Infosecurity News
53,000 Employees' Social Security Numbers Exposed in Nissan Breach
Car manufacturer Nissan revealed that over 53,000 of its North America employees had their social security numbers accessed by a ransomware attacker
Infosecurity News
Car manufacturer Nissan revealed that over 53,000 of its North America employees had their social security numbers accessed by a ransomware attacker
The Cyber Express
The notorious DragonForce ransomware group has expanded its list of victims, adding two new names to their dark web portal
The Cyber Express
A dark web actor named DuckyMummy claimed responsibility for an alleged data breach at Frotcom International, a prominent player in
The Cyber Express
The IntelBroker hacker has allegedly leaked a database belonging to the National Parent Teacher Association (PTA), a cornerstone of child
The Cyber Express
Millions of Internet of Things (IoT) devices present across the industrial, healthcare, automotive, financial, and telecommunication sectors are at significant
The Hacker News
MITREcorp has launched EMB3D, a new threat-modeling framework for embedded devices used in critical infrastructure.
The Cyber Express
Following Australia's vocal support for Ukraine, the nation finds itself targeted by a Cyber Army Russia Reborn cyberattack. The recent
Krebs on Security
Last week, the United States joined the U.K. and Australia in sanctioning and charging a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware group. LockBit's leader "LockBitSupp" claims the feds named the wrong guy,…
Security Affairs
Pro-Russia hackers targeted government websites in Kosovo in retaliation for the government's support to Ukraine with military equipment.
The Cyber Express
The ever-evolving digital landscape presents a constant challenge for businesses and individuals alike: staying secure in the face of increasingly
SecurityWeek
European Parliament application breached, DocGo hacked, VMware advisories moved to Broadcom support portal.
The Record
The Kremlin’s "hybrid war" on Moldova — featuring disinformation, cyberattacks and influence operations — aims to manipulate three consequential votes in Moldova this year and next.
Cyber Security News
Brandywine Realty Trust, a significant U.S. real estate investment trust, has confirmed a disruption to its operations due to a ransomware attack.
Cyber Security News
The FBI has issued a warning about a sophisticated phishing and smishing campaign orchestrated by a cybercriminal group known as STORM-0539,.
Cyber Security News
The Go team has released patches for two significant vulnerabilities that could allow attackers to execute arbitrary code and cause service disruptions through infinite loops.
Cyber Security News
Citrix has released a security bulletin detailing a critical vulnerability (CVE-2024-31497) affecting certain versions of their Citrix
Cyber Security News
In response, Zscaler posted a statement on its trust portal saying it has launched an investigation but has not found evidence of a breach.
Ars Technica
Hackers can exploit them to gain full administrative control of internal devices.
CyberNews
Eurovision has said it was closely working with security teams to protect the world’s largest music competition from cyber attacks amid warnings of increased risks.
Cyber Security News
Hackers exploit the weaponized shortcut files due to their ability to execute malicious code without the knowledge of the user being targeted.
Cyber Security News
A new group known as MorLock ransomware has intensified its attacks on Russian businesses, causing disruptions and financial losses.
Cyber Security News
The University System of Georgia (USG) announced that the confidential information of approximately 800,000 students, faculty, and staff was exposed in the recent MOVEit data breach.
Cyber Security News
The city of Wichita's Ransomware attack has impacted several city services, causing inconvenience to the residents and raising concerns.
Cyber Security News
WordPress plugins make WordPress more useful, but most of these have flaws that hackers may try to take advantage of to get unauthorized
Cyber Security News
DocGo Inc., a prominent healthcare and ambulance transportation service provider, has confirmed a cybersecurity incident.
Cyber Security News
Microsoft has announced deploying an air-gapped GPT-4 artificial intelligence model tailored specifically for the U.S. intelligence community.
The Record
As players complained about access problems, Final Fantasy's maker, Square Enix, said it was trying to take countermeasures against the flood of junk traffic.
The Cyber Express
By Eyal Arazi, senior security solutions lead for Radware The cybersecurity landscape evolved rapidly in 2023. In particular, there was
The Hacker News
Czechia and Germany reveal they were targets of a massive cyber espionage campaign by Russia-linked APT28 hacker group.
HACKRead
A new botnet called Goldoon targets D-Link routers and NAS devices putting them at risk of DDoS attacks and more. Learn how weak credentials leave you vulnerable and how to secure your network. pen_spark
DarkReading
Though Olympics officials appear to have better secured their digital footprint than other major sporting events have, significant risks remain for the Paris Games.
SecurityWeek
4,000 take part in Locked Shields 2024 exercise, Qantas and JP Morgan hit by data exposure bugs, NVIDIA patches critical flaw.
The Hacker News
Our webinar unveils the latest DDoS attack strategies like IoT botnets & amplification tactics. Get real-world examples & proactive defense tips.
Infosecurity News
Sweden experienced a wave of DDoS attacks as the country was working towards joining NATO, Netscout found
Cyber Security News
The NCSC has issued a stark warning about a new wave of cyber threats from Russian-aligned groups targeting the UK's national infrastructure.
The Hacker News
A new botnet called Goldoon is targeting D-Link routers with a critical vulnerability from 2015 (CVE-2015-2051).
The Record
Researchers at Fortinet are calling the botnet Goldoon. D-Link released a patch in 2015 for the bug that it exploits, but some device owners didn't install it.
HACKRead
Uncover the "Muddling Meerkat," a China-linked threat actor manipulating the DNS. Infoblox research reveals a sophisticated group with deep DNS expertise and potential ties to the Great Firewall. Learn their tactics and how to stay protected.
Security Affairs
The China-linked threat actors Muddling Meerkat are manipulating DNS to probe networks globally since 2019..
Trend Micro
This blog entry aims to highlight the dangers of internet-facing routers and elaborate on Pawn Storm's exploitation of EdgeRouters, complementing the FBI's advisory from February 27, 2024.
SecurityWeek
Muddling Meerkat conducts operations through DNS by creating large volumes of widely distributed queries that are propagated using open DNS resolvers.
Cyber Security News
Hackers exploit DNS vulnerabilities to redirect users to malicious websites, launch distributed denial-of-service (DDoS) attacks by
Cyber Security News
A joint effort between the Dresden Public Prosecutor’s Office and the Cybercrime Competence Center of the Saxony State Criminal Police
The Cyber Express
The Saline Water Conversion Corporation of Saudi Arabia became the target of a Distributed Denial of Service (DDoS) attack allegedly
The Hacker News
The U.K. is the first country to ban default passwords on smart devices starting April 29, 2024. Manufacturers must provide unique passwords and secur
Krebs on Security
A 26-year-old Finnish man was sentenced to more than six years in prison today after being convicted of hacking into an online psychotherapy clinic, leaking tens of thousands of patient therapy records, and attempting to extort the clinic and patients.
Bleeping Computer
A new cluster of activity tracked as "Muddling Meerkat" is believed to be linked to a Chinese state-sponsored threat actor's manipulation of DNS to probe networks globally since October 2019, with a spike in activity observed in September 2023.
Ars Technica
The law aims to prevent global-scale botnet attacks.
Security Magazine
Omni Hotels & Resorts was the recent target of a ransomware attack by the Daixin Team ransomware group.
Bleeping Computer
The All-in-One Super-Sized Ethical Hacking Bundle is on sale for just $45.99 (reg. $1098) for a limited time only.
The Cyber Express
The notorious NoName ransomware group this time has allegedly set its sights on Moldova, targeting key government websites in what
The Record
Ukraine's GUR said it carried out an unspecified attack on the United Russia party's digital infrastructure. The party did take the rare step of acknowledging a DDoS incident.
The Cyber Express
With more than 2 billion voters ready to cast a vote this year across 60 plus nations -including the U.S.,
SecurityWeek
Noteworthy stories that might have slipped under the radar: Volkswagen hacked by Chinese threat group, DDoS service shut down, Rubrik IPO.
The Record
Before the Russian elections, Meduza was the target of "the most intense cyber campaign" in its history. Since then, the onslaught hasn't let up.
DarkReading
Hackers can influence voters with media, breach campaigns, or try tampering with votes. Or they can combine these tactics to even greater effect.
Infosecurity News
Netacea research found that 93% of security leaders expect to face daily AI-driven attacks by the end of 2024, with 65% predicting that offensive AI will be the norm for cybercriminals
CyberNews
Threat actors previously known as HelloKitty ransomware have announced that they’re rebranding into “HelloGookie.”
The Record
The threat actor known as the Cyber Army of Russia posted a video as purported evidence of breaching the systems of the Tipton Wastewater Treatment Plant.
SecurityWeek
New US guidance details foreign malign influence operations to help election infrastructure stakeholders increase resilience.
The Record
The suspect from Ukraine’s central city of Poltava was the head of a local nonprofit that promoted Kremlin ideology, the security services said.
DarkReading
Moobot, Miori, AGoent, and a Gafgyt variant have joined the infamous Mirai botnet in attacking unpatched versions of vulnerable Wi-Fi routers.
Bleeping Computer
At least six distinct botnet malware operations are hunting for TP-Link Archer AX21 (AX1800) routers vulnerable to a command injection security issue reported and addressed last year.
HACKRead
The Philippines faces a surge in cyberattacks as tensions rise in the South China Sea with Hacktivists campaigns target government websites.
Cyber Security News
Exploitation of a critical vulnerability in TP-Link Archer routers, leading to the proliferation of various botnet threats.
The Hacker News
Researchers alert of a global rise in brute-force attacks from TOR nodes targeting VPNs, web interfaces, and SSH services
The Record
Researchers at the U.S. cybersecurity firm Resecurity reported a nearly 325% jump in cyberattacks and other digital operations since the beginning of the year.
SecurityWeek
Cloud security specialists found data exposure risk associated with Azure, AWS, and Google Cloud command-line tools.
The Cyber Express
The clearnet domain of the notorious BreachForums data leak and hacking forum has been taken down by rival threat actors.
The Cyber Express
IntelBroker has claimed the Channel Logistics LLC data breach, operating under the brand Space-Eyes. The breach was announced on the
Security Affairs
The Czech transport minister warned that Russia conducted ‘thousands’ of attempts to sabotage railways in Europe.
DarkReading
Cyberattacks tripled over the past year in Israel, making it the most targeted nation in 2023.
The Record
The bug affects the the Archer AX21, a popular router model manufactured by TP-Link.
Infosecurity News
An international team of researchers published the first-ever index ranking countries by cybercrime threat level
CyberNews
Prior to Iran’s missile attack on Israel, the pro-Iranian cyber gang named Handala claimed to have breached radar systems and sent 500,000 text messages.
HACKRead
Here's a list of 5 effective CAPTCHA plugins for WordPress that can help enhance the security of your website by preventing spam and bot activities:
SecurityWeek
Second identifier, CVE-2024-3272, assigned to unpatched D-Link NAS device vulnerabilities, just as exploitation attempts soar.
The Cyber Express
A significant cyberattack has plunged several French municipal governments into chaos as their shared servers came under a relentless assault,
The Record
The company released an advisory about a vulnerability in the popular GlobalProtect VPN product that was unknown to security researchers until this week.
SecurityWeek
An inside look at how Amazon Web Services (AWS) is leading the charge in the fight against IP spoofing and DDoS attacks.
SC Magazine
Several impersonators have used LockBit’s branding and leaked builder in their attacks.
The Record
Rubycarp has been in operation for at least a decade, and its campaigns appear to overlap with other cybercrime groups, according to researchers at Sysdig.
The Record
One of the largest health insurance companies in Wisconsin said hackers that launched a failed ransomware attack were still able to steal troves of sensitive information on more than half a million people.
The Record
As U.S. hospitals struggle to pay their employees amid a cyberattack that knocked out a major payment vendor, a powerful Democratic senator is seizing the moment to push for better security in the sorely vulnerable healthcare sector.
Bleeping Computer
A Romanian botnet group named 'RUBYCARP' is leveraging known vulnerabilities and performing brute force attacks to breach corporate networks and compromise servers for financial gain.
The Hacker News
RUBYCARP threat group, suspected to be of Romanian origin, has been discovered operating a botnet for crypto mining, DDoS, and phishing attacks
SecurityWeek
Siemens and Schneider Electric release their ICS Patch Tuesday advisories for April 2024, informing customers about dozens of vulnerabilities.
Bleeping Computer
Security researchers at Bitdefender have discovered four vulnerabilities impacting multiple versions of WebOS, the operating system used in LG smart TVs.
The Hacker News
CL0P ransomware emerges as a major player in the cybercrime world! From "bed bug" beginnings to a global threat, this group's aggressive tactics are r
CSO
The group was discovered recently through Sysdig honeypots as it attempted to exploit a Laravel vulnerability.
Bleeping Computer
Attackers are now actively targeting over 92,000 end-of-life D-Link Network Attached Storage (NAS) devices exposed online and unpatched against a critical remote code execution (RCE) zero-day flaw.
The Record
Russian prosecutors initiated a rare criminal case against two executives of the local flight booking platform, Leonardo, after hackers breached the company's systems last year, as reported by local media.
SC Magazine
RansomHub has threatened to sell 4TB of Change Healthcare data if it is not paid in 12 days.
DarkReading
Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: Dealing with a Ramadan cyber spike; funding Internet security; and Microsoft's Azure AI changes.
Bleeping Computer
Newly discovered HTTP/2 protocol vulnerabilities called "CONTINUATION Flood" can lead to denial of service (DoS) attacks, crashing web servers with a single TCP connection in some implementations.
SecurityWeek
New HTTP/2 DoS method named Continuation Flood can pose a greater risk than Rapid Reset, which has been used for record-breaking attacks.
The Record
Before Russia invaded Ukraine almost three years ago, a Ukrainian entrepreneur who goes by the alias Ted said he spent his time building tech companies in Ukraine and abroad. When Moscow launched its first missiles on Ukrainian cities, Ted and other local techies joined a group called the IT Army, crowdsourced by Ukraine’s Ministry of Digital Transformation, to fight Russia in cyberspace using scrappy attacks like defacing websites and knocking them offline.
Krebs on Security
A cybercrook who has been setting up websites that mimic the self-destructing message service Privnote.com accidentally exposed the breadth of their operations recently when they threatened to sue a software company. The disclosure revealed a profitable network of phishing sites…
CyberNews
All three of Meta Platforms’ social media apps – WhatsApp, Facebook, Instagram – have been reported down for thousands of users around the world Wednesday afternoon.
Infosecurity News
The findings from Netskope also show a shift in the retail sector’s use of cloud applications
Loading more articles....