Admins Urged by CISA to Patch Critical RCE Bug Found in Discourse

A critical RCE flaw discovered in the open-source Internet forum Discourse tracked as CVE-2021-41163, has been addressed in an urgent update on Friday. What Is Discourse? Discourse, which was founded in…

These ransomware criminals lost millions of dollars in payments when researchers secretly found mistakes in their code

A major ransomware operation was prevented from making millions of dollars after cybersecurity researchers discovered a flaw in the ransomware that enabled encrypted files to be recovered without paying a ransom to…

Nobelium APT Group: A New Supply Chain Attack where Tech Resellers Are Targeted

Nobelium APT group, the one behind the famous SolarWinds attack and also associated with Russia’s spy agency, seems to reenter the threat landscape scene. This time its targets are tech resellers,…

SolarWinds hackers, Nobelium, hit cloud providers and resellers

So far, Microsoft has informed 140 companies about the new attack campaign being carried out by Nobelium 14 of which were compromised by the group. The IT security researchers at…

BillQuick Billing App Rigged to Inflict Ransomware

A SQL injection bug in the BillQuick billing app has not only leaked sensitive information, it’s also let malicious actors remotely execute code and deploy ransomware. Threat actors are picking…

CISA Urges Sites to Patch Critical RCE in Discourse

The patch, urgently rushed out on Friday, is an emergency fix for the widely deployed platform, whose No. 1 most trafficked site is Amazon’s Seller Central. Discourse – the ultra-popular,…

Russian Drivers’ Private Information Available For Sale

The personal information of millions of Russian drivers is being sold by hackers on an underground market for only a few hundred dollars. As it turns out, the stolen data…

Blackmatter Ransomware Victims Helped with a Secret Decryptor

BlackMatter is claiming to be a successor to Darkside and REvil, two other notorious ransomware threat actors responsible for the cyberattacks on Colonial Pipeline and Kaseya. The cybersecurity company Emsisoft, uncovered a vulnerability in the…

SolarWinds hackers, Nobelium, once again strike global IT supply chains, Microsoft warns

Microsoft has warned that Nobelium, the hacking group behind the SolarWinds fiasco, has targeted at least 140 resellers and technology service providers in global IT supply chains. On October 24,…

BlackMatter Bug Saved Victims Millions in Ransom Payments

BlackMatter Bug Saved Victims Millions in Ransom Payments Security researchers claim to have saved BlackMatter ransomware victims millions over the past few months after exploiting a bug they found in…