Bill Toulas

Cyprus, Nicosia

Technology Writer and Infosec News Reporter at Bleeping Computer

Infosec news @BleepinComputer

Featured in: Favicon

bleepingcomputer.com Favicon

flipboard.com Favicon

newsbreak.com Favicon

acs.org.au Favicon

industrytap.com Favicon

technadu.com Favicon

codeproject.com Favicon

ourcommunitynow.com Favicon

ia.acs.org.au

Articles

Entertainment services giant Legends International discloses data breach

1 week ago | bleepingcomputer.com | Bill Toulas

Entertainment venue management firm Legends International warns it suffered a data breach in November 2024, which has impacted employees and people who visited venues under its management. In a notification letter shared with the authorities, the company informs that it detected unauthorized activity in its IT systems on November 9, 2024, prompting an investigation carried out with the help of external cybersecurity experts.
Windows NTLM hash leak flaw exploited in phishing attacks on governments

1 week ago | bleepingcomputer.com | Bill Toulas

A Windows vulnerability that exposes NTLM hashes using .library-ms files is now actively exploited by hackers in phishing campaigns targeting government entities and private companies. The flaw tracked as CVE-2025-24054 was fixed in Microsoft's March 2025 Patch Tuesday. Initially, it was not marked as actively exploited and was assessed as 'less likely' to be.
Chrome extensions with 6 million installs have hidden tracking code

1 week ago | bleepingcomputer.com | Bill Toulas

A set of 57 Chrome extensions with 6,000,000 users have been discovered with very risky capabilities, such as monitoring browsing behavior, accessing cookies for domains, and potentially executing remote scripts. These extensions are 'hidden,' meaning they don't show up on Chrome Web Store searches, nor do search engines index them, and can only be installed if the user has the direct URL.
Ahold Delhaize confirms data theft after INC ransomware claims attack

1 week ago | bleepingcomputer.com | Bill Toulas

Food retail giant Ahold Delhaize confirms that data was stolen from its U.S. business systems during a November 2024 cyberattack. "Based on our investigation to date, certain files were taken from some of our internal U.S. business systems," a spokesperson confirmed to BleepingComputer.
Midnight Blizzard deploys new GrapeLoader malware in embassy phishing

1 week ago | bleepingcomputer.com | Bill Toulas

Russian state-sponsored espionage group Midnight Blizzard is behind a new spear-phishing campaign targeting diplomatic entities in Europe, including embassies. Midnight Blizzard, aka 'Cozy Bear' or 'APT29,' is a state-sponsored cyberespionage group linked to Russia's Foreign Intelligence Service (SVR). According to Check Point Research, the new campaign introduces a previously unseen malware loader called 'GrapeLoader,' and a new variant of the 'WineLoader' backdoor.
Landmark Admin data breach impact now reaches 1.6 million people

1 week ago | bleepingcomputer.com | Bill Toulas

Landmark Admin has issued an update to its investigation of a cyberattack it suffered in May 2024, increasing the number of impacted individuals to 1.6 million. Landmark is a Texas-based third-party administrator (TPA) handling policy accounting, regulatory reporting, reinsurance support, and IT systems for major insurers nationwide like Liberty Bankers Life and American Benefit Life. In October 2024, the company warned that it detected suspicious activity on its networks on May 13th, 2024.
Google adds Android auto-reboot to block forensic data extractions

1 week ago | bleepingcomputer.com | Bill Toulas

Google is rolling out a new security mechanism on Android devices that will automatically reboot locked, unused devices after three consecutive days of inactivity, restoring memory to an encrypted state. Although the tech giant has not commented on the exact motives behind the addition of this feature, it is expected to make data extraction by advanced forensic tools harder by bringing devices into a non-exploitable state more often.
Cybersecurity firm buying hacker forum accounts to spy on cybercriminals

1 week ago | bleepingcomputer.com | Bill Toulas

Swiss cybersecurity firm Prodaft has launched a new initiative called 'Sell your Source' where the company purchases verified and aged accounts on cybercrime forums to conduct threat intelligence operations. The goal is to use these accounts to infiltrate cybercrime spaces and communities, collecting valuable intelligence that could lead to the exposure of malicious operations and platforms.
SSL/TLS certificate lifespans reduced to 47 days by 2029

1 week ago | bleepingcomputer.com | Bill Toulas

The CA/Browser Forum has voted to significantly reduce the lifespan of SSL/TLS certificates over the next 4 years, with a final lifespan of just 47 days starting in 2029. The CA/Browser Forum is a group of certificate authorities (CAs) and software vendors, including browser developers, working together to establish and maintain security standards for digital certificates used in Internet communications.
New ResolverRAT malware targets pharma and healthcare orgs worldwide

1 week ago | bleepingcomputer.com | Bill Toulas

A new remote access trojan (RAT) called 'ResolverRAT' is being used against organizations globally, with the malware used in recent attacks targeting the healthcare and pharmaceutical sectors. ResolverRAT is distributed through phishing emails claiming to be legal or copyright violations tailored to languages that match the target's country.