Author: Admin

A former NFL player has become the latest in a long line of individuals sent down for defrauding a US government COVID-19 relief scheme. Joshua Bellamy, 32, of St. Petersburg, Florida, pleaded guilty to conspiracy to commit wire fraud back in June, and was sentenced on Friday to 37 months in a federal prison. He fraudulently obtained $1.2m via a Paycheck Protection Program (PPP) loan guaranteed by the Small Business Administration (SBA) under the US…

An online extortionist described by police as “sadistic” and “depraved” has been jailed for 32 years following a string of horrific crimes targeting nearly 2000 victims. Abdul Hasib Elahi, 26, of Sparkhill in Birmingham, is said to have pretended to be a businessman or stockbroker when he frequented “sugar daddy” websites and social media sites. Targeting victims that were in debt or too young even to be on the sites, he promised to pay thousands…

Security teams across the globe have been scrambling to address a dangerous new zero-day vulnerability in a popular Apache logging system currently being exploited in the wild. Dubbed ‘Log4Shell,’ the bug is found in the Log4j Java-based logging product and can lead to relatively straightforward remote code execution which would allow attackers to deploy malware on a targeted server. The exploit is dangerous for two reasons: Log4j is used by applications and platforms found all…

The info-stealing malware TinyNuke has re-emerged in a new campaign targeting French users with invoice-themed lures in emails sent to corporate addresses and individuals working in manufacturing, technology, construction, and business services. The goal of this campaign is to steal credentials and other private information and install additional payloads onto a compromised system. Re-emergence of TinyNuke The TinyNuke malware activity first appeared in 2017, culminated in 2018, then dropped significantly in 2019, and almost faded out…

Organizations around the world will be dealing with the long-tail consequences of this vulnerability, known as Log4Shell, for years to come. The discovery of a critical flaw in the Apache Log4j software is nothing short of a Fukushima moment for the cybersecurity industry. Ten years ago, an earthquake and subsequent tidal wave triggered the meltdown of the Fukushima nuclear power plant that continues to plague the region today. Similarly, the early exploitation of Log4j, during…

Phishing attempts over text messages are becoming more prevalent. I received an SMS text message that contained a phishing attempt for a Canadian Bank. The message implied that I have received a new notification with this bank and I should visit the provided link. I usually do not click on any links, but I decided to see what would happen when I navigated to the page.  TD – Phish Text: The Fake TD Login Page…