VMware this week shipped security updates for its Workstation, Fusion and ESXi product lines, warning that a heap-overflow vulnerability could expose users to code execution attacks.
VMware Plugs Security Holes in Workstation, Fusion and ESXi
Recorded Future Acquires SecurityTrails in $65M Deal
With eyes firmly set on the booming attack surface management space, threat intel powerhouse Recorded Future is shelling out $65 million to purchase SecurityTrails, a startup that helps organizations keep track of internet-facing assets.
Fresh Warnings Issued Over Abuse of Google Services
U.S. government agencies and cybersecurity companies are warning users and organizations about cybercriminals abusing Google services to achieve their goals.
FBI warns about Google Voice abuse
California Man Pleads Guilty Over Role in $50 Million Fraud Scheme
A California man this week admitted before a U.S. district judge to his role in a $50 million internet-enabled fraud scheme.
Court documents claim that, between 2012 and 2020, Allen Giltman, 56, of Irvine, California, created fraudulent websites to ask for funds from investors.
Research: Simulated Phishing Tests Make Organizations Less Secure
A large-scale, long-term phishing experiment conducted in a 56,000-employee organization has come to a startling conclusion: Those simulated phishing tests commonly seen in corporate user-education campaigns are actually making things much worse.
Ubisoft Confirms Unauthorized Access to ‘Just Dance’ User Data
French video game company Ubisoft this week confirmed that ‘Just Dance’ user data was compromised in a recent cybersecurity incident.
The data breach was the result of a misconfiguration that has since been corrected, but not before player data was accessed and potentially copied by a third party.
Targeted Links Used to Steal Tens of Millions in Global Scam Campaign
By impersonating 121 brands, scammers managed to defraud users in over 90 countries of an estimated $80 million per month, Singapore-based threat hunting and intelligence firm Group-IB reveals.
Russian Hacker Extradited to US for Trading on Stolen Information
A Russian national was extradited to the United States from Switzerland over the weekend, to face charges for his alleged role in a scheme whose participants traded on information stolen from hacked U.S. companies.
Google Finds 35,863 Java Packages Using Defective Log4j
The computer security industry is bracing for travel on long, bumpy roads littered with Log4j security problems as experts warn that software dependency patching hiccups will slow global mitigation efforts.
Citizen Lab Exposes Cytrox as Vendor Behind ‘Predator’ iPhone Spyware
The University of Toronto’s Citizen Lab has discovered another player in the private sector mobile spyware business, fingering a tiny North Macedonia company called Cytrox as the makers of high-end iPhone implants.