EU’s Green Pass Vaccination ID Private Key Leaked

The private key used to sign the vaccine passports was leaked and is being passed around to create fake passes for the likes of Mickey Mouse and Adolf Hitler. As…

Teen Rakes in $2.74M Worth of Bitcoin in Phishing Scam

The kid was busted after abusing Google Ads to lure users to his fake gift card site.  During the early days of the pandemic, while the rest of the world…

Cyber Attack Cripples Iranian Fuel Distribution Network

The incident triggered shutdowns at pumps across the country as attackers flashed the phone number of Supreme Leader Ali Khamenei across video screens. An attack on the fuel distribution chain…

Cyberattack Cripples Iranian Fuel Distribution Network

The incident triggered shutdowns at pumps across the country as attackers flashed the phone number of Supreme Leader Ali Khamenei across video screens. An attack on the fuel distribution chain…

BillQuick Billing App Rigged to Inflict Ransomware

A SQL injection bug in the BillQuick billing app has not only leaked sensitive information, it’s also let malicious actors remotely execute code and deploy ransomware. Threat actors are picking…

BQE Web Suite Billing App Rigged to Inflict Ransomware

An SQL-injection bug in the BQE Web Suite billing app has not only leaked sensitive information, it’s also let malicious actors execute code and deploy ransomware. Threat actors have been…

SolarWinds APT Targets Tech Resellers in Latest Supply-Chain Cyberattacks

The Nobelium group, linked to Russia’s spy agency, is looking to use resellers as a path to infiltrate their valuable downstream customers – and it’s working. The SolarWinds attackers –…

Google Crushes YouTube Cookie-Stealing Channel Hijackers

Google has caught and brushed off a bunch of cookie-stealing YouTube channel hijackers who were running cryptocurrency scams on, or auctioning off, ripped-off channels.  Google has caught and brushed off…

Lyceum APT Returns, This Time Targeting Tunisian Firms

The APT, which targets Middle-Eastern energy firms & telecoms, has been relatively quiet since its exposure but not entirely silent. It’s kept up attacks through 2021 and is working on…

Twitter Suspends Accounts Used to Snare Security Researchers

The accounts were used to catfish security researchers into downloading malware in a long-running cyber-espionage campaign attributed to North Korea. Twitter has shuttered two accounts – @lagal1990 and @shiftrows13 –…