The data was collected for sales and marketing purposes between 2014 and 2019 and was stored in an electronic file that a vendor left unprotected, says NBC News. According to Volkswagen North American, more than 3.3 million customers and prospective buyers have been affected by a data leak at a supplier. The show more ...
According to the head of cybersecurity at GCHQ, ransomware is the biggest cybersecurity threat to most people and organizations in the UK, says The Guardian. Lindy Cameron, CEO of National Cyber Security Center, points out that the problem of hackers encrypting data and demanding cash for recovery is escalating and show more ...
When Teamsters became the target of a ransomware attack on Labor Day 2019, hackers demanded a seven-figure ransom, says NBC News. Unlike many other organizations that have been the target of high-profile ransomware attacks in recent months, the union refused to pay, according to three people familiar with the show more ...
Minecraft fans are advised to exercise extreme caution when installing mods and add-ons for the game, according to Tech Radar. Despite Minecraft being a well-known video game that continues to attract many new users, it is also a favorite target for the hacking community. In fact, Kaspersky researchers have recently show more ...
McDonald's Corp, the iconic fast-food restaurant, has been hit by a data breach leading to stolen in the United States, South Korea, and Taiwan. The exact nature of the data breach has not been disclosed. According to Wall Street Journal, the leak includes certain business contact information of U.S. employees show more ...
Following the warning that Europe needed to better protect itself from Russian meddling, Italy created a national cybersecurity organization, says Security Week. The new agency was approved by the cabinet in an all-night meeting on Thursday. The Italian government said in a statement that it must defend national show more ...
Four months after a cyberattack on Witcher and Cyberpunk 2077, CD Projekt Red has admitted that employee and game-related data appears to be circulating in the cyber underground, according to Threat Post. CD Projekt Red was the victim of a ransomware attack earlier this year, carried out by a cybercriminal group show more ...
The CSA released new guidance for health care providers that aims to provide processes and controls needed to ensure the privacy and security of cloud-based telehealth patient information.
The transition to a service model of doing business transformed ransomware, giving its developers the ability to focus on features, and leaving its customers to execute the break-in and deployment.
The email system is “totally safe and secure”, the IT ministry said while dismissing a report claiming that breaches at Air India, Big Basket, and Domino’s had exposed credentials of NIC emails.
Ryuk is the most prolific ransomware gang in the world, accounting for one-third of the 203 million U.S. ransomware attacks in 2020, according to cybersecurity firm SonicWall.
Gootkit was first discovered in 2014 and propagated via spam and exploit kits. The group has now shifted to compromised websites where targeted users are tricked into downloading the trojan.
Intuit has notified TurboTax customers that some of their personal and financial information was accessed by attackers following what looks like a series of account takeover attacks.
A team of University of Michigan researchers has developed a system that can inform a smart home – or listen for the signal that would turn on a smart speaker – without eavesdropping on audible sound.
The APWG’s new Phishing Activity Trends Report reveals that phishing maintained near-record levels in the first quarter of 2021, after a major rise in 2020 wherein reported phishing websites doubled.
The vulnerability could lead to the exfiltration of data and traffic, the hijack of other administrator accounts, and the deployment of malware such as keyloggers, backdoors, and more.
Ransomware represents the biggest threat to online security for most people and businesses in the UK, Lindy Cameron, chief executive of the GCHQ's National Cyber Security Centre is to warn.
This record number of illicit online pharmacies was shut down during Operation Pangea XIV, which targeted online sellers of counterfeit and illegal pharmaceuticals and medical devices.
The Qatar-based Al-Jazeera Media Network says that it was subjected to a series of cyber-hacking attempts to penetrate some of its platforms and websites between June 5 and 8, 2021.
During the pandemic, attackers targeted industries providing connectivity, services, and entertainment, resulting in a 341% year-over-year increase in DDoS attacks, according to Nexusguard.
The UK government has issued a call-to-arms to the country’s burgeoning cybersecurity startups through a new program to help it defend the country from malicious online activity.
AT&T Alien Labs observed Moobot, a Mirai variant botnet, scanning for known but uncommon vulnerabilities in Tenda routers and also discovered a malware-hosting domain distributing few Mirai variants.
Hostile nation-states are long thought to have tolerated cybercrime groups operating from within their borders, as long as attacks are targeted at organizations in rival nations.
Sol Oriens, a subcontractor for the U.S. Department of Energy that works on nuclear weapons with the National Nuclear Security Administration (NNSA), was hit by a cyberattack by the REvil RaaS gang.
Organizations located in the U.S. are under an unprecedented amount of ransomware attacks that will very likely continue to grow. In 2020 alone, hackers executed over 65,000 attacks on U.S. entities.
A report by Check Point Research revealed a 168% year-on-year surge in cyberattacks in APAC in 2021 as compared to May 2020. There has been a 53% rise in cyberattacks in APAC between April and May 2021 alone. This significant rise is largely attributed to unsecured work networks.
Volkswagen America said that a data breach at a third-party vendor used for sales and marketing purposes exposed the personal details of over 3.3 million customers, most of which were Audi car owners.
A massive trove of sensitive data has been discovered by researchers. This database consists of 1.2TB of login credentials, autofill data, browser cookies, and payment information extracted by a mysterious malware. The data was pulled from three million PCs between 2018 and 2020.
Avaddon ransomware group, one of the most prolific ransomware groups in 2021, has announced that they are shutting the operation down and giving thousands of victims a decryption tool for free.
A security vulnerability in Facebook’s Messenger Rooms video chat feature meant attackers could access a victim’s private Facebook photos and videos, and submit posts, via their locked Android screen.
The analysts calculated that more than 410,000 records, and hundreds of thousands of customer records, were exposed in the leak — which they estimated dates as far back as 2015.
Cybersecurity readiness firm Immersive Labs has announced a $75 million Series C round, with investments from Citi Ventures, Menlo Ventures, and follow-on from Goldman Sachs Asset Management.
The Akkadian Provisioning Manager, a third-party provisioning tool used within Cisco UC environments, has three high-severity flaws that can enable RCE with elevated privileges, researchers said.
The San Francisco-based DevOps tool provider said in a blog post that the new NodeJS-based uploader will be shipped as a static binary executable suitable for Windows, Linux, Alpine Linux, and macOS.
The SEC is also looking to shore up public companies’ disclosures on how they oversee cybersecurity risks, according to another new item on its rulemaking agenda. A proposal is expected by October.
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals show more ...
Red Hat Security Advisory 2021-2374-01 - Openshift Logging Bug Fix Release (5.0.5) addresses a lack of index validation in plugin/unmarshal/unmarshal.go .
ChromeOS suffers from a missing path restriction vulnerability in arc-obb-mounter.
Backdoor.Win32.VB.pld malware suffers from a code execution vulnerability.
SandboxedUnpacker in Chrome uses shared memory in an unsafe fashion.
Red Hat Security Advisory 2021-2405-01 - The Dynamic Host Configuration Protocol is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP show more ...
TextPattern CMS version 4.8.7 suffers from an authenticated remote command execution vulnerability.
Red Hat Security Advisory 2021-2397-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include an integer overflow vulnerability.
Red Hat Security Advisory 2021-2396-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include an integer overflow vulnerability.
Small CRM version 3.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Red Hat Security Advisory 2021-2394-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include an integer overflow vulnerability.
Stock Management System version 1.0 suffers from a remote blind SQL injection vulnerability. This is a variant to the original discovery of SQL injection in this version discovered in August of 2020 by hyd3sec.
Backdoor.Win32.Zombam.gen malware suffers from an information leakage vulnerability.
This research paper explains how to take advantage of windows services, how to mimic display names to deploy malicious beacons or even Meterpreter sessions.
GLPI version 9.4.5 remote code execution exploit.
Red Hat Security Advisory 2021-2390-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include an integer overflow vulnerability.
Red Hat Security Advisory 2021-2395-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include an integer overflow vulnerability.
Accela Civic Platform version 21.1 suffers from an insecure direct object reference vulnerability.
Accela Civic Platform version 21.1 suffers from cross site scripting and open redirection vulnerabilities.
Red Hat Security Advisory 2021-2391-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include an integer overflow vulnerability.
Backdoor.Win32.Pazus.18 malware suffers from bypass and code execution vulnerabilities.
COVID-19 Testing Management System version 1.0 suffers from a persistent cross site scripting vulnerability. This is a variant of the original discovery of cross site scripting in this version made by Rohit Burke in May of 2021.
Red Hat Security Advisory 2021-2389-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include an integer overflow vulnerability.
OpenEMR version 5.0.1.3 authenticated remote shell upload exploit.
KnFTP Server version 1.0.0 LIST denial of service proof of concept exploit.
Even as a massive data breach affecting Air India came to light the previous month, India's flag carrier airline appears to have suffered a separate cyber assault that lasted for a period of at least two months and 26 days, new research has revealed, which attributed the incident with moderate confidence to a Chinese nation-state threat actor called APT41. Group-IB dubbed the campaign "ColunmTK"
A new cyber espionage group named Gelsemium has been linked to a supply chain attack targeting the NoxPlayer Android emulator that was disclosed earlier this year. The findings come from a systematic analysis of multiple campaigns undertaken by the APT crew, with evidence of the earliest attack dating back all the way to 2014 under the codename Operation TooHash based on malware payloads
In response to malicious actors targeting US federal IT systems and their supply chain, the President released the "Executive Order on Improving the Nation’s Cybersecurity (Executive Order)." Although directed at Federal departments and agencies, the Executive Order will likely have a ripple effect through the Federal technology supply stream. Private companies and enterprises will look to the
Google on Monday announced that it's rolling out client-side encryption to Google Workspace (formerly G Suite), thereby giving its enterprise customers direct control of encryption keys and the identity service they choose to access those keys. "With client-side encryption, customer data is indecipherable to Google, while users can continue to take advantage of Google's native web-based
The head of the UK's National Cyber Security Centre has warned that ransomware has become the biggest threat to British people and businesses. And says ransomware gangs "are often enabled and facilitated by states acting with impunity." Read more in my article on the Tripwire State of Security blog.
The US Congress may have a beef with the firm which paid a ransom totalling $11 million to a gang of cybercriminals.
