Category: CySecurity News – Latest Information Security and Hacking Incidents

In today’s digital expanse, in some countries governments and corporations wield immense power, two remarkable projects—Bitcoin and Nostr—have emerged as champions of decentralization. Their stories are quite similiar, revealing their struggle for financial autonomy, censorship resistance, and individual empowerment. Bitcoin:…

Read more →

  The way technology keeps shifting its paradigm, the line between genuine interactions and digital deception is becoming increasingly difficult to distinguish. Today’s cybercriminals are leveraging the power of generative artificial intelligence (AI) to create more closely intricate and harder-to-detect…

Read more →

  In 2023, ransomware attacks saw a significant increase, jumping by 55% compared to the previous year. The number of reported victims climbed to 5,070. However, this statistic only scratches the surface of the issue. According to Statista, nearly 73%…

Read more →

  Researchers at the Georgia Institute of Technology, who have received over $1 billion in Defense Department contracts, are facing scrutiny for allegedly failing to secure their computers and servers, citing that doing so was too “burdensome.” Since 2013, the…

Read more →

  Ukrainian military intelligence agents operated a mass cyberattack on Russian Internet providers on August 24 that disrupted the online platforms of dozens of industrial facilities in Russia, according to a source with the Kyiv Independent, who was authorized to…

Read more →

  Sophisticated phone scams are becoming more common and more relentless. The numbers are mind-boggling. According to the FTC, impostor fraudsters cost US consumers $2.7 billion in 2023, and the figure is rising year after year.  These are merely the…

Read more →

  Singapore is experiencing the dread of scams and cybercrimes in abundance as we speak, with fraudsters relying more on messaging and social media platforms to target unsuspecting victims. As per the recent figures from the Singapore Police Force (SPF),…

Read more →

Organizations face an overwhelming number of vulnerabilities, and deciding which ones to address first can be a challenge for many. However, it’s essential to recognize that prioritization is merely the beginning of a more comprehensive security journey. The Limitations of…

Read more →

  FBI Director Christopher Wray emphasized the unprecedented level of diverse threats facing the nation, describing it as a time when multiple threats are simultaneously elevated, a situation he finds unparalleled in his career. In an exclusive interview during his…

Read more →

  A cryptocurrency address linked to the $305 million DMM Bitcoin hack in May has reportedly transferred 500 Bitcoin, valued at approximately $30.4 million. On August 22, PeckShield Alert reported that the suspect address initially split the funds into two…

Read more →

  The U.S. Department of Justice (DOJ) released a statement this week charging a member of a Russian cybercrime group with financial fraud, extortion, and money laundering in a U.S. court. The 33-year-old Moscow-based Latvian national Deniss Zolotarjovs was extradited…

Read more →

  The latest cyber-attack uncovered by security researchers is an information stealer that targets Apple macOS hosts and gathers a wide array of information to reach sensitive computer data. It underscores how threat actors are increasingly targeting the OS as…

Read more →

  Slack, the popular communication platform used by businesses worldwide, has recently taken action to address a potential security flaw related to its AI features. The company has rolled out an update to fix the issue and reassured users that…

Read more →

  Australia is striving to become a more energy-efficient nation. The Australian Renewable Energy Agency recently announced a $100 million effort to research and develop solar energy technologies. Further investments in energy storage, pumped hydro, and low-carbon systems may be…

Read more →

  In recent times, a significant IT disruption was caused by a defect in a content update for CrowdStrike’s Falcon sensor, affecting approximately 8.5 million PCs across diverse sectors. This issue, which disrupted organizations ranging from small businesses and global…

Read more →

  According to the Health Sector Cybersecurity Coordination Center, the Everest Ransomware group is a threat profile of the recent ransomware attack that took place at Gramercy Surgery Center in New York. The Everest Ransomware group is behind the recent…

Read more →

Today, QR codes have become a familiar sight. And why not, it makes our daily tasks easy. From making payments to accessing websites, these square patterns of black and white squares offer convenience and efficiency. However, cybercriminals have found a…

Read more →

  North Korea’s Lazarus hacking group has once again exploited a zero-day vulnerability in Microsoft Windows to deploy malware on targeted devices. On August 13, Microsoft addressed this issue with its monthly Patch Tuesday updates, fixing a flaw in the…

Read more →

  You’re not alone if the most recent Cash App data hack made you nervous. In 2022, the parent company of Block, the peer-to-peer payment platform, failed to prevent unauthorised access to Cash App customer accounts.  Cash App agreed to…

Read more →

Certain tools and techniques have been persistent, continually adapting to new challenges and threats. One such tool is the CAPTCHA solver developed by Greasy Opal, a name that has become synonymous with cybercrime over the past 16 years. This blog…

Read more →

  A new malware strain known as Styx Stealer has recently emerged, posing a significant threat to online security. Discovered in April 2024, Styx Stealer primarily targets popular browsers based on the Chromium and Gecko engines, such as Chrome and…

Read more →

  Microsoft’s apps for MacOS have been exploited by hackers recently to expose a critical vulnerability. It is believed that hackers have been exploiting vulnerabilities in popular applications, such as Microsoft Outlook and Teams, to spy on Mac users. In…

Read more →

  Cybercriminals recently targeted an 85-year-old woman from the city, subjecting her to what can be described as a ‘digital arrest’ and extorting a staggering ₹5.9 crore from her. This elaborate scam involved convincing the elderly woman that her Aadhaar…

Read more →

  On Friday, oil firm Halliburton revealed further details to regulators regarding a recent attack that forced the shutdown of critical systems. The company told news outlets that it was struck by a cyberattack on Wednesday, which disrupted operations at…

Read more →

  The prevalence of software supply chain attacks is on the rise, posing significant threats due to the extensive impact and severity of such incidents, according to threat intelligence researchers at Cyble. Within a six-month span from February to mid-August,…

Read more →

  Unicoin, a leading cryptocurrency company, experienced a cyberattack beginning on August 9, 2024, which severely disrupted its operations for nearly four days. The breach occurred when a hacker gained unauthorised access to the company’s Google G-Suite account, affecting all…

Read more →

  A recent cyber campaign by the Iranian threat actor TA453 has drawn significant attention following their targeting of a prominent Jewish religious figure with a fake podcast interview invitation. The campaign, which began in July 2024, involved a series…

Read more →

  Several days ago, the company whose data breach could have potentially exposed all Americans’ Social Security numbers to identity thieves confirmed that they were victims of a data breach, stressing that they obtained even more sensitive data than previously…

Read more →

A new and sophisticated malware has emerged, targeting the increasingly popular Near Field Communication (NFC) payment systems. Known as NGate, this Android malware has been discovered by ESET Research and poses a significant risk to users’ financial security. This blog…

Read more →

  Florida-based medical laboratory, American Clinical Solutions (ACS), recently experienced a significant data breach that exposed the sensitive information of approximately 300,000 individuals. The hacking incident, attributed to the criminal group RansomHub, resulted in the theft of 700 gigabytes of…

Read more →

    Artificial Intelligence (AI) is capable of handling repetitive tasks, but accountants who embrace and integrate technology can concentrate on more valuable activities beyond basic number-crunching, according to Md Sajid Khan, Director – India at the Association of Certified…

Read more →

Google recently announced bringing into view its Gemini AI technology, beginning with the latest Pixel 9 devices. As part of this consequential development, Google has reassured users about the strong privacy and security measures surrounding their personal data, addressing growing…

Read more →

  In the first half of 2024, victims of ransomware have paid $459,800,000 to attackers; if ransom payments continue at this pace, this year might establish a new record. Ransomware payments hit a historic high of $1.1 billion last year,…

Read more →

  During the past couple of weeks, Cisco Talos, one of the world’s most respected cybersecurity companies known for its cutting-edge cybersecurity products, has discovered at least eight security vulnerabilities. As a result of these bugs, researchers have found that…

Read more →

In an era where digital transformation is at the forefront of every industry, cybersecurity remains a critical concern. The recent cyberattack on Microchip Technology, a leading provider of microcontrollers and analog semiconductors, underscores the vulnerabilities that even the most advanced…

Read more →

  Foreign hackers are increasingly targeting Taiwan by hijacking social media accounts to spread disinformation aimed at undermining the country’s military, according to a statement released by the Ministry of Justice Investigation Bureau (MJIB) yesterday. The hackers, believed to be…

Read more →

  Given all of the major news events that have dominated headlines this summer, you’d be forgiven for missing yet another: reports that a massive data breach may have disclosed billions of details, including names, social security numbers, and addresses. …

Read more →

  The landscape of cybersecurity has drastically evolved over the past decade, driven by increasingly sophisticated and costly cyberattacks. As more businesses shift online, they face growing threats, creating a higher demand for innovative cybersecurity solutions. The rise of AI…

Read more →

  According to cyber security researchers, there is a critical security flaw in the LiteSpeed Cache plugin for WordPress that users can exploit without authentication to gain administrative privileges on the site. It is an all-in-one site acceleration plugin that…

Read more →

  With the rapid evolution of technology, there has been a concerning rise in cybercrime, particularly in the realm of identity theft on social media platforms. The Cybercrime Unit of the Public Prosecutor’s Office has observed a significant surge in…

Read more →

From everyday smartphone users to military operations, GPS plays a crucial role in determining precise locations. However, the dependency on GPS comes with its own set of vulnerabilities, including signal disruptions and potential spoofing. Enter the groundbreaking research from Sandia…

Read more →

The Fintech Association of India (FACE) has urged its members to register on the Citizen Financial Cyber Fraud Reporting and Management System (CFCFRMS). This platform, part of the broader National Cybercrime Reporting Portal, facilitates the reporting and management of financial…

Read more →

  FlightAware, a flight tracking company, urges some customers to change their account login passwords after a data breach may have compromised private data. This Houston-based technology company provides aircraft tracking data in both real time and historical format. Furthermore,…

Read more →

  Luxembourg-based Orion S.A., a leading supplier of carbon black, has been defrauded of a staggering $60 million. The company alerted the US Securities and Exchange Commission (SEC) on August 10th through an official filing (Form 8-K). The filing reveals…

Read more →

  T-Mobile customers have recently raised concerns after receiving unusual-looking links from the company’s support channels, leading to fears of potential phishing scams. However, investigations have confirmed that these links are legitimate, though their appearance and unfamiliar origin have caused…

Read more →

  According to the Bhubaneswar-Cuttack Police Commissionerate, there is an enormous amount of SIMbox crime going on in the Laxmisagar area of the city. During the period of about 5 to 6 months, this racket has been active, illegally intercepting…

Read more →

Recently, the CISA (Cybersecurity and Infrastructure Security Agency) warned about a critical remote code execution (RCE) vulnerability in Jenkins, a widely used open-source automation server. This vulnerability, CVE-2024-23897, has been actively exploited in ransomware attacks, posing a significant risk to…

Read more →

The Australian Securities and Investments Commission (ASIC) has been at the forefront of combating crypto scams, working tirelessly to protect consumers from fraudulent schemes. Despite a reported decline in the number of scams since April, ASIC continues to emphasize the…

Read more →

  The recent disruption caused by CrowdStrike has been a wake-up call for financial institutions, highlighting that no cybersecurity system is entirely foolproof. However, this realisation doesn’t lessen the need for rigorous preparation against potential cyber threats. What Happened with…

Read more →

  A new report published by Intel471 reveals that macOS is increasingly being targeted by threats developing malware specific to the operating system or using cross-platform languages to achieve their goals on macOS computers through malware being developed for Mac…

Read more →

  Successful ransomware assaults are increasing, not necessarily because the attacks are more sophisticated in design, but because attackers have found that many of the world’s largest companies lack adequate resilience to basic safety measures. Despite huge efforts in cybersecurity…

Read more →

  Earlier this year, a ransomware attack targeted Change Healthcare, a health tech company owned by UnitedHealth, marking one of the most significant breaches of U.S. health and medical data in history. Months after the breach occurred in February, a…

Read more →

  Sophos security researchers have identified a new malware, dubbed EDRKillShifter, used by the RansomHub ransomware group to disable Endpoint Detection and Response (EDR) systems in attacks leveraging Bring Your Own Vulnerable Driver (BYOVD) techniques. This method involves deploying a…

Read more →

  Business leaders and security teams can learn a lot from the recent $2.1 million settlement reached between the Securities and Exchange Commission and R.R. Donnelly & Sons Co. regarding a ransomware assault. The settlement brought RRD’s negligence to light…

Read more →

  Zero-trust security, a framework built on the principle of “never trust, always verify,” has transformed how organisations protect their data. However, as vital as the technical safeguards in this system are, there’s an often-overlooked aspect: the human element. The…

Read more →

A recent report by CrowdStrike observes on a disturbing trend: the increasing use of manual techniques in ransomware attacks. This shift towards hands-on-keyboard activities is not only making these attacks more sophisticated but also more challenging to detect and mitigate. The…

Read more →

  A significant data breach has reportedly compromised the personal information of 2.9 billion people, potentially affecting the majority of Americans. A hacking group known as USDoD claims to have stolen this data, which includes highly sensitive information such as…

Read more →

  A popular flight tracking website accidentally exposed names, addresses, aircraft owned, pilot status, and tracked flights, as well as user data. There was a surprise in the inbox of many users of FlightAware, a popular flight tracking application, on…

Read more →

Cybersecurity keeps evolving, and so do threats. One such threat is malvertising, it exploits the tools made for enhancing our digital threats. A recent campaign has surfaced, targeting Google products through malicious search ads, displaying the persistence and sophistication of…

Read more →

  The Russian disinformation network, known as Doppelgänger, is facing difficulties as it attempts to secure its operations in response to increased efforts to shut it down. According to a recent report by the Bavarian State Office for the Protection…

Read more →

  During a conversation between billionaire Elon Musk and Republican presidential candidate Donald Trump on Musk’s social media platform X, technical issues occurred that Musk claimed were caused by a DDoS attack. The discussion was significant since it was Trump’s…

Read more →

  In a countdown clock that showed that the auction would begin in seven days, the Rhysida cartel promoted an online auction that promised to sell Washington Times’ unique data. The auction was set to start within seven days of…

Read more →

  The rapid integration of AI and GenAI technologies within organizations has created a complex landscape, filled with both promising opportunities and significant challenges. While the potential benefits of these technologies are evident, many companies find themselves struggling with AI…

Read more →

  Data breaches continue to be a persistent issue without a simple solution, as evidenced by the recent breach of the background-check service National Public Data. This incident highlights the escalating dangers and complexity of such breaches. After months of…

Read more →

A scathing cyber attack has disrupted housing services in three Greater Manchester boroughs, leaving thousands of residents at risk of a phishing scam. The breach, which affected the software company Locata, has caused the temporary closure of housing websites for…

Read more →

  The initial Social Security numbers were most likely issued in late 1936, and they were intended to be used solely by the US federal government to manage retirement and disability insurance payouts. However, in the 1960s, the use of…

Read more →

A flaw was discovered in Google Pixel devices, raising concerns among users and experts alike. This blog delves into the details of this vulnerability, its implications, and the steps being taken to mitigate the risk. The Discovery A pre-installed app…

Read more →

  During the Paris 2024 Olympics, French authorities reported over 140 cyberattacks, but none of these incidents disrupted the sporting events. The French government’s cybersecurity agency, Anssi, maintained a high state of alert throughout the games, anticipating potential threats to…

Read more →

  In 2024, threat actors are likely to evolve tactics to exploit the consolidation of businesses and technologies. The mid-year 2024 cyber risk report released by Resilience Group indicates that mergers and acquisitions (M&As) are becoming more popular as well…

Read more →

  Ivanti, a leading company in network and security solutions, has issued urgent security updates to address a critical vulnerability in its Virtual Traffic Manager (vTM). The flaw, identified as CVE-2024-7593, carries an alarming severity with a CVSS score of…

Read more →

The  CERT-UA (Computer Emergency Response Team of Ukraine) has issued a warning about a sophisticated phishing campaign targeting Ukrainian government computers. This campaign, which began in July 2024, has already compromised over 100 government systems, posing a significant threat to…

Read more →

  A significant data breach has compromised the personal information of millions of individuals across the United States, United Kingdom, and Canada. The leaked data, obtained from a company called National Public Data, includes highly sensitive information such as names,…

Read more →

  X, the artificial intelligence technology company of Elon Musk, has reportedly been accused of unlawfully feeding personal information about its users to its artificial intelligence technology without their consent according to a privacy campaign group based in Vienna. This…

Read more →

  As part of a larger plan to gather intelligence and stop cybercrime from within, security researchers are actively pursuing and even infiltrating the groups that commit cybercrimes. To win the trust of cybercriminals, they frequently adopt a James Bond…

Read more →

  A recently uncovered Windows vulnerability, known as CVE-2024-6768, has raised alarm among cybersecurity experts due to its potential to cause widespread disruption by triggering the dreaded blue screen of death (BSOD) on a range of Windows operating systems. Discovered…

Read more →

  In light of the growing prevalence of e-challan scams, the Indian Computer Emergency Response Team (CERT-In) has released some crucial advice to prevent individuals from becoming victims and suffering financial loss.  Nearly 4400 devices have been infected with malware,…

Read more →

North Miami residents are on edge after Mayor Alix Desulme disclosed that his personal Gmail account was hacked in a ransomware attack. This cyberattack has severely disrupted city operations, leaving many services unavailable online.  While City Hall has reopened, residents…

Read more →

  The FBI announced on Monday that it has taken down the servers and websites used by the Radar/Dispossessor ransomware group. This action was part of a global investigation involving the U.K.’s National Crime Agency, the Bamberg Public Prosecutor’s Office,…

Read more →

  Microsoft’s SmartScreen feature, a cornerstone of Windows security, faced a significant setback when a critical vulnerability, CVE-2024-38213, was exploited by cybercriminals. This vulnerability allowed attackers to circumvent SmartScreen’s protective mechanisms and deliver malicious code to unsuspecting users. The vulnerability…

Read more →

Recent events have highlighted the vulnerabilities that still exist in our digital infrastructure. One such incident is the data breach involving National Public Data (NPD), a background check company. This breach, initially revealed in a class-action lawsuit, has now escalated,…

Read more →

  Cybersecurity researchers have recently uncovered a vast and sophisticated hacker toolkit that provides a comprehensive suite of tools for executing and maintaining cyberattacks. Found in an open directory in December 2023, the discovery offers a rare glimpse into the…

Read more →

  An element of the Dark Skippy attack involves the subtle manipulation of nonces during the signature creation process to create the signature. To obtain the private key of a cryptocurrency wallet, attackers craft carefully crafted nonces, thereby gaining full…

Read more →

  On July 19, cybersecurity leader CrowdStrike found itself at the centre of a crisis after a faulty software update caused a widespread IT outage, affecting millions of computers worldwide. The aftermath of this incident was evident at the Black…

Read more →

  Satoshi Nakamoto, the pseudonymous developer of Bitcoin, published the system’s whitepaper in 2008, bluntly criticising financial institutions and the confidence they demand. However, in 2010, one of the most notable Bitcoin collaborators in its early days and the recipient…

Read more →

Global Positioning System (GPS) technology has become an integral part of our daily lives, from smartphone navigation apps to precision agriculture and aviation. However, recent incidents have highlighted a growing threat: GPS spoofing. In this blog, we delve into GPS…

Read more →

  The dark web, often shrouded in mystery and fear, is portrayed as a breeding ground for illicit activities and cybercrime. While this image is not entirely unfounded, the dark web’s origins and uses are more nuanced, with surprising ties…

Read more →

Traditional cloud security issues once associated with service providers are declining in significance, as per the Cloud Security Alliance’s 2024 Top Threats report,  However, new challenges persist. Misconfigurations, weak identity and access management (IAM), and insecure application programming interfaces (APIs)…

Read more →

  There has been news about a prominent hacking group that claimed a large amount of sensitive personal information was allegedly stolen from a major data broker about four months ago, but a member of that group has reportedly released…

Read more →

  Recently, severe security flaws were identified in the Ewon Cosy+ industrial remote access devices, which could allow attackers to gain complete control over the systems. This vulnerability presents a serious risk, as it could lead to unauthorised access, allowing…

Read more →

  The Rhysida Ransomware outfit claims to have infiltrated Bayhealth Hospital in Delaware and is offering the allegedly stolen data for 25 BTC. Bayhealth Hospital is a technologically equipped not-for-profit healthcare facility with around 4,000 employees and a medical team…

Read more →

  Columbus is grappling with the fallout from a significant data breach, as the Rhysida ransomware group has begun leaking over three terabytes of stolen data on the dark web. The breach, which targeted the city’s employees, comes after two…

Read more →

  A new watchdog report published by the US government’s Environmental Protection Agency says the EPA must develop a comprehensive plan of action to counter the increasing number and sophistication of cybersecurity threats facing the utilities. In the last few…

Read more →

  Italy is demanding that Dongfeng Motor Group Co., a prominent Chinese automaker, agree to stringent cybersecurity and data protection measures as a condition for supporting the establishment of a new plant in the country. According to sources familiar with…

Read more →

  For the past week, England and parts of Northern Ireland have been gripped by unrest, with communities experiencing heightened tensions and an extensive police presence. Social media platforms have played an unjust role in spreading information, some of it…

Read more →

  In a shocking incident that marks India’s largest crypto theft to date, nearly ₹2,000 crore (approximately $230 million) worth of cryptocurrencies were stolen from a wallet associated with the WazirX exchange last month. This massive theft has resulted in…

Read more →

  A security vulnerability, identified 18 years ago and known as “0.0.0.0 Day,” has been discovered to allow malicious websites to bypass security measures in Google Chrome, Mozilla Firefox, and Apple Safari. This vulnerability enables these websites to interact with…

Read more →

  Security researcher Michael Bargury revealed serious flaws in Microsoft Copilot during the recent Black Hat USA conference, demonstrating how hackers might be able to use this AI-powered tool for malicious purposes. This revelation highlights the urgent need for organisations…

Read more →

  A security researcher has revealed that six companies were saved from potentially paying significant ransom demands due to security flaws found in the web infrastructure of the ransomware gangs targeting them. In a rare win for the victim organizations,…

Read more →

  It is no secret that the rapid advancement of generative artificial intelligence (AI) is transforming several industries – including the legal sector. Using AI, lawyers and legal departments can be able to handle all sorts of tasks from standard…

Read more →

A recently found major security flaw called ‘Sinkclose’ impacts virtually all of the AMD’s processors released since 2006. The vulnerability allows threat actors to deeply infiltrate into a system, making it difficult to identify and eliminate the malicious software. According…

Read more →