The new ‘AXLocker’ ransomware family is not only encrypting victims’ files and demanding a ransom payment but also stealing the Discord accounts of infected users. When a user logs into Discord with their credentials, the platform sends back a user authentication token saved on the computer. This token can then be used to log in as the user or…
A threat group tracked as ‘Worok’ hides malware within PNG images to infect victims’ machines with information-stealing malware without raising alarms. This has been confirmed by researchers at Avast, who built upon the findings of ESET, the first to spot and report on Worok’s activity in early September 2022. ESET warned that Worok targeted high-profile victims, including government entities in…
Wordfence analysts report having detected a massive wave of attacks in the last couple of days, originating from 16,000 IPs and targeting over 1.6 million WordPress sites. The threat actors target four WordPress plugins and fifteen Epsilon Framework themes, one of which has no available patch. Some of the targeted plugins were patched all the way back in 2018, while others…
Keeping a close eye on your online accounts is incredibly important with scams, hacks, and breaches as common as they are. Your hardware is at risk as well, which is why we always recommend keeping your devices updated. In fact, one of the most indispensable devices in your home can also be one of the most vulnerable. Cyber Security researchers recently examined a…
Picking a strong password is more important than ever, but it’s also becoming increasingly difficult. Cybercriminals are constantly picking up new tricks, and it is nearly impossible to stay ahead of them. To make matters worse, some of us aren’t even trying. For the past several years, the team behind the password manager NordPass has been putting together lists of…
Every time a massive data breach makes the news, we remind you about the best practices you need to employ to protect your online properties. You should never use weak passwords and recycle them. Instead, pick a password manager that lets you generate unique passwords for every different service, website, and app. And use two-factor authentication (2FA) or one-time passwords (OTP) whenever you…
A USB-C to Lightning cable with a hidden wireless key-logger can enable an attacker to capture everything you type from a distance of up to a mile. Any tech-literate person knows you should never plug a USB key into any of your devices unless you trust the person giving it to you, but fewer know that the same applies…
After years of warnings, the impact of ransomware finally hits home for regular people. SAN FRANCISCO — It can feel abstract: A group of organized but faceless criminals hijacking corporate computer systems and demanding millions of dollars in exchange for their safe return. But the impact of these ransomware attacks is increasingly, unavoidably, real for everyday people. These crimes have resulted…
There’s some bad news for Meta, in the form of a…
Search giant Google on Friday released an out-of-band security update to…
LastPass maintains that passwords remain safely encrypted. Password manager LastPass announced Wednesday…
