Neowin News Feed for: Infosec

Deal Alert: Lifetime of InfoSec4TC Platinum Membership now at 81% off

Neowin Deals — Sun, 02 Nov 2025 21:00:01 +0000

Be an expert on InfoSec4TC with unlimited access to self-paced courses on GSEC, CISSP and more with this cyber security training. Read more...

Get this lifetime InfoSec4TC Platinum Membership for only $69.99

Neowin Deals — Wed, 02 Apr 2025 17:00:01 +0000

Be an expert on InfoSec4TC with unlimited access to self-paced courses on GSEC, CISSP and more with this cyber security training. Read more...

Reddit claimed to have been hacked by BlackCat, and it has threatened to leak the data

Steve Bennett — Sun, 18 Jun 2023 12:24:01 +0000

Further to Reddit's recent woes since the announcement of the API pricing change, claims have surfaced that it has suffered a data breach at the hands of BlackCat, with 80GB of zipped data taken. Read more...

Lifetime of InfoSec4TC Platinum Membership Price Dropped to just $49.97

Neowin Deals — Sat, 08 Apr 2023 17:00:02 +0000

Be an expert on InfoSec4TC with unlimited access to self-paced courses on GSEC, CISSP and more with this cyber security training and save hundreds of dollars off the normal cost via Neowin Deals. Read more...

Linus Tech Tips' YouTube channels were hacked due to a session hijacking attack

Justin Luna — Fri, 24 Mar 2023 12:18:01 +0000

YouTuber Linus Sebastian confirmed in a new video that his channels were taken over by hackers due to a session hijacking attack. This attack bypasses passwords and MFA to infiltrate an account. Read more...

Australian financial company Latitude gets hacked, customer data stolen

Justin Luna — Thu, 16 Mar 2023 01:48:01 +0000

Australian digital payments and lending company Latitude Financial has suffered a hacking incident. This allows cybercriminals to get a hold of the identification documents of 328,000 customers. Read more...

Cybercriminals are using AI-generated YouTube videos to spread malware

Justin Luna — Wed, 15 Mar 2023 15:34:02 +0000

CloudSEK has discovered that threat actors are recently posting YouTube videos that "offer" cracked software downloads. They are even using AI-generated avatars to make the clips look legitimate. Read more...

Study: Over 721 million passwords were leaked in 2022

Justin Luna — Tue, 14 Mar 2023 14:46:01 +0000

A new research paper discovered 721.5 million credentials exposed online. According to the study, 50% of the data came from botnets that deployed information-stealing malware to victims' devices. Read more...

Los Angeles housing authority discloses data breach after it suffers ransomware attack

Justin Luna — Tue, 14 Mar 2023 04:20:01 +0000

The Housing Authority of the City of Los Angeles recently announced that it suffered a data breach due to a ransomware attack. The incident gave hackers access to members' sensitive information. Read more...

Microsoft to protect users better from phishing attacks that exploit OneNote

Justin Luna — Sat, 11 Mar 2023 17:12:01 +0000

Microsoft is set to introduce enhanced security to its OneNote program. This comes after threat actors started exploiting the note-taking app for their phishing campaigns to steal sensitive data. Read more...

Windows-based ransomware now infects Linux devices as well

Justin Luna — Fri, 10 Mar 2023 15:22:01 +0000

A ransomware variant commonly known to target Windows PCs has recently been found infecting Linux computers as well. The variant does this by exploiting a flaw in IBM's Aspera Faspex software. Read more...

Business email compromise attacks can happen in mere hours, according to Microsoft

Justin Luna — Fri, 10 Mar 2023 05:38:01 +0000

Microsoft's Security Intelligence team recently found that threat actors behind business email compromise attacks are now moving quickly to avoid detection and stop victims from blocking the attack. Read more...

Acer confirms data breach after threat actor sells 160GB of its data online

Justin Luna — Wed, 08 Mar 2023 08:00:02 +0000

Computer company Acer recently confirmed that it suffered a data breach after a threat actor started selling some of its sensitive data online. No consumer data was reportedly affected. Read more...

Beware: Cryptojacking malware hiding behind pirated Final Cut Pro downloads

Justin Luna — Fri, 24 Feb 2023 11:08:01 +0000

A piece of cryptojacking malware was recently found hiding in pirated versions of Apple programs, such as Final Cut Pro and Logic Pro X. The malware can easily avoid detection through a script. Read more...

Canadian telecom company Telus investigating potential data breach

Justin Luna — Fri, 24 Feb 2023 06:58:01 +0000

Telecommunications company Telus is looking into the possibility of a data breach. This comes after a cybercriminal allegedly gained access to employee data, GitHub repositories, and more. Read more...

Fruits and vegetables company Dole suffers ransomware attack

Justin Luna — Fri, 24 Feb 2023 03:36:01 +0000

Fruits and vegetables company Dole recently suffered a ransomware attack that forced it to shut down its production plants. The company is working with experts to remediate the issue. Read more...

Cybercriminals distribute fake ChatGPT apps online to push malware

Justin Luna — Thu, 23 Feb 2023 04:06:01 +0000

Threat actors were recently seen advertising fake ChatGPT apps for Windows and Android. When downloaded, the apps will steal sensitive information or subscribe the victim to premium services. Read more...

'Mylobot' botnet infecting 50,000 devices per day worldwide

Justin Luna — Wed, 22 Feb 2023 14:20:01 +0000

A botnet called "Mylobot" is infecting over 50,000 devices daily, according to a recent report. Mylobot can download more malware, send spam emails, and even remain idle to avoid detection. Read more...

'Stealc' information-stealing malware emerges from the dark web

Justin Luna — Wed, 22 Feb 2023 06:32:01 +0000

An information-stealing malware called "Stealc" was recently seen being advertised to other cybercriminals on the dark web. It can also be contracted through fake software crack websites. Read more...

'HardBit' ransomware asks victims to provide insurance details to identify ransom demand

Justin Luna — Tue, 21 Feb 2023 04:06:01 +0000

The threat actors behind a ransomware strain called "HardBit" were recently seen asking victims to provide them with their insurance details. This is so they can tailor their demand within the policy. Read more...

Atlassian suffers data breach, blames Envoy, which then blames Atlassian

Justin Luna — Fri, 17 Feb 2023 15:30:02 +0000

Software giant Atlassian recently suffered a data breach. The company blamed the incident on Envoy, a third-party workplace management services provider. However, Envoy countered this claim. Read more...

New ESXiArgs ransomware variant can evade CISA's recovery script

Justin Luna — Thu, 16 Feb 2023 05:42:02 +0000

The cybercriminals behind the ESXiArgs ransomware have created a new variant that evades the recovery script that the U.S. CISA recently released. The new version also comes with a new ransom note. Read more...

Pepsi Bottling Ventures suffers data breach due to information-stealing malware

Justin Luna — Tue, 14 Feb 2023 01:38:01 +0000

Pepsi Bottling Ventures has suffered a data breach as a result of an unknown party installing information-stealing malware on its internal systems. The breach occurred as early as December 23, 2022. Read more...

Domain registrar Namecheap's email hacked to send DHL, Metamask phishing emails

Justin Luna — Mon, 13 Feb 2023 05:12:01 +0000

The email account of domain registrar Namecheap was recently hacked, which allowed criminals to distribute phishing emails. The company has since rectified the issue after stopping all emails. Read more...

Reddit suffers security breach after employee falls for phishing attack

Justin Luna — Fri, 10 Feb 2023 02:20:01 +0000

Reddit recently suffered a security breach that allowed cybercriminals to access some of its internal data and systems. The incident was a result of a successful phishing attack against the company. Read more...

Google Fi suffers data breach, allowing hackers to steal sensitive information

Justin Luna — Wed, 01 Feb 2023 07:48:01 +0000

Google Fi recently suffered a data breach that allowed hackers to access various data like phone numbers and account statuses. It's likely that the hack is connected to the recent T-Mobile breach. Read more...

New ransomware strain exploits Windows search tool Everything

Justin Luna — Fri, 27 Jan 2023 03:44:01 +0000

A ransomware strain that exploits a legitimate Windows search tool has recently been discovered by security researchers. The new variant can disable Windows Defender and even prevent shutdowns. Read more...

Yahoo was the most phished brand of 4Q'22, according to research

Justin Luna — Tue, 24 Jan 2023 13:34:01 +0000

According to new research by cybersecurity firm Check Point, Yahoo was the most impersonated brand by cybercriminals who sent phishing emails. Others who made the list include Google and DHL. Read more...

Cybercriminals are now exploiting OneNote to spread malware

Justin Luna — Mon, 23 Jan 2023 04:22:01 +0000

Because Microsoft has now blocked macros by default on Office files, cybercriminals are now using digital note-taking app OneNote to victimize people and infect their devices with malware. Read more...

Cybercriminals use fake Pokémon NFT game to install remote access tool

Justin Luna — Mon, 09 Jan 2023 04:06:01 +0000

A new Pokémon-themed malware campaign has been discovered online. While it disguises itself as a trading card game where players can earn NFTs, it actually downloads a remote access tool. Read more...

Get a lifetime of InfoSec4TC Platinum Membership at 94% off for just $54.99

Neowin Deals — Thu, 05 Jan 2023 18:00:01 +0000

Twitter suffers data leak as hackers expose information of 235 million users

Justin Luna — Thu, 05 Jan 2023 03:48:01 +0000

The information of about 235 million Twitter users has been leaked. The leak contains names, email addresses, Twitter handles, and follower count. The data is even free for anyone to download. Read more...

5 Simple cybersecurity tips you can practice in 2023

Justin Luna — Tue, 03 Jan 2023 09:44:01 +0000

As we enter a new year, cybercriminals will develop more dangerous and sophisticated cyberthreats. Thankfully, there are many things you can do to mitigate the risk of falling victim to them. Read more...

Identity management solutions provider Okta gets its GitHub account hacked

Justin Luna — Wed, 21 Dec 2022 09:16:01 +0000

Access management solutions provider Okta recently had its GitHub source code repositories hacked. The company assures the public that no customer data was stolen, and Okta remains operational. Read more...

Android malware campaign steals Facebook accounts, victimizes 300,000 users

Justin Luna — Fri, 02 Dec 2022 04:46:01 +0000

An Android threat campaign using fraudulent educational apps was recently found. It can capture various Facebook information such as profile name, email address, password, and phone number. Read more...

Cybercriminals are exploiting TikTok's 'Invisible Body' challenge to deploy malware

Justin Luna — Tue, 29 Nov 2022 09:30:02 +0000

Be careful before you install that TikTok "unfiltering" software — it might be loaded with malware that can steal your passwords, Discord accounts, cryptocurrency wallets, and credit card data. Read more...

Study: Almost 50% of macOS malware only comes from one app

Justin Luna — Wed, 16 Nov 2022 07:20:01 +0000

A report by Elastic Security Labs found that 6.2% of malware ends up on macOS devices. However, almost 50% of this malware come from one source, a utility software suite called MacKeeper. Read more...

Dropbox announces security breach after employees fall victim to phishing attack

Justin Luna — Wed, 02 Nov 2022 09:06:02 +0000

Popular file hosting service Dropbox recently suffered a data breach that gave threat actors access to 130 of its code repositories. This was after Dropbox employees fell victim to a phishing scam. Read more...

Cybercriminals are already sending phishing emails about Twitter's verification revamp

Justin Luna — Tue, 01 Nov 2022 13:56:02 +0000

Not long after Twitter's new CEO Elon Musk announced his plans to revamp the platform's verification process, cybercriminals are already exploiting the situation by sending out phishing emails. Read more...

New 'Azov' ransomware strain frames cybersecurity researchers

Justin Luna — Mon, 31 Oct 2022 06:50:01 +0000

A newly discovered ransomware strain is framing cybersecurity experts by claiming that they are the ones behind the attacks. However, the people blamed are not associated in any way with the malware. Read more...