If you, or your kids, are fans of Minecraft - you might be wise not to download any new mods of plugins for a while. Computer security researchers say that they have uncovered that cybercriminals have succeeded in embedding malware named "Fracturizer" within packages and plugins used to modify the behaviour and appearance of the phenomenally...

Jetpack, an extremely popular WordPress plugin that provides a variety of functions including security features for around five million websites, has received a critical security update following the discovery of a bug that has lurked unnoticed since 2012. Jetpack's maintainers, Automattic, announced on Tuesday that it had worked closely with the...

Bad enough for your company to be held to ransom after a cyber attack. Worse still to then have one of your own employees exploit the attack in an attempt to steal the ransom for themselves. That's the situation gene and cell therapy firm Oxford BioMedica found itself in. On 27 February 2018, the Oxford-based firm discovered that it had suffered...

The US Cybersecurity and Infrastructure Security Agency (CISA), FBI, and others have issued a joint alert, advising organisations of the steps they should take to mitigate the threat posed by BianLian ransomware attacks. BianLian, which has been targeting different industry sectors since June 2022, is a ransomware developer, deployer and data...

What is Akira? Akira is a new family of ransomware, first used in cybercrime attacks in March 2023. Akira? Haven't we heard of that before? Maybe you're thinking of the cyberpunk Manga comic books and movie that came out in the 1980s. Or perhaps you're thinking of an unrelated ransomware of the same name which emerged in 2017. Maybe that's it....

Businesses should patch their TP-Link routers as soon as possible, after the revelation that a legendary IoT botnet is targeting them for recruitment. The notorious Mirai botnet, which hijacks control of vulnerable IoT devices, is now exploiting TP-Link Archer AX21 routers to launch distributed denial-of-service (DDoS) attacks. The warning comes...

Iranian state-sponsored hacking group Charming Kitten has been named as the group responsible for a new wave of attacks targeting critical infrastructure in the United States and elsewhere. The group (who are also known to security researchers by a wide variety of other names including Mint Sandstorm, Phosphorous, Newscaster, and APT35) has been...

Three Nigerian nationals face charges in a US federal court related to a business email compromise (BEC) scam that is said to have stolen more than US $6 million from victims. 29-year-old Kosi Goodness Simon-Ebo was extradited from Canada to the United States earlier this month, according to a Department of Justice press release, and will appear...

Multinational payment processing firm Nexway has been rapped across the knuckles by the US authorities, who claim that the firm knowingly processed fraudulent credit card payments on behalf of tech support scammers. A Federal Trade Commission (FTC) complaint argues that Nexway and its subsidiaries broke the law by helping scammers cheat money from unsuspecting consumers. Victims were tricked...

Accountants are being warned to be on their guard from malicious hackers, as cybercriminals exploit the rush to prepare tax returns for clients before the deadline of US Tax Day. US Tax Day, which falls on Tuesday April 18 this year, is the day on which income tax returns for individuals are due to be submitted to the government. Inevitably it's a...

Security researchers have released a new decryption tool that should come to the rescue of some victims of a modified version of the Conti ransomware, helping them to recover their encrypted data for free. Conti was one of the most notorious ransomware groups, responsible for hundreds of attacks against organisations, which netted criminals over ...

UK banking group TSB is calling on social networks and dating apps to better protect their users from fake profiles, following an alarming spike in romance fraud. Examining data from December 2020 - January 2022, TSB determined that romance fraud almost doubled compared to pre-pandemic levels, with a record increase in losses of 91% - averaging £6...

A 22-year-old suspected of being "Seyzo", a member of the ShinyHunters cybercrime gang, has been extradited from Morocco to the United States, where - if convicted - he could face up to 116 years in prison. Sebastien Raoult, a French national, was arrested at Rabat international airport in Morocco on May 31 2022, while trying to take a flight to...

It's time for you and your colleagues to become more skeptical about what you read. That's a takeaway from a series of experiments undertaken using GPT-3 AI text-generating interfaces to create malicious messages designed to spear-phish, scam, harrass, and spread fake news. Experts at WithSecure have described their investigations into just how...

The FBI is warning US consumers that cybercriminals are placing ads in search engine results that impersonate well-known brands, in an attempt to spread ransomware and steal financial information. In a public service announcement issued this week, the FBI describes how cybercriminals are purchasing ads that show up at the very top of search engine...

Law enforcement agencies in the United States, UK, Netherlands, Poland, and Germany have brought down the most popular DDoS-for-hire services on the internet, responsible for tens of millions of attacks against websites. 50 of the world's biggest "booter" sites used to launch disruptive distributed denial-of-service attacks have been taken down as...

Malicious hackers, hell-bent on infiltrating an organisation, have no qualms about exploiting even the most tragic events. Take, for instance, the horrific crowd crush that occurred in Seoul's nightlife district of Itaweon on 29 October, when over 150 people were killed during Halloween festivities. Google's Threat Analysis Group (TAG) reports...

Researchers investigating a newly-discovered botnet have admitted that they "accidentally" broke it. In November, security experts at Akamai described a Golang-based botnet that they had discovered, hijacking PCs via SSH and weak credentials in order to launch distributed denial-of-service (DDoS) attacks and mine cryptocurrency. The botnet, which...

UK police are texting 70,000 people who they believe have fallen victim to a worldwide scam that saw fraudsters steal at least £50 million from bank accounts. 200,000 people in the UK, including the elderly and disabled, are thought to have been targeted by conmen who masqueraded as highstreet banks. Scammers paid a subscription to a service...

Healthcare organisations in the United States are being warned to be on their guard once again, this time against a family of ransomware known as Venus. An advisory from the United States Department of Health and Human Services (HHS) has warned that the cybercriminals behind the Venus ransomware have targeted at least one healthcare entity in the...