CyberNews
Britain's Ministry of Defence (MoD) published an open letter to Youtube asking it to take down the clips of a prank call to defense minister Ben Wallace
DataBreaches
By Ben Seri and Barak Hadad Nine vulnerabilities in critical infrastructure used by 80% of major hospitals in North America. Swisslog’s Translogic Pneumatic...
DataBreaches
Ben Bokun and Alice Reid report: The Menominee Casino Resort confirms it’s experiencing technical difficulties following a cyberattack. A statement from...
ZDNet
Cybersecurity researchers at Ben-Gurion University demonstrate a novel technique that steals data using electromagnetic radiation and a $1 antenna.
DataBreaches
Amitai Ben Shushan Ehrlick reports: SentinelLabs has been tracking the activity of Agrius, a suspected Iranian threat actor operating in the Middle East,...
DataBreaches
Ben Scallan reports: UL Hospitals Group, responsible for managing six hospitals in the midwest region, announced a significant data breach resulting in the...
DataBreaches
Ben Lovejoy reports: A massive Twitter data breach last year, exposing more than five million phone numbers and email addresses, was worse than initially...
DataBreaches
Ben Martin reports: A cyberattack on Revolut has compromised the personal details of more than 50,000 people. The breach at the app-based payments company...
DataBreaches
Ben Feuerherd reports: A computer glitch in a secretive software program used by the FBI allowed some unauthorized employees to access private data for more...
DataBreaches
Ben Potter and Carrie LaFrenz report: In the third major corporate security breach in as many weeks, Woolworths is scrambling to contact 2.2 million customers...
DataBreaches
Ben Knight and Harrison Tippet report: Victoria’s court system has been hit by a ransomware attack, which independent experts believe was orchestrated by...
DataBreaches
Ben Lovejoy reports: Twitter GodMode – an internal tool that hackers used to tweet from high-profile accounts, including Apple, back in 2020 – remains...
DataBreaches
Ben Doherty reports: The Australian government may be liable for tens of millions of dollars in compensation to asylum seekers after it posted their personal...
DataBreaches
Ben Cubby reports: Personal information of more than 130,000 Telstra customers has been exposed in the latest large-scale privacy breach to strike big...
DataBreaches
Ben Cooper reports: A nurse who accessed confidential medical records including those of people she met online dating has been allowed to continue working by a...
DataBreaches
Ben Crnic reports: A data breach may have exposed information related to some students at a school district in Northern Westchester. The breach was announced...
DataBreaches
Ben Zion Gad reports: The hacker group “Black Shadow” has leaked data from various Israeli companies, such as LGBTQ dating app “Atraf”,...
DataBreaches
Ben Edwards reports: UK listed law firm Gateley said that it has suffered a cyberattack, according to a filing to the London Stock Exchange on Wednesday. The...
CyberSecurity Dive
CrushFTP CEO Ben Spink said the company isn’t aware of any data theft thus far, but researchers see echoes of MOVEit exploits and other high-profile file-transfer vulnerabilities.
Infosecurity News
At RSA, cybersecurity experts discussed the unique nature of software supply chain attacks and approaches to tackling this growing threat
The Record
Ben Wiseman, associate director for the Division of Privacy and Identity Protection at the FTC, talks about commercial surveillance, connected cars and the agency's overall approach to regulating what companies collect and share about people.
Security Affairs
GAIROSCOPE: An Israeli researcher demonstrated how to exfiltrate data from air-gapped systems using ultrasonic tones and smartphone gyroscopes. The popular researcher Mordechai Guri from the Ben-Gurion University of the Negev in Israel devise an attack technique, named GAIROSCOPE, to exfiltrate data from air-gapped systems using ultrasonic tones and smartphone gyroscopes. The attack requires that the […]
Bleeping Computer
OpenAI and Stack Overflow recently teamed up to improve AI models. OpenAI will have access to Stack Overflow's API and feedback from developers. In return, OpenAI will link to Stack Overflow's content in ChatGPT.
The Hacker News
"NoFilter" technique exploits Windows Filtering Platform for sneaky privilege escalation.
HACKRead
The aircraft was reportedly flying over an area inhabited by Iranian-backed Houthis.
DarkReading
Cyber-researchers are testing the bounds of optical attacks with a technique that allows attackers to recover voice audio from meetings if there are shiny, lightweight objects nearby.
DataBreaches
The Jersualem Post reports: Websites of multiple major universities in Israel were attacked by a group of hackers calling themselves “Anonymous...
DataBreaches
Catalin Cimpanu reports: The Dutch government said it would use its intelligence or military services to counter cyber-attacks, including ransomware attacks,...
Ars Technica
Collaboration comes as tech giant faces multibillion-dollar lawsuit from The New York Times.
The Hacker News
Researchers found three security vulnerabilities in Azure HDInsight's Apache Hadoop, Kafka, and Spark services that allow for root access and system d
DataBreaches
Today’s reminder that even the leak of an email address can put someone’s life at risk. Phil Kemp, Lucy Manning, and Ed Campbell report: Defence...
DataBreaches
Lizzy Buchan reports that there was a second email gaffe that exposed additional Afghan interpreters. Once again, it seems, email addresses were visible to all...
DataBreaches
John Leyden reports: Italian web hosting firm Aruba.it has admitted a recent data breach amid complaints from some customers that it was slow in notifying...
DataBreaches
It was a back-handed compliment of sorts: experienced hackers telling DataBreaches that it had gotten noticeably harder for them to successfully attack big...
DarkReading
Searchlight Cyber announces rebrand that reflects its status as a fast-growing cybersecurity business.
The Hacker News
Researchers have discovered severe Server-Side Request Forgery (SSRF) vulnerabilities in 4 Microsoft Azure services.
The Hacker News
Microsoft Azure HDInsight service had 8 XSS vulnerabilities. Learn how they could lead to data breaches, session hijacking attacks.
The Hacker News
Google Cloud addresses medium-severity security flaw! Attackers with Kubernetes cluster access could escalate privileges.
The Hacker News
🔓 Two severe security vulnerabilities have been disclosed in Azure Bastion and Azure Container Registry, potentially enabling unauthorized access.
The Hacker News
New vulnerability in Azure Service Fabric Explorer dubbed "Super FabriXss" (CVE-2023-23383) can lead to unauthenticated remote code execution
DarkReading
To boot, the technology could be riddled with other flaws via its Apache services components, a security vendor says.
The Hacker News
🔒 Researchers have uncovered an ingenious side-channel attack that can recover secret keys from a device using video footage of its power LED.
DarkReading
Though the incident took place over a known Houthi area, some say this incident was at the hands of a Somali group, based on frequent communication disruptions in the country.
SecurityWeek
Cybersecurity startup Talon Cyber Security has closed a $100 million Series A funding round to grow its secure enterprise browser built on Chromium
DataBreaches
Politically motivated hacks continue. Two current examples outside of the U.S.: James Pearson and Tom Balmforth report: Hackers linked to Ukraine’s main spy...
DataBreaches
Daniel Rockey of Bryan Cave Leighton Paisner writes: In a case of first impression, the United States District Court for the Southern District of California...
SecurityWeek
Zafran has emerged from stealth mode with a risk and mitigation platform and $30 million in funding from Sequoia Capital and Cyberstarts.
The Hacker News
Critical security flaw found in WooCommerce Payments plugin for WordPress, affecting 500K+ websites! Update to patched versions ASAP.
Bleeping Computer
Security researchers have released NoFilter, a tool that abuses the Windows Filtering Platform to elevate a user's privileges to increases privileges to SYSTEM, the highest permission level on Windows.
The Hacker News
Iranian hackers are actively exploiting VMware Horizon Log4j flaws in order to infect targeted servers with ransomware.
Infosecurity News
Hackers have attempted to divert two commercial Israeli aircraft in recent days, reports claim
The Record
The UK government alluded yesterday that it might launch offensive cyber operations against Russia if the Kremlin attacks UK computer systems after an invasion of Ukraine.
SecurityWeek
San Francisco data privacy startup Transcend secures 40 million in a Series B funding round that brings the total raised to $90 million.
The Record
More than a dozen members of the Yesh Atid political party, including the Israeli opposition leader Yair Lapid, had their WhatsApp accounts temporarily blocked, sparking concerns about a potential intrusion.
The Record
Cybersecurity firm Palo Alto Networks intends to acquire Talon Cyber Security, the company confirmed Monday, in what would be its second purchase of an Israeli startup in the last week.
The Hacker News
Hackers can steal NTLM credentials with zero clicks! Beware of CVE-2023-29324, the Windows MSHTML Platform vulnerability. Check out the details now!
The Hacker News
Researchers have identified a new hacking group "JuiceLedger" behind the first known phishing campaign targeting the Python Package Index.
DarkReading
The security flaw tracked as CVE-2022-30216 could allow attackers to perform server spoofing or trigger authentication coercion on the victim.
DarkReading
"JuiceLedger" has escalated a campaign to distribute its information stealer by now going after developers who published code on the widely used Python code repository.
CyberSecurity Dive
Researchers from Orca Security said no authentication was required in two of the four instances.
CyberNews
X-owner Elon Musk said his social messaging platform has less antisemitic content compared with other online social media apps, according to audits it has commissioned.
Infosecurity News
The cross-site scripting flaw affects SFX version 9.1.1436.9590 or earlier and has a CVSS of 8.2
The Hacker News
Researchers have identified a previously unknown APT hacking group, dubbed Metador, which has infiltrated telecommunications companies, universities,
The Record
A British man pleaded guilty in the Eastern District of New York on Tuesday to charges related to hacking into email and brokerage accounts and stealing more than $6 million from victims.
Naked Security
One bit per second makes the Voyager probe data rate seem blindingly fast. But it’s enough to break your security assumptions…
HACKRead
A critical zero-day vulnerability in CrushFTP, a popular file transfer software, allows attackers to download sensitive system files.
The Hacker News
Three new high-severity security flaws discovered in NGINX Ingress controller for Kubernetes. Hackers can steal secret credentials.
The Hacker News
Over 39,000 WordPress sites have fallen victim to the Sign1 malware campaign in just 6 months, redirecting unsuspecting users to scam sites through ma
Infosecurity News
Finding comes from Menlo Security’s recently released 2023 State of Browser Security Report
The Hacker News
A new malicious campaign has compromised over 15,000 WordPress websites in an attempt to redirect visitors to bogus QA portals.
DarkReading
Data breaches are rapidly accelerating, according to a number-crunching report from Apple this week - heightening the need to finally implement end-to-end data encryption.
Infosecurity News
Britain ready to hit back if attacked, says Wallace
Security Affairs
Researchers shared technical details about a flaw in Windows MSHTML platform, tracked as CVE-2023-29324, that could be abused to bypass security protections. Cybersecurity researchers have shared details about a now-patched security flaw, tracked as CVE-2023-29324 (CVSS score: 6.5), in Windows MSHTML platform. An attacker can exploit the vulnerability by crafting a malicious URL that would evade zone checks. “An attacker can […]
Latest Hacking News
Security researchers have found another strategy to steal data from air-gapped systems, this time exploiting SATA cables. Dubbed SATAn attack, it allows an adversary to steal sensitive data, though with a bit of effort. Stealing Data
SecurityWeek
Gutsy secures a whopping $51 million in seed-stage financing to apply process mining techniques to solve security governance problems.
The Hacker News
Unknown threat actors target WordPress sites using lesser-known code snippet plugins
The Hacker News
Over 10,000 Sites Found Infected in Massive AdSense Fraud Campaign Involving Fake URL Shorteners
Cyber Security News
Node.js project disclosed a high-severity vulnerability affecting multiple active release lines of its software on Windows platforms.
The Hacker News
Researchers warn of a new sophisticated campaign, Operation Rusty Flag, deploying Rust-based malware in Azerbaijan.
Infosecurity News
UK regulator reduces penalty by 90%
The Hacker News
Microsoft patches Azure Active Directory misconfiguration issue, which exposed high-impact apps to unauthorized access.
The Hacker News
Researchers have found three vulnerabilities in the audio decoders of Qualcomm and MediaTek mobile chips.
The Hacker News
A critical flaw in the hugely popular LiteSpeed Cache plugin for WordPress is being exploited in the wild to create rogue admin accounts, granting att
The Hacker News
Researchers have demonstrated a new air-gap technique for data exfiltration in which malware uses network interface card (NIC) LEDs.
Infosecurity News
The groups' attacks were reportedly relatively low in sophistication but persistent and well-resourced
SecurityWeek
GAIROSCOPE is the name of a new air gap-jumping attack that leverages ultrasonic tones and smartphone gyroscopes to silently exfiltrate data.
Infosecurity News
Gairoscope is a covert ultrasonic channel that does not require a microphone on the receiving side
Bleeping Computer
Google has assigned a new CVE ID (CVE-2023-5129) to a libwebp security vulnerability exploited as a zero-day in attacks and patched two weeks ago.
Infosecurity News
The breach affected any account with the
HACKRead
Researchers have recently unveiled findings indicating the creation of a computer worm capable of targeting generative AI-powered applications.
CyberScoop
Ukrainian officials warned Friday that Belarusian hackers are sending a wave of phishing emails targeting Ukrainian soldiers and civilians. “Mass phishing emails have recently been observed targeting private ‘i.ua’ and ‘meta.ua’ accounts of Ukrainian military personnel and related individuals,” Ukraine’s Computer Emergency Response Team wrote in a Facebook post Friday. Both URLs belong to Ukraine-based email services. Once an account is compromised, hackers gain access to the target’s messages and their contact details, allowing them to send additional phishing emails to their contacts, the CERT said. Ukraine’s State Service of Special Communications and Information Protection issued a separate warning Friday about a phishing attack against civilian emails containing potentially malicious attached files. Warning ⚠️ A phishing #attack has started against Ukrainians! Citizens' e-mail addresses receive letters with attached files of uncertain nature. The mass distribution of such messages to messengers may happen. #cyberattacks #Ukraine pic.twitter.com/YPvFH2oNk0 — SSSCIP Ukraine (@dsszzi) February 25, 2022 The […]
The Record
A team from British military intelligence placed first at a cyber warfare exercise described as “Western Europe’s largest."
DarkReading
The "first-in-nation" cyber command center will provide municipal and local governments with threat intelligence and resources to defend themselves against cyberattacks.
CyberSecurity Dive
AWS identified three cyber misconceptions that hinder small- and medium-sized businesses as they migrate workloads.
Cyber Security News
BGP is the backbone protocol and the internet's "glue," which directs the routing decisions between ISP networks to hold the internet under a set.
CSO
The SaaS offering listens into processes from security tools and their integrations to root out issues leading to vulnerabilities.
Bleeping Computer
The United Kingdom has revealed plans to invest £5 billion in bolstering national cybersecurity that includes creating a "Cyber Force" unit to perform retaliatory attacks.
SecurityWeek
An Israeli government probe into allegations of police spying on citizens using Pegasus malware on Monday said police successfully infected the phone of one individual subject to a court order.
The Hacker News
Researchers have discovered a new method for exfiltrating data from air-gapped computers that abuses the dynamic power consumption of modern computers
CyberNews
Foxsemicon, one of Taiwan’s biggest semiconductor manufacturers, has been hit with a cyberattack. The notorious LockBit ransomware gang claims to be behind it.
Loading more articles....