BillQuick Billing App Rigged to Inflict Ransomware

A SQL injection bug in the BillQuick billing app has not only leaked sensitive information, it’s also let malicious actors remotely execute code and deploy ransomware. Threat actors are picking…

BQE Web Suite Billing App Rigged to Inflict Ransomware

An SQL-injection bug in the BQE Web Suite billing app has not only leaked sensitive information, it’s also let malicious actors execute code and deploy ransomware. Threat actors have been…

SolarWinds APT Targets Tech Resellers in Latest Supply-Chain Cyberattacks

The Nobelium group, linked to Russia’s spy agency, is looking to use resellers as a path to infiltrate their valuable downstream customers – and it’s working. The SolarWinds attackers –…

YouTube Used to Push Password-Stealing Malware

A Trojan is a type of malware that acts according to the Greek legend, as it camouflages itself as a legitimate file or program to trick unsuspecting users into installing…

Google Crushes YouTube Cookie-Stealing Channel Hijackers

Google has caught and brushed off a bunch of cookie-stealing YouTube channel hijackers who were running cryptocurrency scams on, or auctioning off, ripped-off channels.  Google has caught and brushed off…

Acer Hit Twice in One Week by the Same Hacker

Threat actors identified as ‘Desorden’ claimed they had hacked Acer India’s computers and stolen data, including client information. What Happened? Acer reacted in a press release saying this was an…

Candy corn producer says ransomware incident 'not likely' to sour Halloween supplies

Written by Jeff Stone Oct 20, 2021 | CYBERSCOOP A major U.S. candy-maker says it’s returning to service after a ransomware incident in which intruders interrupted operations at some facilities…

Lyceum APT Returns, This Time Targeting Tunisian Firms

The APT, which targets Middle-Eastern energy firms & telecoms, has been relatively quiet since its exposure but not entirely silent. It’s kept up attacks through 2021 and is working on…

TikTok Serves Up Fresh Gamer Targets via Fake Among Us, Steam Offerings

The tween-friendly video app is being used to serve up malvertising, disguised as free Steam game accounts or Among Us game hacks. TikTok has made people do all sorts of…

Twitter Suspends Accounts Used to Snare Security Researchers

The accounts were used to catfish security researchers into downloading malware in a long-running cyber-espionage campaign attributed to North Korea. Twitter has shuttered two accounts – @lagal1990 and @shiftrows13 –…