Unknown miscreants are distributing a fake SonicWall app to steal users' VPN credentials. In a Monday threat intel alert, the firewall and VPN slinger said it and Microsoft spotted the info-stealing campaign, in which would-be thieves distributed a "hacked and...

Microsoft is rolling out a configuration update designed to address a known issue causing Windows Update to fail on some Windows 11 systems. The KB5062324 update is available for Windows 11 version 24H2 devices that have not yet applied the May Windows...

Four convicted members of the once-supreme ransomware operation REvil are leaving captivity after completing most of their five-year sentences. The quartet were arrested in 2022 alongside four other alleged members, including the group's founder, who remain in...

A stealthy, ongoing campaign to gain long-term access to networks bears all the markings of intrusions conducted by China’s ‘Typhoon’ crews and has infected at least 1,000 devices, primarily in the US and South East, according to Security Scorecard's Strike...

The Russian state-sponsored threat group APT28 is using Signal chats to target government targets in Ukraine with two previously undocumented malware families named BeardShell and SlimAgent. To be clear, this is not a security issue in Signal. Instead, threat...

A new mobile crypto-stealing malware called SparkKitty was found in apps on Google Play and the Apple App Store, targeting Android and iOS devices. The malware is a possible evolution of SparkCat, which Kaspersky discovered in January. SparkCat used optical...

McLaren Health Care is in the process of writing to 743,131 individuals now that it fully understands the impact of its July 2024 cyberattack. The attack was carried out on Karmanos Cancer Institute, an independent organization that's part of McLaren's network,...

Infosec in brief A former US Army sergeant has admitted he attempted to sell classified data to China. Joseph Daniel Schmidt last Friday pled guilty after the Feds charged him with using his top secret clearance to steal classified data that he retained until...

CoinMarketCap, the popular cryptocurrency price tracking site, suffered a website supply chain attack that exposed site visitors to a wallet drainer campaign to steal visitors' crypto. On Friday evening, January 20, CoinMarketCap visitors began seeing Web3...

Oxford City Council warns it suffered a data breach where attackers accessed personally identifiable information from legacy systems. The incident has also caused an ICT service disruption, as announced on the website, and although most of the impacted systems...