Category: CySecurity News – Latest Information Security and Hacking Incidents

  DrayTek recently patched 14 vulnerabilities in 24 router models, including a critical buffer overflow flaw that could allow remote code execution (RCE) or denial of service (DoS). The vulnerabilities, identified by Forescout Research’s Vedere Labs and described in their…

Read more →

  During an investigation conducted recently, it was discovered that several malicious packages masquerading as services for recovering cryptocurrency wallets were found in the Python Package Index repository, revealing that they were spying on sensitive personal information and helping to…

Read more →

  A fake crypto wallet draining app on Google Play has stolen USD 70,000 from users, making it the first case where mobile users were specifically targeted by such a scam. The app stayed active for several months before being…

Read more →

  Microsoft has released an update regarding the Recall feature in Windows 11, which has been on hold for some time owing to security and privacy concerns. The document also details when Microsoft intends to move forward with the feature…

Read more →

Necro Trojan, which has recently made headlines for its innovative use of steganography has compromised over 11 million Android devices. This blog delves into the intricacies of this malware, how it works, and its impact on cybersecurity. Understanding the Necro…

Read more →

  One-third of all the Americans’ information has been leaked by a background check company in the United States due to a disturbing data breach report. MC2 Data, which is one of the largest providers of background checks in the…

Read more →

  Over the past few years, AI assistants have made coding easier for developers in that one is able to quickly develop and push code over to GitHub, among others. But with so much automation going on, the risk of…

Read more →

  It is no secret that cloud computing is efficient and scalable, however, they do come with a price tag. Many top executives are concerned about specific security threats faced by cloud environments, and these are also the ones they…

Read more →

  Travelers have long been warned about the dangers of public Wi-Fi, especially in places like airports, where lax security makes them a hacker’s playground. A recent arrest in Australia has drawn attention to the resurgence of “evil twin” attacks,…

Read more →

  The Evil Corp cybercrime group has been hit with fresh sanctions by the United States, United Kingdom, and Australia. Additionally, the U.S. has indicted a member for their involvement in BitPaymer ransomware attacks. Back in 2019, the U.S. had…

Read more →

Email, the backbone of communications in today’s age, also serves as a common vector for cyberattacks, particularly phishing scams. Phishing emails are designed to trick recipients into revealing sensitive information or downloading malicious software. To protect yourself, it’s crucial to…

Read more →

  Japan’s Computer Emergency Response Center (JPCERT/CC) recently revealed strategies to detect ransomware attacks by analyzing Windows Event Logs, offering vital early detection before the attack spreads. JPCERT’s insights focus on identifying digital traces left behind by ransomware within four…

Read more →

Hong Kong has experienced a rise in cybersecurity threats, scammers are targeting individuals and businesses. A recent survey highlighted by the South China Morning Post (SCMP) reveals that nearly two-thirds of victims have suffered financial losses or wasted valuable time…

Read more →

  Today, Virtual Private Networks (VPNs) have become omnipresent. Millions around the world use VPNs, and they are often promoted by influencers as essential tools for privacy. Their rise in popularity stems from the idea that they offer online privacy…

Read more →

  There is a renewed effort underway in the fight against spam and unsolicited commercial communication as the Department of Telecom (DoT), the telecom regulator Trai, and private telecommunication companies are launching new programs to combat cyber fraud and phishing…

Read more →

  The Community Clinic of Maui, also known as Mālama, recently notified over 123,000 individuals that their personal data had been compromised during a cyberattack in May. Hackers gained access to sensitive information between May 4 and May 7, including…

Read more →

  Microsoft has uncovered a multi-stage cyberattack by the financially motivated group Storm-0501, targeting sectors in the U.S., including government, manufacturing, transportation, and law enforcement.  The attackers compromised hybrid cloud environments, stealing credentials, tampering with data, and deploying ransomware. Storm-0501,…

Read more →

  The UK’s National Cyber Security Centre (NCSC) collaborated with government agencies across the Atlantic to issue a new alert regarding Iranian cyber-threats last week.  The security advice, issued in collaboration with the FBI, US Cyber Command – Cyber National…

Read more →

  A critical vulnerability in the widely-used TI WooCommerce Wishlist plugin has been discovered, affecting over 100,000 WordPress sites. The flaw, labeled CVE-2024-43917, allows unauthenticated users to execute arbitrary SQL queries, potentially taking over the entire website. With a severity…

Read more →

  In a recent study, Unit 42 researchers discovered that the Sparkling Pisces (aka Kimsuky) threat group uses two malware samples. A keylogger named KLogEXE by its authors is included in the list of malware, as is a variant of…

Read more →