Custom search

Android 15, Google Play get new anti-malware and anti-fraud features

Today, Google announced new security features coming to Android 15 and Google Play that will help block scams, fraud, and malware apps on users' devices.

Bleeping Computer

Android 15, Google Play Protect get new anti-malware and anti-fraud features

Today, Google announced new security features coming to Android 15 and Google Play Protect that will help block scams, fraud, and malware apps on users' devices.

Security Magazine

Meta is the second most spoofed brand for credential phishing

A sophisticated phishing campaign is bypassing multi-factor authentication in order to target Meta business accounts.

Ars Technica

SSH backdoor has infected 400,000 Linux servers over 15 years and keeps on spreading

Ebury backdoors SSH servers in hosting providers, giving the malware extraordinary reach.

Cyber Security News

Turla APT Group Attacking European Ministry of Foreign Affairs

The well-known advanced persistent threat (APT) group Turla, which is based in Russia, is said to be going after the European Ministry.

The Hacker News

Turla Group Deploys LunarWeb and LunarMail Backdoors in Diplomatic Missions

Two new backdoors, LunarWeb and LunarMail, have targeted a European ministry of foreign affairs and its diplomatic missions in the Middle East

Cyber Security News

10 Best Network Security Providers for Healthcare Industry in 2024

Best Network Security Providers for the Healthcare Industry - 1. Perimeter 81, 2. Palo Alto Networks, 3. Fortinet, 4. Cisco, 5. Trend Micro

The Record

2 days ago

New backdoors on a European government's network appear to be Russian

Researchers with cybersecurity company ESET have labeled two new pieces of suspected Russian malware as LunarWeb and LunarMail.

Security Affairs

2 days ago

Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware

Experts reported that since April, the Phorpiex botnet sent millions of phishing emails to spread LockBit Black ransomware

SecurityWeek

3 days ago

NATO Draws a Cyber Red Line in Tensions With Russia

Weakening liberal democracies and weakening the NATO alliance are conjoined in the hybrid war that Russia is conducting against Ukraine.

The Hacker News

3 days ago

The 2024 Browser Security Report Uncovers How Every Web Session Could be a Security Minefield

Are your browser extensions safe? 33% in most orgs aren't! Learn to protect your data with insights from the 2024 Browser Security Report.

Infosecurity News

3 days ago

Black Basta Ransomware Victim Count Tops 500

Affiliates of prolific Black Basta ransomware group have breached over 500 global organizations

Security Affairs

4 days ago

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

Black Basta ransomware affiliates have breached over 500 organizations between April 2022 and May 2024, FBI and CISA reported.

Bleeping Computer

5 days ago

CISA: Black Basta ransomware breached over 500 orgs worldwide

CISA and the FBI said today that Black Basta ransomware affiliates breached over 500 organizations between April 2022 and May 2024.

DarkReading

6 days ago

Is CISA's Secure by Design Pledge Toothless?

CISA's agreement is voluntary and, frankly, basic. Signatories say that's a good thing.

The Cyber Express

6 days ago

Lenovo Joins Secure by Design Pledge, Enhancing Cybersecurity Standards

Lenovo takes a bold step towards fortifying cybersecurity by joining the Secure by Design pledge, initiated by the US Cybersecurity

The Record

7 days ago

As White House preps new cyber rules for healthcare, Neuberger says backlash is unwarranted

The current cybersecurity situation in the healthcare industry is at least a decade in the making, White House official Anne Neuberger said at the RSA Conference.

The Cyber Express

7 days ago

Ascension Healthcare Hit by Cyberattack: Patients Wait Hours, Chaos Ensues

Ascension, one of the largest nonprofit healthcare systems in the United States, is facing disruptions in clinical operations due to

Bleeping Computer

FBI warns of gift card fraud ring targeting retail companies

The FBI warned retail companies in the United States that a financially motivated hacking group has been targeting employees in their gift card departments in phishing attacks since at least January 2024.

HACKRead

Findings Show MFA Bypass in Microsoft Azure Entra ID Using Seamless SSO

This article explores Microsoft Azure Entra ID flaw, explains the vulnerability in context, and offers actionable steps to secure your organization.

The Cyber Express

The CyberPower UPS Vulnerability Threatening Critical Systems Across Sectors

A new UPS management vulnerability in CyberPower Uninterrupted Power Supply (UPS) management software has been uncovered, revealing multiple flaws that have

The Cyber Express

MedStar Health Reports Data Breach Impacting 183,000 Patients

MedStar Health, a prominent non-profit healthcare provider disclosed a data breach that impacts more than 183,000 patients from its hundreds

SecurityWeek

RSA Conference 2024 – Announcements Summary (Day 2)

Hundreds of companies are showcasing their products and services this week at the 2024 edition of the RSA Conference in San Francisco.

CyberNews

FBI warns of fraudsters targeting gift card systems

The Federal Bureau of Investigation (FBI) has warned of heightened cybercriminal activity against employees at US retail corporate offices.

SC Magazine

RSAC 2024: Securing ‘fragmented’ identities in the cloud age

Zero trust, access certification campaigns and regular AD risk assessments are more critical than ever.

Infosecurity News

Decoding US Government Plans to Shift the Software Security Burden

US government officials discussed plans on how to incentivize security by design principles in the software manufacturing process during RSA

HACKRead

Feds Unmask LockBit Ransomware Leader as Dmitry Yuryevich Khoroshev

In a major blow to ransomware, international law enforcement has unmasked Dmitry Yuryevich Khoroshev, the leader of LockBit ransomware.

CSO

Change Healthcare went without cyber insurance before debilitating ransomware attack

Organizations that eschew cyber insurance give up not only financial protection but also advice from the insurer on improving the security of their systems.

The Hacker News

APT42 Hackers Pose as Journalists to Harvest Credentials and Access Cloud Data

APT42, an Iranian state-backed hacking group, is leveling up its social engineering tactics. They're posing as journalists and event organizers to bui

SecurityWeek

10 days ago

Iranian Cyberspies Hit Targets With New Backdoors

Iranian state-sponsored group APT42 is targeting NGOs, government, and intergovernmental organizations with two new backdoors.

Cyber Security News

10 days ago

PostgreSQL Security Flaws Let Attackers Execute Code

Two vulnerabilities have been identified in pgAdmin of PostgreSQL which were associated with Cross-Site Scripting and Multi-Factor

CyberSecurity Dive

10 days ago

Change Healthcare cyberattack: 5 technical takeaways from UnitedHealth CEO’s testimony

Change Healthcare was running on legacy technology, which magnified the ransomware attack’s impact and hampered recovery efforts, Andrew Witty said.

Cyber Security News

11 days ago

Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories)

The weekly news summary keeps you up to date with what’s happening in cybersecurity, including developments, vulnerabilities, breaches, threats, and defensive strategies. Knowing about new cyber risks and attack vectors helps you put up safeguards and preventive measures as soon as possible to protect your systems. Remaining constantly aware gives you a holistic view of […]

Bleeping Computer

12 days ago

Iranian hackers pose as journalists to push backdoor malware

The Iranian state-backed threat actor tracked as APT42 is employing social engineering attacks, including posing as journalists, to breach corporate networks and cloud environments of Western and Middle Eastern targets.

The Hacker News

12 days ago

Microsoft Outlook Flaw Exploited by Russia's APT28 to Hack Czech, German Entities

Czechia and Germany reveal they were targets of a massive cyber espionage campaign by Russia-linked APT28 hacker group.

The Cyber Express

12 days ago

This Week on TCE Cyberwatch: AI Rise, Government Crackdowns, and Global Cybercrime

The digital world continues to spin at breakneck speed, and this week's TCE Cyberwatch brings you the latest updates on

DarkReading

13 days ago

Critical GitLab Bug Under Exploit Enables Account Takeover, CISA Warns

Patch now: Cyberattackers are exploiting CVE-2023-7028 (CVSS 10) to take over and lock users out of GitLab accounts, steal source code, and more.

Bleeping Computer

13 days ago

NATO and EU condemn Russia's cyberattacks against Germany, Czechia

NATO and the European Union, with international partners, formally condemned a long-term cyber espionage campaign against European countries conducted by the Russian threat group APT28.

Bleeping Computer

Bitwarden launches new MFA Authenticator app for iOS, Android

Bitwarden, the creator of the popular open-source password manager, has just launched a new authenticator app called Bitwarden Authenticator, which is available for iOS and Android devices.

Ars Technica

Maximum-severity GitLab flaw allowing account hijacking under active exploitation

The threat is potentially grave because it could be used in supply chain attacks.

DarkReading

Dropbox Breach Exposes Customer Credentials, Authentication Data

Threat actor dropped in to Dropbox Sign production environment and accessed emails, passwords, and other PII, along with APIs, OAuth, and MFA info.

Cyber Security News

CISA Warns Of Hackers Actively Attacking GitLab Password Reset Vulnerability

Washington, D.C., May 1, 2024 – The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert concerning a newly

The Cyber Express

World Password Day: Top 10 Password Managers for Ultimate Digital Safety

In today's digital age, the necessity of strong and unique passwords has never been more critical. With cyber threats looming

Infosecurity News

Security Breach Exposes Dropbox Sign Users

Attackers accessed emails, usernames, phone numbers, hashed passwords and authentication information

Infosecurity News

US and UK Warn of Disruptive Russian OT Attacks

The US and its allies claim Russian hacktivists are disruptive operations in water, energy, food and agriculture sectors

The Cyber Express

No MFA, Major Consequences: Simple Security Oversight Led to Change Healthcare Data Breach

CEO Andrew Witty testified before Congress on Wednesday, disclosing a significant cyberattack on Change Healthcare, a subsidiary of UnitedHealth Group.

SecurityWeek

Dropbox Data Breach Impacts Customer Information

Dropbox says hackers breached its Sign production environment and accessed customer email addresses and hashed passwords.

Cyber Security News

World Password Day 2024: Create Strong Passwords & Stay Safe Online

Today marks the annual celebration of World Password Day, emphasizing the critical role that strong passwords play in safeguarding our digital

CSO

Iranian hackers harvest credentials through advanced social engineering campaigns

Mandiant observed several malicious campaigns with threat actors impersonating journalists and harvesting the victim’s cloud environment credentials.

CSO

UnitedHealth hack may impact a third of US citizens: CEO testimony

Despite paying a $22 million ransom in Bitcoin to regain access to encrypted files, the company cannot confirm whether copies of the data were made or published online.

Cyber Security News

Dropbox Sign Hacked: Attackers Stolen API Keys, MFA, & Hashed Passwords

Dropbox disclosed a significant security breach affecting its electronic signature service, Dropbox Sign (formerly known as HelloSign).

SC Magazine

Critical GitLab account takeover flaw added to CISA’s KEV Catalog

More than 2,100 servers may still be vulnerable to GitLab password reset exploits.

DarkReading

UnitedHealth Congressional Testimony Reveals Fails

The breach used stolen Citrix credentials for an account with no MFA. Attackers went undetected for days, and Change's backup strategy failed.

Bleeping Computer

DropBox says hackers stole customer data, auth secrets from eSignature service

Cloud storage firm DropBox says hackers breached production systems for its DropBox Sign eSignature platform and gained access to authentication tokens, MFA keys, hashed passwords, and customer information.

Infosecurity News

LockBit, Black Basta, Play Dominate Ransomware in Q1 2024

The data from ReliaQuest also suggests LockBit faced a significant setback due to law enforcement action

Infosecurity News

UnitedHealth CEO Confirms Breach Tied to Stolen Credentials, No MFA

Andrew Witty made the claims in a written testimony submitted before a House subcommittee hearing

SC Magazine

Senators grill UnitedHealth CEO on Change Healthcare cyberattack

Andrew Witty stuck with the familiar corporate line of providing consumers with two years of credit monitoring.

Ars Technica

Health care giant comes clean about recent hack and paid ransom

Ransomware attack on the $371 billion company hamstrung US prescription market.

CyberSecurity Dive

Change Healthcare, compromised by stolen credentials, did not have MFA turned on

AlphV deployed ransomware nine days after it used access to a Citrix portal on Change’s network to move laterally within systems, CEO Andrew Witty said in testimony prepared for a House subcommittee hearing set for Wednesday.

Bleeping Computer

Change Healthcare hacked using stolen Citrix account with no MFA

UnitedHealth confirms that Change Healthcare's network was breached by the BlackCat ransomware gang, who used stolen credentials to log into the company's Citrix remote access service, which did not have multi-factor authentication enabled.

CyberSecurity Dive

At Microsoft, years of security debt come crashing down

Critics say negligence, misguided investments and hubris have left the enterprise giant on its back foot.

SC Magazine

Change Healthcare incident caused by compromised Citrix credentialsa

UnitedHealth Group’s CEO Andrew Witty set to testify before Congress tomorrow – security pros say there’s more to the story and it will take several more months of investigation before we know the full kill chain.

DarkReading

Okta: Credential-Stuffing Attacks Spike via Proxy Networks

Okta warns users that the attack requests are made through an anonymizing service like Tor or various commercial proxy networks.

Bleeping Computer

How to Protect Your Employees from Identity-Based Attacks

Identity-based attacks have become one of the most significant threats facing organizations today. Learn more from Specops Software on tactics used in these types of attacks and how to defend against them.

CyberNews

Breaking 2FA authentication: demystifying your security

Multi-factor and 2-factor authentication, its safety and how hackers can overcome it

SecurityWeek

Okta Warns of Credential Stuffing Attacks Using Tor, Residential Proxies

Okta warns of an increase in credential stuffing attacks leveraging anonymizing services such as DataImpulse, Luminati, and NSocks.

Infosecurity News

New UK Smart Device Security Law Comes into Force Today

IoT manufacturers, retailers and importers must comply with new security legislation, the PSTI act, from today

The Hacker News

20 days ago

10 Critical Endpoint Security Tips You Should Know

Unlock Endpoint Security with our top 10 must-know tips! From MFA to EDR, discover how to protect your digital kingdom.

DarkReading

21 days ago

Cisco Zero-Days Anchor 'ArcaneDoor' Cyber Espionage Campaign

Attacks by a previously unknown state-sponsored actor leveraged two bugs in firewall devices to install custom backdoors on several government networks globally.

Infosecurity News

21 days ago

State-Sponsored Espionage Campaign Exploits Cisco Vulnerabilities

An advisory from Cisco Talos has highlighted a sophisticated cyber-espionage campaign targeting government networks globally

CyberNews

21 days ago

MFA under siege: keep your protections up-to-date

MFA breaches were behind last year’s major cyberattacks against casino giants MGM and Caesars. Yet some companies are just adding it as an extra layer of security.

Ars Technica

Cisco firewall 0-days under attack for 5 months by resourceful nation-state hackers

Perimeter devices ought to prevent network hacks. Why are so many devices allowing attacks?

SecurityWeek

Cisco Raises Alarm for ‘ArcaneDoor’ Zero-Days Hitting ASA Firewall Platforms

Cisco warns that nation state-backed hackers are exploiting at least two zero-day vulnerabilities in its ASA firewall platforms.

Bleeping Computer

ArcaneDoor hackers exploit Cisco zero-days to breach govt networks

Cisco warned today that a state-backed hacking group has been exploiting two zero-day vulnerabilities in Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) firewalls since November 2023 to breach government networks worldwide.

Bleeping Computer

Ring customers get $5.6 million in privacy breach settlement

The Federal Trade Commission is sending $5.6 million in refunds to Ring users whose private video feeds were accessed without consent by Amazon employees and contractors, or had their accounts and devices hacked because of insufficient security protections.

CSO

23 days ago

Authentication failure blamed for Change Healthcare ransomware attack

Absence of multi-factor authentication reportedly left a remote access application exposed.

SecurityWeek

23 days ago

The Battle Continues: Mandiant Report Shows Improved Detection But Persistent Adversarial Success

Mandiant's M-Trends 2024 Report unveils mixed signals in cybersecurity. While defenses are improving, attackers still retain the upper hand.

DarkReading

24 days ago

MITRE ATT&CKED: InfoSec's Most Trusted Name Falls to Ivanti Bugs

The irony is lost on few, as a Chinese threat actor used eight MITRE techniques to breach MITRE itself — including exploiting the Ivanti bugs that attackers have been swarming on for months.

Security Affairs

25 days ago

Akira ransomware received $42M in ransom payments from over 250 victims

Government agencies revealed that Akira ransomware has breached over 250 entities worldwide and received over $42 million in ransom payments.

Security Affairs

25 days ago

Security Affairs newsletter Round 468 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.

The Cyber Express

26 days ago

TCE Cyberwatch: A Look at This Week’s Top Cybersecurity Incidents

The digital landscape continues to be a battleground, with cyber threats evolving and attackers targeting an ever-wider range of victims.

Bleeping Computer

MITRE says state hackers breached its network via Ivanti zero-days

The MITRE Corporation says a state-backed hacking group breached its systems in January 2024 by chaining two Ivanti VPN zero-days.

DarkReading

LastPass Users Lose Master Passwords to Ultra-Convincing Scam

CryptoChameleon attackers trade quantity for quality, dedicating time and resources to trick even the most diligent into handing over their high-value credentials.

The Cyber Express

Akira Ransomware Group Amasses $42 Million from Over 250 Global Attacks, FBI Warns

The Akira ransomware group has been identified as the culprit behind a series of cyberattacks targeting businesses and critical infrastructure

Infosecurity News

Akira Ransomware Group Rakes in $42m, 250 Organizations Impacted

A joint advisory from Europol and US and Dutch government agencies estimated that Akira made around $42m in ransomware proceeds from March 2023 to January 2024

The Hacker News

How Attackers Can Own a Business Without Touching the Endpoint

How attackers are hacking organizations without touching the endpoint by targeting cloud identities.

The Hacker News

Akira Ransomware Gang Extorts $42 Million; Now Targets Linux Servers

Akira Ransomware group has already extorted roughly $42 million from over 250 victims globally. They are now targeting both Windows and Linux systems.

CyberNews

Akira Ransomware rampage: $42 million looted from 250+ organizations

In less than a year of operations, the Akira Ransomware gang, known for multi-extortion tactics, has claimed approximately $42 million in ransomware proceeds.

Cyber Security News

Hackers Posing as LastPass Employee to Steal Master Password & Hijack Accounts

In a sophisticated cyber attack, hackers have been discovered impersonating LastPass employees in an elaborate phishing campaign designed to steal users' master passwords and hijack their accounts.

SC Magazine

Active adversary report: Ransomware hit a ceiling, but security teams at risk for more pain

despite a pause in the rise of ransomware, organizations are failing to take the steps necessary to adequately defend themselves against the increase in attacks to come.

Ars Technica

LastPass users targeted in phishing attacks good enough to trick even the savvy

Campaign used email, SMS, and voice calls to trick targets into divulging master passwords.

Bleeping Computer

FBI: Akira ransomware raked in $42 million from 250+ victims

According to a joint advisory from the FBI, CISA, Europol's European Cybercrime Centre (EC3), and the Netherlands' National Cyber Security Centre (NCSC-NL), the Akira ransomware operation has breached the networks of over 250 organizations and raked in roughly $42 million in ransom payments.

The Hacker News

FIN7 Cybercrime Group Targeting U.S. Auto Industry with Carbanak Backdoor

FIN7, a notorious cybercrime group, is targeting the U.S. automotive industry with spear-phishing attacks.

Infosecurity News

US Election Officials Told to Prepare for Nation-State Influence Campa

A US government advisory sets out actions election officials need to take to mitigate the impact of nation-state influence campaigns ahead of the November elections

Infosecurity News