Phone improvements have long followed a well-trodden path: brighter screen, more memory, better camera, longer battery life. As a result, theres less and less to get excited about when it comes to product announcements. But in 2022, Apple, Huawei, and Motorola really did unveil something new and unexpected: texting show more ...
Killnet claims DDoS attack against NATO Special Operations Headquarters, Strategic Airlift Capability, and more.
Competitor markets working to replace Hydra's money-laundering services for cybercriminals.
CISA, FBI, and South Korean intelligence agencies warn that the North Korean government is sponsoring ransomware attacks to fund its cyber-espionage activities.
The network is alleged to have operated 100 bank accounts and stolen millions from American people and companies.
The cyberwar to attack Russia has never really stopped, despite a decreasing interest from the West.
Australia's Defence Department removed all Chinese-manufactured surveillance cameras after an audit detailed the number of Hikvision and Dahua devices installed in various government facilities.
Researchers from SecurityScorecard published a list of proxy IPs used by the pro-Russia group Killnet with the intent to interfere with its operation and block its attacks.
The CISA added actively exploited flaws in Fortra MFT, Intel driver, and TerraMaster NAS, respectively tracked as CVE-2023-0669, CVE-2015-2291, and CVE-2022-24990, to its Known Exploited Vulnerabilities Catalog.
The City of Oakland disclosed a ransomware attack, the security breach began on Wednesday night. In an abundance of caution, the City of Oakland has taken impacted systems offline, while they work to secure the impacted infrastructure.
The cyberattack was also confirmed by Germany-based Iranian journalist Bamdad Esmaili on his Twitter account. On the other hand, the Edalat-e Ali group used its Telegram channel to announce the hack.
Russian media reported that Alexander Khinshtein, the head of the Duma committee on information policy, announced that the Russian government is evaluating to avoid punishing hackers acting in the interests of Moscow.
A ransom note from the new 'DarkBit' ransomware group was left on the university's systems, where the attackers demanded 80 Bitcoin or roughly US$ 1,745,200 to release the decryptor to the university.
OilRig APT evolved its methods to bypass security protections by adding a new backdoor to its arsenal to support its long-running espionage campaign against government organizations in the Middle East.
Not only do many of the security holes discovered in 2022 impact Siemens products, the German industrial giant is also responsible for self-reporting the highest number of vulnerabilities, far more than other vendors, according to a SynSaber report.
Four different rogue packages in the Python Package Index (PyPI) have been found to carry out a number of malicious actions, including dropping malware, deleting the netstat utility, and manipulating the SSH authorized_keys file.
The National Institute of Standards and Technology (NIST) has selected a group of cryptographic algorithms called Ascon as the lightweight cryptography standard to protect data flowing through IoT devices.
Romance scams cost victims at least $1.3 billion in 2022, according to the US Federal Trade Commission's latest numbers. Almost 70,000 people reported these crimes last year, and the median reported loss was $4,400.
Tracked as NewsPenguin, the adversary has been observed sending phishing emails that use the upcoming Pakistan International Maritime Expo & Conference (PIMEC-2023) as bait and which carry weaponized documents to deliver an advanced espionage tool.
Higher-education institutions that handle federal financial aid data have until early June to comply with federal rules for protecting privacy and personal information, the Education Department noted this week.
The Singapore-headquartered firm said that it detected and blocked malicious phishing emails originating from the group targeting its employees. It's also the second attack aimed at Group-IB, the first of which took place in March 2021.
Pepsi Bottling Ventures LLC suffered a data breach caused by a network intrusion that resulted in the installation of information-stealing malware and the extraction of data from its IT systems.
With Chinese tech giants triggering national security concerns -- amid Beijing-backed bad actors capable of orchestrating massive cyberattacks worldwide -- the outcome of the constant tussle could shape the world's tech landscape for years to come.
Due to a misconfiguration, anyone familiar with the database’s IP address could access the database, which contained entries of over 153,000 users at the time it was secured.
Football reminds us of the important elements that drive effective people-centric cybersecurity. With a growing threat landscape, organizations must stay proactive: they must continuously upskill teams and individuals across the entire organization.
A surge of phishing emails impersonating DHL and MetaMask started hitting inboxes of Namecheap customers last week, attempting to trick recipients into sharing personal information or sharing their crypto wallet’s secret recovery phrase.
A previously unknown threat group, named NewsPenguin, was found targeting organizations in Pakistan with the upcoming Pakistan International Maritime Expo & Conference (PIMEC-2023) as bait. The researchers stated that the goal of the cybercriminal group is solely focused on cyberespionage, with no financial motivation.
Three vulnerabilities found in a variety of Korenix JetWave industrial access points and LTE cellular gateways may allow attackers to either disrupt their operation or to use them as a foothold for further attacks, CyberDanube researchers have found.
Medical records of Garrison Women’s Health patients were recently "subject to unauthorized third-party activity," according to information released Friday evening by Wentworth-Douglass Hospital.
The most severe issue belongs to ONLYOFFICE’s Workspace enterprise app platform. Tracked as CVE-2022-47412, the stored cross-site scripting (XSS) vulnerability is believed to impact versions from 0 through 12.1.0.1760.
BetterCyber says that the leak site claims the ransomware group has "private and personal confidential data, a lot of technical documentation, agreements, employee and client documents."
Proofpoint security experts uncovered a threat actor, tracked as TA886, infecting companies in the U.S. and Germany with the new WasabiSeed and Screenshotter malware. The custom malware can perform surveillance and steal data. Hackers push their malware via phishing emails that include Microsoft Publisher (.pub) attachments with malicious macros or PDFs containing URLs that download JavaScript files.
Trend Micro spotted an active campaign that leverages a fake employment bait against the cryptocurrency industry in Eastern Europe. Hackers are reportedly deploying Enigma Stealer which is a modified version of the Stealerium information stealer. The infection chain begins with a malicious RAR archive distributed through phishing attempts or via social media.
Information on the sophisticated APT group Earth Zhulong, which targets Vietnamese organizations, has recently come to light. The gang, which has been active since 2020, is thought to be connected to the hacker collective 1937CN from China. Organizations are suggested to stay alert and leverage best practices such as the use of anti-malware and firewalls to stay protected.
Ubuntu Security Notice 5867-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
Ubuntu Security Notice 5866-1 - It was discovered that Nova did not properly manage data logged into the log file. An attacker with read access to the service's logs could exploit this issue and may obtain sensitive information. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. It was discovered that show more ...
Red Hat Security Advisory 2023-0574-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.9.55. Issues addressed include a bypass vulnerability.
Debian Linux Security Advisory 5346-1 - Multiple security issues were discovered in libde265, an implementation of the H.265 video codec which may result in denial of service and potentially the execution of arbitrary code if a malformed media file is processed.
Global Infotech CMS version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Morphus's deep cybersecurity research expertise, cyber defense and threat intelligence services widen Accenture's cybersecurity footprint in Latin America.
A previously unknown threat actor has been targeting companies in the U.S. and Germany with bespoke malware designed to steal confidential information. Enterprise security company Proofpoint, which is tracking the activity cluster under the name Screentime, said the group, dubbed TA866, is likely financially motivated. "TA866 is an organized actor able to perform well thought-out attacks at
There have been a number of reports of attacks on industrial control systems (ICS) in the past few years. Looking a bit closer, most of the attacks seem to have spilt over from traditional IT. That's to be expected, as production systems are commonly connected to ordinary corporate networks at this point. Though our data does not indicate at this point that a lot of threat actors specifically
The advanced persistent threat (APT) actor known as Tonto Team carried out an unsuccessful attack on cybersecurity company Group-IB in June 2022. The Singapore-headquartered firm said that it detected and blocked malicious phishing emails originating from the group targeting its employees. It's also the second attack aimed at Group-IB, the first of which took place in March 2021. Tonto Team,
An unknown threat actor created malicious game modes for the Dota 2 multiplayer online battle arena (MOBA) video game that could have been exploited to establish backdoor access to players' systems. The modes exploited a high-severity flaw in the V8 JavaScript engine tracked as CVE-2021-38003 (CVSS score: 8.8), which was exploited as a zero-day and addressed by Google in October 2021. "Since V8
