LinkedIn Becomes the Most Impersonated Brand for Phishing Attacks

The research found that phishing attempts impersonating LinkedIn made up 52% of attacks globally in Q1 2022

MetaMask Asks Apple Users to Disable iCloud Backup for Wallet After User Lost $650,000

MetaMask has warned Apple users to disable automatic iCloud backup of their wallet data. The warning results from the losses sustained by an NFT collector, Domenic Lacovone, using the Twitter…

Blockchain warning: Hackers are targeting developers and DevOps teams

The US government has detailed how North Korean state-sponsored attackers have been hacking cryptocurrency firms using phishing, malware and exploits to steal funds and initiate fraudulent blockchain transactions.  The Federal…

Court rules that data scraping is legal in LinkedIn appeal

It seems self-evident that public data on a website is, well, public. But, that’s never stopped people from arguing that scraping–copying data from public websites–is somehow illegal. Now, the  U.S.…

A Zero-Click Vulnerability Is Exploited by NSO Spyware

Citizen Lab researchers have discovered two independent Pegasus malware campaigns, that targeted the prime minister’s office and other official UK government networks as well as the Catalan presidents and members…

Lazarus Hackers Make Use of Fraudulent Crypto Apps, US Warns

CISA, the FBI, and the US Treasury Department have recently issued a warning that firms in the cryptocurrency and blockchain industries are being targeted by the North Korean Lazarus hacking…

Microsoft: We're boosting our bug bounties for these high-impact security flaws

Microsoft has announced new “scenario-based” awards for its Dynamics and Power Platform Bounty Program and the Microsoft 365 Bounty Program.  Microsoft says the scenario-based awards are designed to encourage researchers…

Lenovo patches UEFI firmware vulnerabilities impacting millions of users

Lenovo has patched a trio of bugs that could be abused to perform UEFI attacks. Discovered by ESET researcher Martin Smolár, the vulnerabilities, assigned as CVE-2021-3970, CVE-2021-3971, and CVE-2021-3972, could…

Ronin Crypto Heist of $618m Traced to North Korea

Lazarus Group blamed by US Treasury

Attacker Accessed Dozens of Repositories After OAuth Token Theft

GitHub says npm is among the organizations affected