A sprawling phishing-as-a-service (PhaaS) campaign that has been running since at least last summer is using more than 20,000 fake domains to target a wide range of organizations in more than 100 countries, illustrating the capabilities of an increasingly popular tool among threat actors. The unknown hackers are using a platform called “Darcula” (sic) that..

The post ‘Darcula’ PhaaS Campaign Sinks Fangs into Victims appeared first on Security Boulevard.

Rethink different: First, fatigue frightened users with multiple modal nighttime notifications. Next, call and pretend to be Apple support.

The post Apple OTP FAIL: ‘MFA Bomb’ Warning — Locks Accounts, Wipes iPhones appeared first on Security Boulevard.

The number of zero-day vulnerabilities that are exploited jumped in 2023, with enterprises becoming a larger target and spyware vendors and China-backed cyberespionage groups playing an increasingly bigger role, according to Google cybersecurity experts. In a report this week, researchers with Google’s Threat Analysis Group (TAG) and its Mandiant business said they saw 97 zero-day..

The post Google: Zero-Day Attacks Rise, Spyware and China are Dangers appeared first on Security Boulevard.

Meta MITM IAAP SSL bump: Zuck ordered “Project Ghostbusters”—with criminal consequences, says class action lawsuit.

The post Revealed: Facebook’s “Incredibly Aggressive” Alleged Theft of Snapchat App Data appeared first on Security Boulevard.

As the digital landscape expands exponentially, so do efforts to safeguard personal data, notably through regulations and other actions.

The post Navigating the Complexities of Data Privacy: Balancing Innovation and Protection appeared first on Security Boulevard.

Scary SMS shenanigans: Avoid Telegram’s new “Peer-To-Peer Login” program if you value your privacy or your cellular service.

The post Telegram Privacy Nightmare: Don’t Opt In to P2PL appeared first on Security Boulevard.

The United States, the UK, and other countries this week accused a state-sponsored Chinese threat group of running a massive global hacking campaign for more than a decade that targeted political figures, journalists, businesses, political dissidents, and elections officials to steal information and spy on targets. U.S. Attorney Breon Peace called the work of the..

The post US, UK Accuse China of Years-Long Cyberespionage Campaign appeared first on Security Boulevard.

UNC5174 ❤ UNC302: CVSS 10 and 9.8 vulnerabilities exploited by Chinese threat actor for People’s Republic.

The post China Steals Defense Secrets ‘on Industrial Scale’ appeared first on Security Boulevard.

With the IRS deadline only weeks away, businesses and individuals are racing to get their taxes filed, and bad actors are doing what they can to keep pace with them. Both Microsoft and Malwarebytes in recent days have outlined various scams being used to steal sensitive information, drop malicious payloads, or make payments to fake..

The post Tax Scams Ramping Up as the April 15 Deadline Approaches appeared first on Security Boulevard.

GoFAIL: Researchers worm their way into broken cache-filling microcode in most Macs and iPads.

The post Apple M-Series FAIL: GoFetch Flaw Finds Crypto Keys appeared first on Security Boulevard.