chinese state-sponsored threat actor that was behind some of the most devastating attacks…
Read More
Another top WordPress plugin has a serious security flaw — patch now to keep your website safe
Another major WordPress plugin was found vulnerable to a high-severity flaw which allowed malicious actors to steal sensitive information from the website, including password hashes. LayerSlider has published a new security advisory, saying the product is now in version 7.10.1, but adding, “This update includes important security fixes.” While the…
Read More
Top yacht retailer MarineMax says cyberattack led to major online data breach
MarineMax has confirmed suffering a cyberattack, thought to be ransomware, in which threat actors stole sensitive customer information. In an 8-K form, filed with the Securities and Exchange Commission (SEC) on April 1, the company, one of the leading yacht sellers worldwide, said a third party “gained unauthorized access to…
Read More
Hallucinated packages could be the next big security risk hitting AI developers
The risks of Generative AI tools being able to “hallucinate” – or suggest sources, or tools, that don’t exist – has long been a concern for developers. Now, experts have warned that if a threat actor discovers a Generative AI hallucination of a, let’s say, software package, they can actually…
Read More