Infosecurity News
Deepfake Digital Identity Fraud Surges Tenfold, Sumsub Report Finds
AI-powered tools are among the top fraud techniques used by threat actors in 2023, according to Sumsub’s third annual Identity Fraud Report
SecurityWeek
Police Dismantle Major Ukrainian Ransomware Operation
Police from several countries have dismantled a major Ukraine-based ransomware operation and arrested its alleged ringleader.
SecurityWeek
Exploitation of Critical ownCloud Vulnerability Begins
Threat actors have started exploiting a critical ownCloud vulnerability leading to sensitive information disclosure.
-1.webp)
Cyber Security News
APT Hackers Behind SysJoker Attacking Critical Industrial Sectors
SysJoker malware was initially discovered to be used by the APT group dubbed "WildCard" and was targeting the educational sector of Israel.
SecurityWeek
Critical Vulnerability Found in Ray AI Framework
A critical issue in open source AI framework Ray could provide attackers with operating system access to all nodes.
SecurityWeek
Los Angeles SIM Swapper Sentenced to 8 Years in Prison
Amir Golshan of Los Angeles was sentenced to 96 months in prison for perpetrating multiple cybercrime schemes.
SecurityWeek
Amazon One Enterprise Enables Palm-Based Access to Physical Locations, Digital Assets
AWS announces Amazon One Enterprise, a palm-based identity service that enables users to easily access physical locations and digital assets.
Ars Technica
Hackers spent 2+ years looting secrets of chipmaker NXP before being detected
Chipmaker claims breach had no "material adverse effect."
The Hacker News
Transform Your Data Security Posture – Learn from SoFi's DSPM Success
This webinar showcases SoFi's success in implementing DSPM and promises real-life case studies and practical strategies for data security.
The Hacker News
Design Flaw in Google Workspace Could Let Attackers Gain Unauthorized Access
Researchers reveal a critical design flaw in Google Workspace, dubbed "DeleFriend," that could allow attackers to steal emails, exfiltrate data.
Security Affairs
Daixin Team group claimed the hack of North Texas Municipal Water District
The Daixin Team group claims to have hacked the North Texas Municipal Water District (US) and threatened to leak the stolen data.
Infosecurity News
Cybercriminals Hesitant About Using Generative AI
An analysis of dark web forums revealed many threat actors are skeptical about using tools like ChatGPT to launch attacks
The Hacker News
How Hackers Phish for Your Users' Credentials and Sell Them
Did you know that a single stolen credential can jeopardize your entire network? Protect your organization against sophisticated phishing attacks. Lea
Cyber Security News
Ardent Health Ransomware Attack: Multiple Hospitals Affected
Ardent Health services were affected by an information Technology cybersecurity incident which has been determined as a Ransomware Attack.
Infosecurity News
Americans Receive Two Billion Spam Calls Per Month
Truecaller warns malicious calls make up the majority
The Hacker News
Key Cybercriminals Behind Notorious Ransomware Families Arrested in Ukraine
A coordinated effort led to the arrest of key figures in Ukraine linked to various ransomware attacks, involving LockerGoga, MegaCortex, and Dharma.
The Hacker News
Stop Identity Attacks: Discover the Key to Early Threat Detection
Account takeover: the new favorite tool for hackers. Discover the latest strategies in identity protection and why traditional methods might not be en
The Hacker News
Hackers Can Exploit 'Forced Authentication' to Steal Windows NTLM Tokens
A vulnerability in Microsoft Access that could be exploited to leak a Windows user’s NTLM tokens.
Infosecurity News
CISA Warns Congress on Chemical Industry Terror Attacks
Security agency wants to resume critical CFATS inspections
SecurityWeek
Ardent Hospitals Diverting Patients Following Ransomware Attack
Ransomware attack forces Ardent hospitals to shut down systems, impacting clinical and financial operations.
Infosecurity News
Ukraine Police Dismantle Major Ransomware Group
Affiliate deployed LockerGoga, MegaCortex, Hive and Dharma
Bleeping Computer
Police dismantle ransomware group behind attacks in 71 countries
In cooperation with Europol and Eurojust, law enforcement agencies from seven nations have arrested in Ukraine the core members of a ransomware group linked to attacks against organizations in 71 countries.
Security Affairs
Healthcare provider Ardent Health Services disclosed a ransomware attack
The US Healthcare provider Ardent Health Services disclosed that it was the victim of a ransomware attack last week.
Cyber Security News
OwnCloud Critical Vulnerability Exploited in the Wild
Owncloud was discovered with a new vulnerability which was associated with the exposure of sensitive information.
Cyber Security News
CISA & NCSC Discloses Guidelines for Secure AI System Development
New security flaws in AI systems must be taken into account in addition to the usual cyber security risks,security is frequently neglected.
CSO
North Korean hackers mix code from proven malware campaigns to avoid detection
Threat actors are combining RustBucket loader with KandyKorn payload to effect an evasive and persistent RAT attack.
The Hacker News
N. Korean Hackers 'Mixing' macOS Malware Tactics to Evade Detection
Lazarus Group's evolving cyber tactics target macOS systems by combining elements from multiple malware campaigns for better effectiveness and to avoi
The Record
English council spent £1.1 million recovering from ransomware attack
Gloucester's local government released the expense figures related to a 2021 attack. The council had received a formal reprimand from the Information Commissioner's Office in August.
Jule-Nisserne
Julenisserne Overvåger Brun Bjørn
Julenisserne har i flere år overvåget aktiviteterne af hackergruppen Brun Bjørn for at sikre, at de ikke forstyrrer julen.
The Record
High-profile ransomware gang suspects arrested in Ukraine
The international operation, centered on Kyiv, essentially neutralized a group known for deploying variants of LockerGoga, MegaCortex, Hive and Dharma ransomware, authorities said.
Bleeping Computer
Microsoft deprecates Defender Application Guard for Office
Microsoft is deprecating Defender Application Guard for Office and the Windows Security Isolation APIs, and it recommends Defender for Endpoint attack surface reduction rules, Protected View, and Windows Defender Application Control as an alternative.
DarkReading
General Electric, DARPA Hack Claims Raise National Security Concerns
Weapons systems data, AI research, and other classified information may be up for sale, not to mention access to other government agencies.
Ars Technica
New “Stable Video Diffusion” AI model can animate any still image
Given GPU and patience, SVD can turn any image into a 2-second video clip.
Bleeping Computer
Ransomware attack on indie game maker wiped all player accounts
A ransomware attack on the "Ethyrial: Echoes of Yore" MMORPG last Friday destroyed 17,000 player accounts, deleting their in-game items and progress in the game.
Bleeping Computer
Healthcare giant Henry Schein hit twice by BlackCat ransomware
American healthcare company Henry Schein has reported a second cyberattack this month by the BlackCat/ALPHV ransomware gang, who also breached their network in October.
Ars Technica
Amazon’s $195 thin clients are repurposed Fire TV Cubes
Amazon Workspaces Thin Client is a Fire TV Cube with different software.
Latest Hacking News
Multiple Vulnerabilities Found In ownCloud File Sharing App
Numerous security vulnerabilities riddled the privacy of ownCloud users that the vendor patched recently. Exploiting these vulnerabilities could expose users’ passwords to potential adversaries. ownCloud Vulnerabilities Risked User Accounts According to the recent advisories, ownCloud addressed three
Security Affairs
Ukraine's intelligence service hacked Russia's Federal Air Transport Agency, Rosaviatsia
Ukraine's intelligence service announced the hack of the Russian Federal Air Transport Agency, 'Rosaviatsia.'
Bleeping Computer
Ukraine says it hacked Russian aviation agency, leaks data
Ukraine's intelligence service, operating under the Defense Ministry, claims they hacked Russia's Federal Air Transport Agency, 'Rosaviatsia,' to expose a purported collapse of Russia's aviation sector.
The Hacker News
How to Handle Retail SaaS Security on Cyber Monday
Cyber Monday Alert: $13.7 billion in spending today! Retailers, safeguard your SaaS apps to protect customer data.
Bleeping Computer
Ardent hospital ERs disrupted in 6 states after ransomware attack
Ardent Health Services, a healthcare provider operating 30 hospitals across five U.S. states, disclosed today that its systems were hit by a ransomware attack on Thursday.
Infosecurity News
Cybersecurity Incident Hits Fidelity National Financial
The Alphv/BlackCat ransomware group has claimed responsibility for the attack
Latest Hacking News
Microsoft Defender Lures Researchers With Bug Bounty Program
The Redmond giant has introduced a dedicated bug bounty program for its Microsoft Defender security solution. Under this program, the tech giant aims to pay up to $20,000 as bounties to the security researchers and
Infosecurity News
SysJoker Malware: Hamas-Related Threat Expands With Rust Variant
CPR said the malware now uses OneDrive instead of Google Drive for storing dynamic C2 server URLs
Bleeping Computer
Slovenia's largest power provider HSE hit by ransomware attack
Slovenian power company Holding Slovenske Elektrarne (HSE) has suffered a ransomware attack that compromised its systems and encrypted files, yet the company says the incident did not disrupt electric power production.
SecurityWeek
Critical ownCloud Flaws Lead to Sensitive Information Disclosure, Authentication Bypass
Three critical vulnerabilities in ownCloud could lead to sensitive information disclosure and authentication and validation bypass.
Security Affairs
Iranian hacker group Cyber Av3ngers hacked the Municipal Water Authority of Aliquippa in Pennsylvania
Threat actors breached the Municipal Water Authority of Aliquippa in Pennsylvania and took control of a booster station
Latest Hacking News
Konni RAT Malware Campaign Spreads Via Malicious Word Files
Researchers caught a new campaign from the notorious Konni RAT malware exploiting malicious Word files. The threat actors distribute the malware via malicious macros embedded in Word files that infect the target systems. Konni RAT Malware
Bleeping Computer
Leveraging Wazuh to combat insider threats
Effective strategies for mitigating insider threats involve a combination of detective and preventive controls. Such controls are provided by the Wazuh SIEM and XDR platform.
Bleeping Computer
Google Drive users angry over losing months of stored data
Google Drive users are reporting that recent files stored in the cloud have suddenly disappeared, with the cloud service reverting to a storage snapshot as it was around April-May 2023.
SecurityWeek
Henry Schein Again Restoring Systems After Ransomware Group Causes More Disruption
Healthcare solutions giant Henry Schein is once again restoring systems after ransomware group claims it re-encrypted files.