There's a new hacking campaign underway that you need to be aware of especially if you or anyone you know is interested in upgrading to Windows 11. The campaign appears to be a legitimate offer from Microsoft and it gives users the opportunity to upgrade to Windows 11 for free. Unlike many campaigns of this type, this one distinguishes itself in that it does not rely on emails that spoof the Microsoft brand.
Netflix has been talking about cracking down on password sharing for years. So far, it's been just talk. Recently, the company suffered its first decrease in subscribers in recent memory. They lost more than 200,000 in the first quarter of 2022. That is a fact which sent their stock price reeling. According to the company's estimates, some 100 million households are currently sharing their passwords. It's a safe bet that now the company is serious about it, so you can expect the crackdown to begin pretty much any time.
If you rely on a Microsoft Exchange server to handle email for your company, there is something you should be aware of. Recent research by security and analytics company Varonis has discovered that an affiliate of Hive ransomware has begun targeting Exchange servers that are vulnerable to ProxyShell security issues. If the group in question finds a vulnerable server, they'll install a variety of backdoors including Cobalt Strike beacon. That allows them to come back later and snoop around in your network for anything of value, steal administrator account credentials, make off with your company's proprietary data, or encrypt your files and demand payment from you to get them back.
Has your Windows 10 machine been mysteriously freezing up on you lately? If it has, you're not alone. Fortunately, Microsoft's engineers have identified the root cause of that issue and have released a patch that fixes it. The patch you're looking for is KB5012636. Be aware that this is a cumulative update preview patch for both Windows 10 (1809) and Windows Server 2019. It is part of the company's scheduled April 2022 "
Do you have an Android device? Is it built around a Qualcomm or MediaTek chipset? If you answered yes to both of those questions, be aware that researchers at Check Point have recently discovered an issue which could put your device at risk. The team discovered a flaw in the implementation of the ALAC (Apple Lossless Audio Codec) which was open-sourced back in 2011. The flaw could allow remote code execution on your device and unfortunately, Qualcomm and MediaTek are two of the industry's largest chip manufacturers.
Considered to be social media for professionals, LinkedIn is an invaluable tool for millions of people all over the world and a great way to make a wide range of professional connections. Unfortunately, hackers and scammers are aware of this fact and tend to gravitate to it as well. They are hoping to take advantage of the unsuspecting. Recent research from the cybersecurity company Check Point reveals that LinkedIn has become the most spoofed brand in phishing attacks.
Millions of people around the world have leveraged the awesome power of WordPress to build their sites. Whether for personal or business use, WordPress has the flexibility and functionality to create just about any type of site you can dream of. A large part of this flexibility comes from the power of plugins, but that's the problem. With thousands of plugins available, there are lots of opportunities for hackers.
The owners of the Qbot botnet are changing things up. The botnet's normal Modus Operandi for distributing their signature Qbot malware has been to push their malicious code via phishing emails which contain Microsoft Office documents laden with poisoned macros. More recently though, the group behind the botnet has switched to phishing emails carrying password-protected ZIP files which contain malicious MSI Windows Installer packages. It's the first time we've seen this tactic from Qbot and no one is sure what drove the change.
There's a new strain of malware that specifically targets Android users that you should be aware of. Dubbed simply "Fakecalls," it is a banking trojan that boasts a powerful new ability we haven't seen before in the malware world. It can fake a call from your bank. On its face, it looks like most of the other mobile banking apps that Android users install. The graphics are well-done and it's a convincing copy of the banking software that it seeks to emulate.
If you have any tools in your garage, odds are good that at least a few of them are Snap-on tools. The brand is ubiquitous in the United States and the company is one of the leading manufacturers globally. They sell under a variety of different brand names and some of them you may not have heard of. Their brands include including Norbar, Blue-Point, Blackhawk Mitchell1, and Williams. Recently, the Snap-on corporation disclosed that the company had been the victim of a successful data breach, making them the latest in an unending succession of large companies to feel the sting of hackers.
March 20nd, 2026
March 19nd, 2026