AT&T on Friday said almost all its wireless subscribers were exposed in a massive hack that occurred between April 14 and April 25, 2024, where a hacker exfiltrated files containing “records of customer call and text interactions” between approximately May 1 and October 31, 2022, as well as on January 2, 2023.
Category: Vulnerabilities
Job scams surged 118% in 2023 due to AI, watchdog group warns | Fox Business
The Identity Theft Resource Center (ITRC) found that reports of job scams increased by 118% in 2023 compared to the prior year. That occurred even as the number of overall scams reported to the ITRC fell by 18%.
350 million people downloaded insecure browser extensions over two years | Cybernews
In all, the academics discovered more than 26,000 extensions they believed had issues inherent in them, with around 15,400 of them violating privacy rules. A further 10,400 or so contained malware that could harm users.
Alabama education department still impacted by thwarted ransomware intrusion | SC Media
More ransomware news. Education and Health Care sectors seem to be popular targets lately. https://www.scmagazine.com/brief/alabama-education-department-still-impacted-by-thwarted-ransomware-intrusion
This new ransomware scam will hassle you with phone calls until you pay up | TechRadar

TRENDING
Expert Insights
Best web hosting
Best website builder
Best standing desks
When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.
Pro
Security
This new ransomware scam will hassle you with phone calls until you pay up
News
By Sead Fadilpašić
published yesterday
Victims threatened with repeated phone calls

Image credit: Pixabay (Image credit: Pixabay)
A new ransomware group has been discovered harassing its victims on the phone until they pay up.
Advertisement
A report from anti-ransomware company, Halycon said that Volcano Demon was seen going after “several” targets in the last couple of weeks, deploying a new encryptor called LukaLocker.
Its methodis relatively simple – the threat actor will first find a way into the target network, map it out, and then exfiltrate as many sensitive files as they can. Then, they will deploy the encryptor, lock down the files and entire systems, and then demand payment in cryptocurrency in exchange for the decryption key, and for keeping the files for themselves.
7 Accounts You Must Always Protect With Two-Factor Authentication
Two-factor authentication adds an extra layer of security and keeps your account protected even if your password is compromised. While it’s advisable to enable two-factor authentication on all accounts that support it, here are some accounts that should always have this extra layer of protection.
Don’t overlook the security risk posed by QR codes | TechRadar
But the more mainstream the technology has become, the more attractive it has become for threat actors. The same accessibility that makes the QR code a useful tool also makes it an effective vector for phishing and malware delivery.
To guard against cyberattacks in space, researchers ask “what if?” | Ars Technica
Because space is so remote and hard to access, if someone wanted to attack a space system, they would likely need to do it through a cyberattack. Space systems are particularly attractive targets because their hardware cannot be easily upgraded once launched, and this insecurity worsens over time. As complex systems, they can have long supply chains, and more links in the chain increase the chance of vulnerabilities. Major space projects are also challenged to keep up with best practices over the decade or more needed to build them.
Beware Of Malicious PDF Files That Mimic As Microsoft 2FA Security Update
Phishing attacks are evolving to use QR codes to trick users into entering their credentials on malicious websites, which can be designed to look like legitimate login pages and may even prefill the username field to increase believability.
The FIA has been hacked after workers fell for a phishing attack | TechRadar
In a short press release, the FIA confirmed recent phishing attacks resulted in “unauthorized access to personal data contained in two email accounts belonging to the FIA.”