'Freedom Convoy' donors exposed in possible cyberattack on GiveSendGo crowdfunding site

Written by Tonya Riley Feb 14, 2022 | CYBERSCOOP Christian crowdfunding website GiveSendGo was offline Monday due to an apparent hack after the company vowed to fight a Canadian court…

MobileIron customers urged to patch systems due to potential Log4j exploitation

Cybersecurity company NCC Group is warning users of MobileIron products to patch their systems since finding exploitations through the Log4j vulnerability.  more coverage NCC Group researchers have so far seen…

Meta removes accounts of spyware company Cytrox after Citizen Lab report on gov't hacks

Citizen Lab has released a new report highlighting widespread government use of the “Predator” spyware from North Macedonian developer Cytrox. Researchers found that Predator was used to attack two people…

New Jersey Cancer Care Providers Settle Data Breach Claim

New Jersey Cancer Care Providers Settle Data Breach Claim A trio of healthcare providers in New Jersey has agreed to pay $425,000 and adopt new security measures to settle a…

Meta takes down 7 hacking-for-hire operations that targeted 50,000 users

Written by Tonya Riley Dec 16, 2021 | CYBERSCOOP Meta removed seven “surveillance-for-hire” organizations that used Facebook to target at least 50,000 individuals across 100 countries for surveillance operations, some…

NSO zero-click iMessage exploit hacks iPhone without need to click links

The IT security researchers at Google have declared the NSO zero-click iMessage exploit as “Terrifying.” Google Project Zero’s (GPZ) Ian Beer and Samuel Groß have shared details on a new…

Avast Finds Backdoor on US Government Commission Network

Avast –  Avast –  We have found a new targeted attack against a small, lesser-known U.S. federal government commission associated with international rights. Despite repeated attempts through multiple channels over…

The Log4j Vulnerability Is Now Used by State-Backed Hackers

The vulnerability, officially tagged as CVE-2021-44228 and called Log4Shell or LogJam, is an unauthenticated RCE vulnerability that allows total system takeover on systems running Log4j 2.0-beta9 through 2.14.1. What Happened? Nation-state hackers…

Homeland Security Offering $5,000 Bug Bounty to Hack DHS

The program will allow hackers and security researchers to earn between $500 to $5,000 for identifying verified vulnerabilities. The US Department of Homeland Security (DHS) has announced a new bug…

NPK: Free tool to crack password hashes with AWS

The NPK tool is an open-source password cracking tool developed by the Coalfire Labs Research and Development team. The initials NPK are inspired by the atomic elements contained within farm…