Todays news

Panda Restaurant Group disclosed a data breach

Panda Restaurant Group disclosed a data breach that occurred in March, resulting in the theft of associates' personal information.

Cyber Security News

Beware! Threat Actors Selling RDP Access on Hacker Forums

Cybersecurity communities are on high alert as threat actors have begun selling RDP access on various underground hacker forums.

Cyber Security News

Critical MailCleaner Vulnerabilities Let Attackers Execute arbitrary command

Critical vulnerabilities in MailCleaner versions before 2023.03.14 allow attackers to take control of appliances through malicious emails

The Hacker News

CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability

A critical flaw (CVE-2023-7028) is being actively exploited, allowing account takeover by sending password reset emails to unverified addresses.

The Cyber Express

5 hours ago

Hacktivists Claim Cyberattack on Columbia University After Police Crackdown on Protests

Anonymous Arabia, a notorious group of hacktivists, has allegedly launched a cyberattack on Columbia University in response to the recent

The Hacker News

6 hours ago

New Cuttlefish Malware Hijacks Router Connections, Sniffs for Cloud Credentials

Attention SOHO router users! A new malware called Cuttlefish is on the prowl, stealthily monitoring your traffic and stealing authentication data.

DarkReading

6 hours ago

'DuneQuixote' Shows Stealth Cyberattack Methods Are Evolving

A recent campaign targeting Middle Eastern government organizations plays standard detection tools like a fiddle. Cyber defenders must keep pace.

CSO

7 hours ago

Dropbox Sign hack exposed user data, raises security concerns for e-sign industry

The names and email addresses of those customers were also exposed who had never created an account with Dropbox Sign but had “received or signed a document through Dropbox Sign.”

CSO

7 hours ago

UnitedHealth hack may impact a third of US citizens: CEO testimony

Despite paying a $22 million ransom in Bitcoin to regain access to encrypted files, the company cannot confirm whether copies of the data were made or published online.

Cyber Security News

8 hours ago

Dropbox Sign Hacked: Attackers Stolen API Keys, MFA, & Hashed Passwords

Dropbox disclosed a significant security breach affecting its electronic signature service, Dropbox Sign (formerly known as HelloSign).

SecurityWeek

10 hours ago

Change Healthcare Cyberattack Was Due to a Lack of Multifactor Authentication, UnitedHealth CEO says

The Change Healthcare cyberattack started when hackers entered a server that lacked a basic form of security: multi-factor authentication.

SecurityWeek

10 hours ago

Deepfake of Principal’s Voice Is the Latest Case of AI Being Used for Harm

Police say a principal from a Maryland high school was framed as racist by a fake recording of his voice using AI-based deepfake technology.

Ars Technica

10 hours ago

Hacker free-for-all fights for control of home and office routers everywhere

How and why nation-state hackers and cybercriminals coexist in the same router botnet.

Trend Micro

11 hours ago

Deepfakes and AI-Driven Disinformation Threaten Polls

Cheap and easy access to AI makes it harder to detect state-sponsored and homegrown campaigns during this election year

DarkReading

11 hours ago

UnitedHealth Congressional Testimony Reveals Fails

The breach used stolen Citrix credentials for an account with no MFA. Attackers went undetected for days, and Change's backup strategy failed.

CSO

11 hours ago

NIST publishes new guides on AI risk for developers and CISOs

Companion publications to NIST’s AI Risk Management Framework explore a long worry list in more detail and are likely to become essential reading for security professionals.

Bleeping Computer

12 hours ago

HPE Aruba Networking fixes four critical RCE flaws in ArubaOS

HPE Aruba Networking has issued its April 2024 security advisory detailing critical remote code execution (RCE) vulnerabilities impacting multiple versions of ArubaOS, its proprietary network operating system.

Bleeping Computer

12 hours ago

DropBox says hackers stole customer data, auth secrets from eSignature service

Cloud storage firm DropBox says hackers breached production systems for its DropBox Sign eSignature platform and gained access to authentication tokens, MFA keys, hashed passwords, and customer information.

Ars Technica

13 hours ago

Anthropic releases Claude AI chatbot iOS app

Anthropic finally comes to mobile, launches plan for teams that includes 200K context window.

DarkReading

14 hours ago

Shadow APIs: An Overlooked Cyber-Risk for Orgs

Unmanaged and unknown Web services endpoints are just some of the challenges organizations must address to improve API security.

DarkReading

14 hours ago

Quantas Customers' Boarding Passes Exposed in Flight App Mishap

Some customers found that they had the ability to cancel a stranger's flight to another country after opening the app, which was showing other individuals' flight details.

Bleeping Computer

15 hours ago

US govt warns of pro-Russian hacktivists targeting water facilities

The US government is warning that pro-Russian hacktivists are seeking out and hacking into unsecured operational technology (OT) systems used to disrupt critical infrastructure operations.

CSO

Most interesting products to see at RSAC 2024

Tools, platforms, and services that the CSO team recommends 2024 RSA Conference attendees check out.

SecurityWeek

Oasis Security Raises $35 Million to Tackle Non-Human Identity Management

New York startup Oasis Security banks $35 million in a Series A extension round led by Accel, Cyberstarts, and Sequoia Capital.

Security Affairs

Ex-NSA employee sentenced to 262 months in prison for attempting to transfer classified documents to Russia

A former U.S. NSA employee has been sentenced to nearly 22 years in prison for attempting to sell classified documents to Russia.

SecurityWeek

Traceable AI Raises $30 Million to Safeguard Cloud APIs

Traceable AI has raised $110 million since launching in 2018 with ambitious plans in the competitive API security and observability space.

Bleeping Computer

Save $154 and get certified with this cybersecurity exam prep bundle

Cybersecurity is increasingly everybody's concern, and getting certified helps you skill up and get up to speed. These eight cybersecurity exam prep courses get you ready for $29.97, $154 off the $184 MSRP only for a limited time.

Security Affairs

Cuttlefish targets enterprise-grade SOHO routers

Cuttlefish malware targets enterprise-grade and small office/home office (SOHO) routers to harvest public cloud authentication data.

Bleeping Computer

Panda Restaurants discloses data breach after corporate systems hack

Panda Restaurant Group, the parent company of Panda Express, Panda Inn, and Hibachi-San, disclosed a data breach after attackers compromised its corporate systems in March and stole the personal information of an undisclosed number of individuals.

DarkReading

'Cuttlefish' Zero-Click Malware Steals Private Cloud Data

The newly discovered malware, which has so far mainly targeted Turkish telcos and has links to HiatusRat, infects routers and performs DNS and HTTP hijacking attacks on connections to private IP addresses

HACKRead

Muddling Meerkat Group Suspected of Espionage via Great Firewall of China

Uncover the "Muddling Meerkat," a China-linked threat actor manipulating the DNS. Infoblox research reveals a sophisticated group with deep DNS expertise and potential ties to the Great Firewall. Learn their tactics and how to stay protected.

Infosecurity News

LockBit, Black Basta, Play Dominate Ransomware in Q1 2024

The data from ReliaQuest also suggests LockBit faced a significant setback due to law enforcement action

CyberScoop

Pro-Russia hacktivists attacking vital tech in water and other sectors, agencies say

Other sectors that the hacktivists — who sometimes pose physical threats — are targeting in North America and Europe include energy and agriculture, according to a Wednesday advisory.

Bleeping Computer

French hospital CHC-SV refuses to pay LockBit extortion demand

The Hôpital de Cannes - Simone Veil (CHC-SV) in France announced it received a ransom demand from the Lockbit 3.0 ransomware gang, saying they refuse to pay the ransom.

Bleeping Computer

CISA says GitLab account takeover bug is actively exploited in attacks

CISA warned today that attackers are actively exploiting a maximum-severity GitLab vulnerability that allows them to take over accounts via password resets.

Ars Technica

The BASIC programming language turns 60

Easy-to-use language that drove Apple, TRS-80, IBM, and Commodore PCs debuted in 1964.

Infosecurity News

19 hours ago

UnitedHealth CEO Confirms Breach Tied to Stolen Credentials, No MFA

Andrew Witty made the claims in a written testimony submitted before a House subcommittee hearing

Security Affairs

19 hours ago

A flaw in the R programming language could allow code execution

A flaw in the R programming language enables the execution of arbitrary code when parsing specially crafted RDS and RDX files.

Bleeping Computer

19 hours ago

Microsoft: April Windows Server updates cause NTLM auth failures

Microsoft has confirmed customer reports of NTLM authentication failures and high load after installing last month's Windows Server security updates.

SecurityWeek

Google Boosts Bug Bounty Payouts Tenfold in Mobile App Security Push

Researchers can earn as much as $450,000 for a single vulnerability report as Google boosts its mobile vulnerability rewards program.

SecurityWeek

Adobe Adds Content Credentials and Firefly to Bug Bounty Program

Adobe is providing incentives for bug bounty hackers to report security flaws in its implementation of Content Credentials and Adobe Firefly.

SecurityWeek

Cuttlefish Malware Targets Routers, Harvests Cloud Authentication Data

Malware platform roaming around enterprise SOHO routers capable of covertly harvesting public cloud authentication data from internet traffic.

Cyber Security News

Top 8 SSPM Tools to Secure Your SaaS Stack in 2024

The explosion of cloud-based applications, or SaaS (Software-as-a-Service), has transformed the way businesses operate.

The Hacker News

Bitcoin Forensic Analysis Uncovers Money Laundering Clusters and Criminal Proceeds

How does blockchain pseudonymity enable financial crime detection? By combining it with knowledge of licit and illicit crypto services, machine learni

Bleeping Computer

Microsoft says April Windows updates break VPN connections

Microsoft says the April 2024 Windows security updates break VPN connections on Windows 11, Windows 10, and Windows Server systems.

Infosecurity News

1 in 5 US Ransomware Attacks Triggers Lawsuit

Comparitech found that 18% of ransomware incidents in the US led to a lawsuit in 2023, with 59% of completed lawsuits since 2018 proving successful

SecurityWeek

Machine Identity Firm Venafi Readies for the 90-day Certificate Lifecycle

Venafi’s 90-Day TLS Readiness solution enhances its existing technology to provide full, demonstrable, and visible compliance with the coming 90-day mandate.

SecurityWeek

DeepKeep Launches AI-Native Security Platform With $10 Million in Seed Funding

DeepKeep, which provides an AI-Native Trust, Risk, and Security Management (TRiSM) platform, has raised $10 million in seed funding.

The Hacker News

Android Malware Wpeeper Uses Compromised WordPress Sites to Hide C2 Servers

Researchers have uncovered a new Android malware called Wpeeper that uses compromised WordPress sites to hide its true command-and-control servers.

Bleeping Computer

Qantas app exposed sensitive traveler details to random users

Qantas Airways confirms that some of its customers were impacted by a misconfiguration in its app that exposed sensitive information and boarding passes to random users.

Infosecurity News

22 hours ago

Lawsuits and Company Devaluations Await For Breached Firms

New report from Netwrix reveals unplanned expenses impact half of breached firms, including a surge in lawsuits

Bleeping Computer

22 hours ago

New Cuttlefish malware infects routers to monitor traffic for credentials

A new malware named 'Cuttlefish' has been spotted infecting enterprise-grade and small office/home office (SOHO) routers to monitor data that passes through them and steal authentication information.

The Cyber Express

22 hours ago

Hacker Makes Claim of Largest Attack on United Arab Emirates in History

The cybersecurity community is on edge after an unidentified threat actor operating under the username 'UAE', claimed responsibility for a

Security Magazine

Ransomware gang RAGroup activities increased by more than 300%

New data analyzing ransomware group activities has found that activity from the ransomware gang RAGroup has risen by 300% since December.

SecurityWeek

CISO Conversations: Talking Cybersecurity With LinkedIn's Geoff Belknap and Meta's Guy Rosen

SecurityWeek discusses cybersecurity leadership with Geoff Belknap, CISO at LinkedIn, and Guy Rosen, CISO at Facebook parent company Meta.

Infosecurity News

Vulnerability Exploits Triple as Initial Access Point for Breaches

The growth of software supply chain attacks pushed vulnerability exploits to the third most used initial access method, Verizon found

SecurityWeek

Wpeeper Android Trojan Uses Compromised WordPress Sites to Shield Command-and-Control Server

Chinese cybersecurity firm QAX XLab uncovered an Android trojan that hides its command-and-control server behind compromised WordPress sites.

Bleeping Computer

Protect your data without losing speed with $233 off SurfShark VPN

A VPN lets you connect anywhere with confidence that snoops and thieves won't be able to tap into your data. This two-year subscription to SurfShark VPN gives you unlimited bandwidth and device connection for $56.99, $233 off the $290 MSRP.

The Hacker News

Everyone's an Expert: How to Empower Your Employees for Cybersecurity Success

Master the art of choosing a security awareness training (SAT) solution that can drive meaningful changes for you and your organization.

Infosecurity News

Infosecurity Europe Keynote: Building Strong Teams and Driving Change

Join Claire Williams at Infosecurity Europe to learn how F1 leadership strategies can inspire cybersecurity leaders

The Cyber Express

Best Practices to Secure your Supply Chains

National Supply Chain Day, which was recently observed on April 29, serves as a dedicated day to recognize the critical

The Hacker News

ZLoader Malware Evolves with Anti-Analysis Trick from Zeus Banking Trojan

ZLoader modular malware trojan has resurfaced with anti-analysis feature that prevents execution on machines different from the original infection.

Infosecurity News

NCSC’s New Mobile Risk Model Aimed at “High-Threat” Firms

The UK’s National Cyber Security Centre claims its AMS model will protect firms from state-backed mobile threats

Security Affairs

Muddling Meerkat, a mysterious DNS Operation involving China's Great Firewall

The China-linked threat actors Muddling Meerkat are manipulating DNS to probe networks globally since 2019..

Latest Hacking News

Judge0 Vulnerabilities Could Allow Sandbox Escape

A security researcher discovered a security vulnerability in the Judge0 system, which received a patch that could further be bypassed, leading to further vulnerabilities. While the developer eventually patched the issue after repeated exploits, the

Cyber Security News

Hackers Infiltrated 9-days Within UnitedHealth Network Before Ransomware Attack

The cyberattack, which unfolded on the morning of February 21, 2024, was the culmination of a 9-day silent infiltration by the hackers within the UnitedHealth network.

Cyber Security News

Malware Cuckoo - Previously Unknown Infosteler Spyware Steals Data From MacOS

a previously undetected malware threat for macOS that exhibits characteristics of both an infostealer and spyware.

The Hacker News

Ex-NSA Employee Sentenced to 22 Years for Trying to Sell U.S. Secrets to Russia

Former NSA employee sentenced to nearly 22 years in prison for attempting to sell classified documents to Russia.

The Cyber Express

Ladakh Social Welfare Department Data Hit By Alleged Cyberattack

A threat actor has claimed to have leaked the database of the Department of Social Welfare Ladakh, Government of India.

Cyber Security News

Postman API Testing Platform Flaw Exposes Sensitive Credentials

Live secrets from 183 different SaaS and cloud providers, including giants like AWS, GCP, OpenAI, GitHub, and Postman itself, were found leaking on the platform.

DarkReading

Verizon DBIR: Basic Security Gaffes Cause Breach Surge

MOVEit drove a big chunk of the increase, but social engineering and failure to patch led to a doubling of data breaches since 2023, said Verizon Business.

Security Magazine

Security’s Top 5 – March 2024

In this edition of Security’s Top 5 from Security magazine, we showcase the top stories and new developments from across the security industry throughout March.

Cyber Security News

Millions of Docker Hub Repositories Found Pushing Malware for Over 5 Years

Repositories on Docker Hub, a popular platform for developers to store and share containerized applications, have been exploited to spread malicious software and phishing scams.

SecurityWeek

UnitedHealth CEO Says Hackers Lurked in Network for Nine Days Before Ransomware Strike

UnitedHealth Group’s CEO Andrew Witty shares details on the damaging cyberattack in testimony before a US Congress committee on May 1.

The Record

UnitedHealth CEO confirms company paid $22 million ransom in heated Senate hearing

CEO Andrew Witty blamed Change Healthcare's legacy technologies and lack of multifactor authentication for the cyberattack, which disrupted the medical industry nationwide.

SC Magazine

Senators grill UnitedHealth CEO on Change Healthcare cyberattack

Andrew Witty stuck with the familiar corporate line of providing consumers with two years of credit monitoring.

The Record

Critical infrastructure operators urged to harden systems against pro-Russia hackers

The Cybersecurity and Infrastructure Security Agency (CISA) and international partners are warning about weak security practices in operational technology (OT) that could be targeted by pro-Russia hackers.

The Record

Dropbox says hacker accessed passwords, authentication info during breach

The company told federal regulators that it discovered unauthorized access to the production environment of its Dropbox Sign product.

The Record

Recovering from ransomware attack could cost remote Scottish council £500,000

While progress is being made to replace the systems impacted by the attack, it could be another six months before things return to normality.

The Record

It’s time to rethink the national vulnerabilities database for the AI era, senators say

Sens. Mark Warner and Thom Tillis want to see changes in the federal NVD to reflect how different AI systems can be from traditional software and hardware.

The Record

Zelensky officially dismisses Ukrainian security services' cyber chief

Ukraine's president issued a decree confirming the discharge of Illia Vitiuk, who had been suspended from his post at the SBU in April.

SC Magazine

Verizon’s 2024 Data Breach Investigations Report: 5 key takeaways

Vulnerability exploits, pure extortion and internal risks are on the rise, while AI threats fall short.

Trend Micro

Router Roulette: Cybercriminals and Nation-States Sharing Compromised Networks

This blog entry aims to highlight the dangers of internet-facing routers and elaborate on Pawn Storm's exploitation of EdgeRouters, complementing the FBI's advisory from February 27, 2024.

The Record

More than 100 arrested in Spain in $900,000 WhatsApp scheme

To trick their victims, the scammers posed as a family member — typically a son — in some distressing situation requiring urgent financial help, Spanish police said.

SC Magazine

China's attacks on critical infrastructure ‘tip of the iceberg'

CISA Director Jen Easterly told lawmakers that Chinese cyberespionage threats warrants budget boost.

Bleeping Computer