Cyber Security News
Vulnerability in Apache Project Let Hackers Launch Supply Chain Attacks
The unsuspecting system downloads the public package instead of the intended private one, potentially injecting malicious code.
Cyber Security News
The unsuspecting system downloads the public package instead of the intended private one, potentially injecting malicious code.
HACKRead
San Juan, Puerto Rico, April 25th, 2024, CyberNewsWire
CyberNews
Hackers have shared a database exposing 642,000 individuals’ personal information, including full names, email addresses, job titles, and the company they work for.
Bleeping Computer
Non-profit healthcare service provider Group Health Cooperative of South Central Wisconsin (GHC-SCW) has disclosed that a ransomware gang breached its network in January and stole documents containing the personal and medical information of over 500,000 individuals.
CyberNews
The Group Health Cooperative of South Central Wisconsin (GHC-SCW) has fallen victim to a cyberattack that leaked the data of roughly 534,000 people.
Cyber Security News
GitLab is a prominent web-based Git repository manager that is exploited by hackers to gain unauthorized access to confidential source code,
DarkReading
An economic success story in Asia, Vietnam is seeing more manufacturing and more business investment. But with that comes a significant uptick in cybercrime as well.
CyberNews
Florida’s Governor signs a bill that bans children 13 and under from becoming social media account holders – critics argue it violates free speech.
Bleeping Computer
Ransomware attacks on healthcare over the last few months have been relentless, with numerous ransomware operations targeting hospitals and medical services, causing disruption to patient care and access to prescription drugs in the USA.
CyberNews
A Moscow court issued an arrest order for Meta spokesperson Andy Stone on charges of inciting terrorism. Is this Kremlin propaganda or does Stone need to watch his back?
CyberNews
HopSkipDrive data breach expose hundreds of thousands of people.
CyberNews
The show is over – again. Just as Netflix did last year, Disney Plus and its subsidiary platform Hulu will now begin to restrict password sharing.
HACKRead
Whitehat hackers from Pen Test Partners identified a critical issue in Airbus' Flysmart+ Manager suite and promptly reported it to affected vendors.
HACKRead
Microsoft Teams targeted for phishing and malware attacks. Learn how to protect your organization against these evolving cyber threats.
Bleeping Computer
Governments struck back this week against members of ransomware operations, imposing sanctions on one threat actor and sentencing another to prison.
CyberNews
Lush’s name popped up on Akira ransomware gang’s data leak site.
CyberNews
FICCI exposed an important file, risking indirect financial loss and reputational damage, as well as legal and compliance problems.
CyberNews
Russia using malware to steal sensitive data
Bleeping Computer
Productivity tools are something we all need and we'll all use, all year long. This Microsoft Office instant download for Mac or Windows is an ideal gift at $29.97 for either, $200 off the $229 MSRP, but only now through the end of December 25th.
Bleeping Computer
The gift of learning pays off all year long. This lifetime subscription bundle opens the door to 24 different languages and over 1000 training courses for $159.97 with code ROSETTA at checkout, $690 off the $849 MSRP, but only now through the end of December 25th!
The Cyber Express
In response to a recent cyberattack, France has announced an additional allocation of US$465,000 (€500,000) to enhance the International Criminal
HACKRead
IntelBroker claims that the documents include information about communications between the Pentagon and the US Army’s CIO/G-6.
CyberNews
The uncovered wire fraud scheme involved more than 26,000 fraudulent transactions and resulted in a loss of more than $28,000,000
CyberNews
The notorious ransomware gang LockBit has added ALDO Shoes, a Canadian multinational corporation retailer, to its victim list.
The Cyber Wire
Ukraine's SSSCIP gets a new chief, and Russian defense industries are targeted by foreign intelligence services. Who those services might be are unknown, but circumstantially they look a little like people from Shanghai or Pyongyang.
The Cyber Wire
Ukraine's SSSCIP gets a new chief, and Russian defense industries are targeted by foreign intelligence services. Who those services might be are unknown, but circumstantially they look a little like people from Shanghai or Pyongyang.
Cyber Security News
HSE one of the biggest power providers in Slovenia was targeted by a serious cyberattack and control system as well as fire alarms.
CyberNews
A CISA cybersecurity warning says the Iranian hacker group targeting water and energy facilities in Israel, attacked two townships in Pennsylvania over the weekend.
CyberNews
Systems East attacker stole thousands of encrypted payment cards.
Bleeping Computer
CISA warned federal agencies today to secure Juniper devices on their networks by Friday against four vulnerabilities now used in remote code execution (RCE) attacks as part of a pre-auth exploit chain.
Bleeping Computer
Hackers have stolen $4.4 million in cryptocurrency on October 25th using private keys and passphrases stored in stolen LastPass databases, according to research by crypto fraud researchers who have been researching similar incidents.
Bleeping Computer
Ransomware attacks are increasing significantly, with reports indicating that last month was a record month for ransomware attacks in 2023.
SecurityWeek
SecurityWeek’s 2023 ICS Cybersecurity Conference - Day 2 of the annual industrial cybersecurity conference.
The Record
The European Commission sent Meta and TikTok letters Thursday, requesting information on the platforms’ efforts to rein in disinformation relating to the Israel-Hamas war.
Ars Technica
This troubling ability could be used by scammers or to target ads.
CyberNews
DDoS attacks are currently on the rise.
Bleeping Computer
Ransomware gangs continue to pummel the enterprise, with attacks causing disruption in business operations and resulting in data breaches if a ransom is not paid.
Bleeping Computer
This week has been a busy ransomware week, with ransomware attacks having a massive impact on organizations and the fallout of the MOVEit breaches to be disclosed.
Bleeping Computer
The Hospital for Sick Children, more commonly known as SickKids, is among healthcare providers that were impacted by the recent breach at BORN Ontario. The top Canadian pediatric hospital disclosed that as a part of its operations, it shares personal health information with BORN Ontario "related to pregnancy, birth and newborn care."
DataBreaches
Jesse William McGraw writes: To say that we are living in a volatile time would be a brazen understatement. Since the onset of #OpRussia and successive...
SecurityWeek
Four vulnerabilities in the J-Web component of Junos OS have started being chained in malicious attacks after PoC exploit code was published.
Bleeping Computer
The FBI announced today the disruption of the Qakbot botnet in an international law enforcement operation that not only seized infrastructure but also uninstalled the malware from infected devices.
Bleeping Computer
Hackers have started using a critical exploit chain to target Juniper EX switches and SRX firewalls via their Internet-exposed J-Web configuration interface.
Cyber Security News
In this new wave of phishing attacks, hackers are turning to AWS S3 Buckets to host phishing links, providing them with a more convincing and legitimate façade.
Bleeping Computer
Ransomware gangs continue to hammer local governments in attacks, taking down IT systems and disrupting city's online services.
Cyber Security News
The cybersecurity researchers at Cyble discovered a new macOS malware, 'Atomic' (aka 'AMOS'), sold for $1,000/month on private Telegram channels.
Security Affairs
Atomic macOS Stealer is a new information stealer targeting macOS that is advertised on Telegram for $1,000 per month. Cyble Research and Intelligence Labs (CRIL) recently discovered a Telegram channel advertising a new information-stealing malware, named Atomic macOS Stealer (AMOS). The malware targets macOS, it was designed to steal sensitive information from the infected systems. The […]
Bleeping Computer
It has been a very quiet week for ransomware news, with only a few reports released and not much info about cyberattacks. An item of interest was Microsoft linking the recent PaperCut server attacks on the Clop and LockBit ransomware operation.
Ars Technica
Founder will open a 25-year bottle of Scotch and chat about its history and future.
Bleeping Computer
CISA has added a critical severity vulnerability in VMware's Cloud Foundation to its catalog of security flaws exploited in the wild.
Bleeping Computer
This week was highlighted by a massive BlackBasta ransomware attack targeting DISH Network and taking down numerous subsidiaries, including SlingTV and Boost Mobile.
Bleeping Computer
American TV giant and satellite broadcast provider, Dish Network has mysteriously gone offline with its websites and apps ceasing to function over the past 24 hours.
Bleeping Computer
PyTorch has identified a malicious dependency with the same name as the framework's 'torchtriton' library. This has led to a successful compromise via the dependency confusion attack vector.
Bleeping Computer
Zero2Automated, the creators of the popular malware analysis and reverse-engineering course, is having a Christmas special where you can get 20% off all courses on their site, with additional goodies thrown in.
Bleeping Computer
Google has released an emergency security update for the desktop version of the Chrome web browser, addressing the eighth zero-day vulnerability exploited in attacks this year.
Bleeping Computer
This week's news primarily revolves around LockBit, BlackMatter, and the rising enterprise-targeting Royal ransomware operation.
Bleeping Computer
LastPass says the attacker behind the August security breach had internal access to the company's systems for four days until they were detected and evicted.
Bleeping Computer
Google has released Chrome 105.0.5195.102 for Windows, Mac, and Linux users to address a single high-severity security flaw, the sixth Chrome zero-day exploited in attacks patched this year.
Bleeping Computer
We saw a bit of ransomware drama this week, mostly centered around LockBit, who saw their data leak sites taken down by a DDoS attack after they started leaking the allegedly stolen Entrust data.
CyberNews
From August 25th, podcasts will be added to Twitter as part of their Spaces Tab, which offers live audio conversations on the platform.
SecurityWeek
SecurityWeek editors have combed the Black Hat USA 2022 agenda carefully and identified the top 10 sessions that will be making news headlines all week.
Security Affairs
Hackers have stolen over $250,000 in Ethereum from Bored Ape Yacht Club (BAYC), this is the third security breach it suffered this year. Threat actors compromised Bored Ape Yacht Club (BAYC) for the third time this year, they have stolen and sold NFTs, making away with 142 ETH, equivalent to over $250,000. The hacker conducted […]
Bleeping Computer
Microsoft has released out-of-band (OOB) updates on Thursday evening to address a newly acknowledged issue impacting Microsoft Store apps.
Bleeping Computer
This week we have discovered numerous new ransomware operations that have begun operating, with one appearing to be a rebrand of previous operations.
Bleeping Computer
Europol has announced the arrest of 108 people suspected of being involved in an international call center operation that tricked victims into investment scams.
Bleeping Computer
With the US providing military aid to Ukraine and its sanctions damaging the Russian economy, the US government disclosed this week that there is intelligence that Russia is preparing for potential cyberattacks against US interests.
Security Affairs
A Ukrainian security researcher has leaked more source code from the Conti ransomware operation to protest the gang’s position on the conflict. Hacker leaked a new version of the Conti ransomware source code on Twitter as retaliation of the gang’s support to Russia The attack against the Conti ransomware and the data leak is retaliation […]
Bleeping Computer
A Ukrainian security researcher has leaked newer malware source code from the Conti ransomware operation in revenge for the cybercriminals siding with Russia on the invasion of Ukraine.
Bleeping Computer
A Ukrainian security researcher has leaked newer malware source code from the Conti ransomware operation in revenge for the cybercriminals siding with Russia on the invasion of Ukraine.
Cyber Security News
Wordfence posted on their site that they found a massive number of systems owned by Ukrainian universities were compromised. This coincided with the attack of Russia on Ukraine.
Security Affairs
Researchers observed a spike in the attacks against Ukrainian WordPress sites since the beginning of the military invasion of the country. Cyber attacks are an important component of the military strategy against Ukraine, experts observed a spike in the attacks against Ukrainian WordPress sites since the beginning of the military invasion of the country. The […]
DataBreaches
Luke Gallin reports: Global insurance and reinsurance broker Aon was hit by a cyber attack on February 25th, 2022, according to an 8-K filed with the...
DataBreaches
“Oh for f*** sake,” a February 25th message on Signal to me began. RaidForums had been seized, I was told. But had it been? A WHOIS lookup on the...
Bleeping Computer
Professional services and insurance giant AON has suffered a cyberattack that impacted a "limited" number of systems.
Bleeping Computer
The US Cybersecurity and Infrastructure Security Agency (CISA) has added nine new flaws to its collection of actively exploited vulnerabilities, including two recently patched zero-days impacting Google Chrome and Adobe Commerce/Magento Open Source.
Bleeping Computer
The US Cybersecurity and Infrastructure Security Agency (CISA) has added nine new flaws to its collection of actively exploited vulnerabilities, including two recently patched zero-days impacting Google Chrome and Adobe Commerce/Magento Open Source.
Bleeping Computer
The US Cybersecurity and Infrastructure Security Agency (CISA) has added a new flaw to its catalog of vulnerabilities exploited in the wild, an Apple WebKit remote code execution bug used to target iPhones, iPads, and Macs.
Bleeping Computer
The US Cybersecurity and Infrastructure Security Agency (CISA) has added a new flaw to its catalog of vulnerabilities exploited in the wild, an Apple WebKit remote code execution bug used to target iPhones, iPads, and Macs.
Bleeping Computer
It's been a busy week with ransomware attacks tied to political protests, new attacks on NAS devices, amazing research released about tactics, REvil's history, and more.
Bleeping Computer
QNAP is warning customers again to secure their Internet-exposed Network Attached Storage (NAS) devices to defend against ongoing and widespread attacks targeting their data with the new DeadBolt ransomware strain.
Bleeping Computer
A new DeadBolt ransomware group is encrypting QNAP NAS devices worldwide using what they claim is a zero-day vulnerability in the device's software.
Bleeping Computer
One of the largest Vietnamese crypto trading platforms, ONUS, recently suffered a cyber attack on its payment system running a vulnerable Log4j version. Soon enough, threat actors approached ONUS to extort $5 million and threatened to publish the customer data should ONUS refuse to comply.
Bleeping Computer
For this week's 'Week in Ransomware' article we have included the latest ransomware news over the past two weeks.
Bleeping Computer
This week, international law enforcement operations went on the offensive, making arrests in numerous countries for ransomware-related activities.
Bleeping Computer
Bandwidth.com has become the latest victim of distributed denial of service attacks targeting VoIP providers this month, leading to nationwide voice outages over the past few days.
Bleeping Computer
Bugs in the implementation of Microsoft Exchange's Autodiscover feature have leaked approximately 100,000 login names and passwords for Windows domains worldwide.
Bleeping Computer
ug in the McDonald's Monopoly VIP game in the United Kingdom caused the login names and passwords for the game's database to be sent to all winners.
Bleeping Computer
Hackers are actively scanning for and exploiting a recently disclosed Atlassian Confluence remote code execution vulnerability to install cryptominers after a PoC exploit was publicly released.
Bleeping Computer
Ransomware continues to be active this week, with new threat actors releasing new features, No More Ransom turning five, and a veteran group rebrands.
Bleeping Computer
An Irish court has ordered VirusTotal to provide the information of subscribers who downloaded or uploaded confidential data stolen from Ireland's national health care service during a ransomware attack.
Bleeping Computer
It has been relatively quiet this week, with few attacks revealed and few new ransomware variants released. However, some interesting information came out that we have summarized below.
Bleeping Computer
With ransomware gangs facing increasing pressure from governments, law enforcement, and even hacking forums, it has been fairly quiet this week regarding ransomware.
Bleeping Computer
Google has released Chrome 91 today, May 25th, 2021, to the Stable desktop channel, and it includes security improvements, the ability to copy and paste files into web pages, and new developer features.
Bleeping Computer
Ransomware gangs continue to target organizations large and small, including a brazen attack on the Washington DC police department.
Bleeping Computer
Millions of email addresses collected by Emotet botnet for malware distribution campaigns have been shared by the Federal Bureau of Investigation (FBI) as part of the agency's effort to clean infected computers.
Bleeping Computer
Emotet, one of the most dangerous email spam botnets in recent history, is being uninstalled today from all infected devices with the help of a malware module delivered in January by law enforcement.