Latest Tech News

Stay updated with the latest in technology, AI, cybersecurity, and more

Filtered by: attacks Clear Filter

Here’s how deepfake vishing attacks work, and why they can be hard to detect

arstechnica.com Unknown 2025-11-29 09:00:02

By now, you’ve likely heard of fraudulent calls that use AI to clone the voice of people the call recipient knows. Often, the result is what sounds like a grandchild, CEO, or work colleague you’ve known for years reporting an urgent matter requiring immediate action, saying wiring money, divulging login credentials, or visiting a malicious website. Researchers and government officials have been warning of the threat for years, with the Cybersecurity and Infrastructure Security Agency saying in

Topics: attacks group real time voice
Read More
Shop Amazon

Akira ransomware abuses CPU tuning tool to disable Microsoft Defender

bleepingcomputer.com Unknown 2025-11-30 03:15:57

Akira ransomware is abusing a legitimate Intel CPU tuning driver to turn off Microsoft Defender in attacks from security tools and EDRs running on target machines. The abused driver is 'rwdrv.sys' (used by ThrottleStop), which the threat actors register as a service to gain kernel-level access. This driver is likely used to load a second driver, 'hlpdrv.sys,' a malicious tool that manipulates Windows Defender to turn off its protections. This is a 'Bring Your Own Vulnerable Driver' (BYOVD) at

Topics: akira attacks driver ransomware sys
Read More
Shop Amazon

Google suffers data breach in ongoing Salesforce data theft attacks

news.ycombinator.com Unknown 2025-12-01 08:04:13

Google is the latest company to suffer a data breach in an ongoing wave of Salesforce CRM data theft attacks conducted by the ShinyHunters extortion group. In June, Google warned that a threat actor they classify as 'UNC6040' is targeting companies' employees in voice phishing (vishing) social engineering attacks to breach Salesforce instances and download customer data. This data is then used to extort companies into paying a ransom to prevent the data from being leaked. In a brief update to

Topics: actor attacks data google threat
Read More
Shop Amazon

Google suffers data breach in ongoing Salesforce data theft attacks

bleepingcomputer.com Unknown 2025-12-01 12:51:14

Google is the latest company to suffer a data breach in an ongoing wave of Salesforce CRM data theft attacks conducted by the ShinyHunters extortion group. In June, Google warned that a threat actor they classify as 'UNC6040' is targeting companies' employees in voice phishing (vishing) social engineering attacks to breach Salesforce instances and download customer data. This data is then used to extort companies into paying a ransom to prevent the data from being leaked. In a brief update to

Topics: actor attacks data google threat
Read More
Shop Amazon

Pandora confirms data breach amid ongoing Salesforce data theft attacks

bleepingcomputer.com Unknown 2025-12-02 12:16:39

Danish jewelry giant Pandora has disclosed a data breach after its customer information was stolen in the ongoing Salesforce data theft attacks. Pandora is one of the largest jewellery brands in the world, with 2,700 locations and over 37,000 employees. "We are writing to inform you that your contact information was accessed by an unauthorized party through a third-party platform we use," reads a Pandora data breach notification sent to customers. "We stopped the access and have further stren

Topics: attacks companies data pandora salesforce
Read More
Shop Amazon

Voice phishers strike again, this time hitting Cisco

arstechnica.com Unknown 2025-12-03 08:28:10

Cisco said that one of its representatives fell victim to a voice phishing attack that allowed threat actors to download profile information belonging to users of a third-party customer relationship management system. “Our investigation has determined that the exported data primarily consisted of basic account profile information of individuals who registered for a user account on Cisco.com,” the company disclosed. Information included names, organization names, addresses, Cisco assigned user I

Topics: account actors attacks cisco information
Read More
Shop Amazon

SonicWall urges admins to disable SSLVPN amid rising attacks

bleepingcomputer.com Unknown 2025-12-04 23:28:38

SonicWall has warned customers to disable SSLVPN services due to ransomware gangs potentially exploiting an unknown security vulnerability in SonicWall Gen 7 firewalls to breach networks over the past few weeks. The warning comes after Arctic Wolf Labs reported on Friday that it had observed multiple Akira ransomware attacks, likely using a SonicWall zero-day vulnerability, since July 15th. "The initial access methods have not yet been confirmed in this campaign," the Arctic Wolf Labs research

Topics: attacks day sonicwall vpn vulnerability
Read More
Shop Amazon

Fashion giant Chanel hit in wave of Salesforce data theft attacks

bleepingcomputer.com Unknown 2025-12-05 17:54:17

French fashion giant Chanel is the latest company to suffer a data breach in an ongoing wave of Salesforce data theft attacks. Chanel says the breach was first detected on July 25th after threat actors gained access to a Chanel database hosted at a third-party service provider, as first reported by WWD. The breach only impacted customers in the United States and exposed personal contact information. "Based on the findings of the investigation, the data obtained by the unauthorized external pa

Topics: attacks chanel customers data salesforce
Read More
Shop Amazon

SonicWall firewall devices hit in surge of Akira ransomware attacks

bleepingcomputer.com Unknown 2025-12-08 17:28:20

SonicWall firewall devices have been increasingly targeted since late July in a surge of Akira ransomware attacks, potentially exploiting a previously unknown security vulnerability, according to cybersecurity company Arctic Wolf. Akira emerged in March 2023 and quickly claimed many victims worldwide across various industries. Over the last two years, Akira has added over 300 organizations to its dark web leak portal and claimed responsibility for multiple high-profile victims, including Nissan

Topics: arctic attacks sonicwall vulnerability wolf
Read More
Shop Amazon

ShinyHunters behind Salesforce data theft attacks at Qantas, Allianz Life, and LVMH

bleepingcomputer.com Unknown 2025-12-13 16:52:39

A wave of data breaches impacting companies like Qantas, Allianz Life, LVMH, and Adidas has been linked to the ShinyHunters extortion group, which has been using voice phishing attacks to steal data from Salesforce CRM instances. In June, Google's Threat Intelligence Group (GTIG) warned that threat actors tracked as UNC6040 were targeting Salesforce customers in social engineering attacks. In these attacks, the threat actors impersonated IT support staff in phone calls to targeted employees, a

Topics: attacks bleepingcomputer data salesforce threat
Read More
Shop Amazon

How attackers are still phishing "phishing-resistant" authentication

bleepingcomputer.com Unknown 2025-12-17 22:50:59

As awareness grows around many MFA methods being “phishable” (i.e. not phishing resistant), passwordless, FIDO2-based authentication methods (aka. passkeys) like YubiKeys, Okta FastPass, and Windows Hello are being increasingly advocated. This is a good thing. The most commonly used MFA factors (like SMS codes, push notifications, and app-based OTP) are routinely bypassed, with modern reverse-proxy “Attacker-in-the-Middle” phishing kits the most common method (and the standard choice for phishi

Topics: access attacker attacks mfa phishing
Read More
Shop Amazon

CISA flags PaperCut RCE bug as exploited in attacks, patch now

bleepingcomputer.com Unknown 2025-12-20 03:59:36

CISA warns that threat actors are exploiting a high-severity vulnerability in PaperCut NG/MF print management software, which can allow them to gain remote code execution in cross-site request forgery (CSRF) attacks. The software developer says that more than 100 million users use its products across over 70,000 organizations worldwide. The security flaw (tracked as CVE-2023-2533 and patched in June 2023) can allow an attacker to alter security settings or execute arbitrary code if the target

Topics: 2023 attacks cisa cve papercut
Read More
Shop Amazon

7 Things Wuchang Fallen Feathers Doesn't Tell You

cnet.com See Full Bio 2025-12-20 17:00:00

Wuchang: Fallen Feathers isn't a revolutionary Soulslike title that aims to change the subgenre, but it's catching the attention of many players right now, in part because it's available on day 1 on Xbox Game Pass. Wuchang, however, does have some issues with underexplaining certain mechanics, which is giving players a little trouble. Wuchang makes some changes to the Soulslike formula established by FromSoftware, the developers of Demon's Souls and Dark Souls. Those changes aren't laid out so

Topics: attacks game like weapon wuchang
Read More
Shop Amazon

Microsoft: SharePoint flaws exploited in Warlock ransomware attacks

bleepingcomputer.com Unknown 2025-12-24 17:53:14

A China-based hacking group is deploying Warlock ransomware on Microsoft SharePoint servers vulnerable to widespread attacks targeting the recently patched ToolShell zero-day exploit chain. Non-profit security organization Shadowserver is currently tracking over 420 SharePoint servers that are exposed online and remain vulnerable to these ongoing attacks. "Although Microsoft has observed this threat actor deploying Warlock and Lockbit ransomware in the past, Microsoft is currently unable to co

Topics: attacks department microsoft ransomware security
Read More
Shop Amazon

Microsoft: SharePoint servers also targeted in ransomware attacks

bleepingcomputer.com Unknown 2025-12-26 11:53:14

A China-based hacking group is deploying Warlock ransomware on Microsoft SharePoint servers vulnerable to widespread attacks targeting the recently patched ToolShell zero-day exploit chain. Non-profit security organization Shadowserver is currently tracking over 420 SharePoint servers that are exposed online and remain vulnerable to these ongoing attacks. "Although Microsoft has observed this threat actor deploying Warlock and Lockbit ransomware in the past, Microsoft is currently unable to co

Topics: attacks department microsoft ransomware security
Read More
Shop Amazon

SonicWall urges admins to patch critical RCE flaw in SMA 100 devices

bleepingcomputer.com Unknown 2025-12-26 14:17:39

SonicWall urges customers to patch SMA 100 series appliances against a critical authenticated arbitrary file upload vulnerability that can let attackers gain remote code execution. The security flaw (tracked as CVE-2025-40599) is caused by an unrestricted file upload weakness in the devices' web management interfaces, which can allow remote threat actors with administrative privileges to upload arbitrary files to the system. "SonicWall strongly recommends that users of the SMA 100 series produ

Topics: 2025 attacks cve sma sonicwall
Read More
Shop Amazon

US nuclear weapons agency hacked in Microsoft SharePoint attacks

bleepingcomputer.com Unknown 2025-12-28 02:14:25

Unknown threat actors have breached the National Nuclear Security Administration's network in attacks exploiting a recently patched Microsoft SharePoint zero-day vulnerability chain. NNSA is a semi-autonomous U.S. government agency part of the Energy Department that maintains the country's nuclear weapons stockpile and is also tasked with responding to nuclear and radiological emergencies within the United States and abroad. A Department of Energy spokesperson confirmed in a statement that hac

Topics: attacks day department energy microsoft
Read More
Shop Amazon

US nuclear weapons agency reportedly hacked in SharePoint attacks

bleepingcomputer.com Unknown 2025-12-28 08:14:25

Unknown threat actors have reportedly breached the National Nuclear Security Administration's network in attacks exploiting a recently patched Microsoft SharePoint zero-day vulnerability chain. NNSA is a semi-autonomous U.S. government agency part of the Energy Department that maintains the country's nuclear weapons stockpile and is also tasked with responding to nuclear and radiological emergencies within the United States and abroad. A Department of Energy spokesperson confirmed in a stateme

Topics: attacks compromised day department microsoft
Read More
Shop Amazon

New UK law would ban ransomware payments by publicly funded orgs

engadget.com Unknown 2025-12-29 22:08:51

The British government has announced plans to move forward with a law that would bar public organizations from paying off ransomware attackers. The proposed legislation would add schools, town councils, National Health Service (NHS) hospitals and critical infrastructure managers to a ban which already applies to the national government. The logic behind banning payments is simple. If cybercriminals know a ransomware attack against a UK school or hospital won't get them paid, they'll look somewh

Topics: attacks ban government ransom ransomware
Read More
Shop Amazon

Apple alerted Iranians to iPhone spyware attacks, say researchers

techcrunch.com Lorenzo Franceschi-Bicchierai 2025-12-30 03:57:48

Apple notified more than a dozen Iranians in recent months that their iPhones had been targeted with government spyware, according to security researchers. Miian Group, a digital rights organization that focuses on Iran, and Hamid Kashfi, an Iranian cybersecurity researcher who lives in Sweden, said they spoke with several Iranians who received the notifications in the last year. Bloomberg first wrote about these spyware notifications. Miaan Group published a report on Tuesday on the state of

Topics: apple attacks notifications said spyware
Read More
Shop Amazon

CISA and FBI warn of escalating Interlock ransomware attacks

bleepingcomputer.com Unknown 2025-12-30 17:36:42

CISA and the FBI warned on Tuesday of increased Interlock ransomware activity targeting businesses and critical infrastructure organizations in double extortion attacks. Today's advisory was jointly authored with the Department of Health and Human Services (HHS) and the Multi-State Information Sharing and Analysis Center (MS-ISAC) and it provides network defenders with indicators of compromise (IOCs) collected during investigations of incidents as recent as June 2025, along with mitigation meas

Topics: access attacks interlock networks ransomware
Read More
Shop Amazon

Report: Apple alerted Iranians to spyware attacks in lead-up to war with Israel

9to5mac.com Ryan Christoffel 2025-12-31 08:24:44

You may have never heard of them, but Apple sends “threat notifications” to users when it believes they’re being targeted by cyber attacks. Earlier this year that happened with several Iranians in the lead-up to the Iran-Israel war, per a new Bloomberg report. Here are the details. Apple threat notifications were sent to over a dozen Iranian cyberattack victims Patrick Howell O’Neill writes at Bloomberg: More than a dozen Iranians’ mobile phones were targeted with spyware in the months prior

Topics: apple attacks notifications threat users
Read More
Shop Amazon

MakeShift: Security Analysis of Shimano Di2 Wireless Gear Shifting in Bicycles

news.ycombinator.com Maryam Motallebighomi 2025-12-27 15:08:40

The bicycle industry is increasingly adopting wireless gear-shifting technology for its advantages in performance and design. In this paper, we explore the security of these systems, focusing on Shimano's Di2 technology, a market leader in the space. Through a blackbox analysis of Shimano's proprietary wireless protocol, we uncovered the following critical vulnerabilities: (1) A lack of mechanisms to prevent replay attacks that allows an attacker to capture and retransmit gear shifting commands;

Topics: attacker attacks bike gear shifting
Read More
Shop Amazon

Over 1,000 CrushFTP servers exposed to ongoing hijack attacks

bleepingcomputer.com Unknown 2026-01-03 23:34:21

Over 1,000 CrushFTP instances currently exposed online are vulnerable to hijack attacks that exploit a critical security bug, providing admin access to the web interface. The security vulnerability (CVE-2025-54309) is due to mishandled AS2 validation and impacts all CrushFTP versions below 10.8.5 and 11.3.4_23. The vendor tagged the flaw as actively exploited in the wild on July 19th, noting that attacks may have begun earlier, although it has yet to find evidence to confirm this. "July 18th,

Topics: 2025 attacks crushftp cve data
Read More
Shop Amazon

Europol disrupts pro-Russian NoName057(16) DDoS hacktivist group

bleepingcomputer.com Unknown 2026-01-11 03:07:30

An international law enforcement operation dubbed "Operation Eastwood" has targeted the infrastructure and members of the pro-Russian hacktivist group NoName057(16), responsible for distributed denial-of-service (DDoS) attacks across Europe, Israel, and Ukraine. Operation Eastwood was led by Europol and Eurojust with support from 12 countries. It took place on July 15, 2025, and targeted the systems and individuals behind the group's activities. NoName057(16) is a pro-Russian hacking group tha

Topics: attacks germany group noname057 operation
Read More
Shop Amazon

Google Gemini flaw hijacks email summaries for phishing

bleepingcomputer.com Unknown 2026-01-17 06:38:00

Google Gemini for Workspace can be exploited to generate email summaries that appear legitimate but include malicious instructions or warnings that direct users to phishing sites without using attachments or direct links. Such an attack leverages indirect prompt injections that are hidden inside an email and obeyed by Gemini when generating the message summary. Despite similar prompt attacks being reported since 2024 and safeguards being implemented to block misleading responses, the technique

Topics: attacks email gemini google malicious
Read More
Shop Amazon

Four arrested in connection with M&S and Co-op cyber-attacks

feeds.bbci.co.uk Unknown 2026-01-22 18:44:30

Four arrested in connection with M&S and Co-op cyber-attacks 17 minutes ago Share Save Joe Tidy Cyber correspondent, BBC World Service Share Save Getty Images / PA Four people have been arrested by police investigating the cyber-attacks that have caused havoc at M&S and the Co-op. The National Crime Agency (NCA) says a 20-year-old woman was arrested in Staffordshire, and three males - aged between 17 and 19 - were detained in London and the West Midlands. They were apprehended on suspicion of

Topics: arrested attacks crime cyber op
Read More
Shop Amazon

A Group of Young Cybercriminals Poses the ‘Most Imminent Threat’ of Cyberattacks Right Now

wired.com Matt Burgess 2026-02-06 17:56:04

Empty grocery store shelves and grounded planes tend to signal a crisis, whether it’s an extreme weather event, public health crisis, or geopolitical emergency. But these scenes of chaos in recent weeks in the United Kingdom, United States, and Canada were caused instead by financially motivated cyberattacks—seemingly perpetrated by a collective of joyriding teens. A notorious cybercriminal group often called Scattered Spider is known for using social engineering techniques to infiltrate target

Topics: airlines attacks group scattered spider
Read More
Shop Amazon

AT&T rolls out "Wireless Lock" feature to block SIM swap attacks

bleepingcomputer.com Unknown 2026-02-08 22:23:03

AT&T has launched a new security feature called "Wireless Lock" that protects customers from SIM swapping attacks by preventing changes to their account information and the porting of phone numbers while the feature is enabled. This new feature has been available for some customers for almost a year and has now been rolled out to all AT&T customers. SIM swap attacks are when cybercriminals port, or move, a targeted phone number to a device under their control. This allows them to intercept the

Topics: attacks customers feature new sim
Read More
Shop Amazon

Google fixes fourth actively exploited Chrome zero-day of 2025

bleepingcomputer.com Unknown 2026-02-10 22:59:51

Google has released emergency updates to patch another Chrome zero-day vulnerability exploited in attacks, marking the fourth such flaw fixed since the start of the year. "Google is aware that an exploit for CVE-2025-6554 exists in the wild," the browser vendor said in a security advisoryissued on Monday. "This issue was mitigated on 2025-06-26 by a configuration change pushed out to Stable channel across all platforms." The company fixed the zero-day for users in the Stable Desktop channel, w

Topics: attacks day fixed google zero
Read More
Shop Amazon
Trending Topics
Hot Now
ai 3583 apple 2975 new 2359 google 1991 content 1710
Popular
like 1476 company 1408 pro 1305 iphone 1128 app 1113 zdnet 1094 said 1043 data 1036 does 896 reviews 882
Emerging
editorial 861 amazon 854 game 800 samsung 764 phone 756 pixel 754 android 730 just 712 available 680 users 676
About GoKawiil

GoKawiil is a project by nerdhub.co that curates technology news from trusted sources. We built this site to provide a cleaner, more mobile-friendly experience without intrusive ads or heavy JavaScript.

Privacy

Your privacy matters. GoKawiil doesn't use Google Analytics or Facebook Pixel. The only tracking occurs through affiliate links to Amazon.

Advertising

Interested in advertising? Contact us at [email protected]