Category: CySecurity News – Latest Information Security and Hacking Incidents

  A leading cybersecurity expert has warned that the NHS remains at risk of further cyber-attacks unless it updates its computer systems. This stark warning follows a significant ransomware attack that severely disrupted healthcare services across London.  Prof Ciaran Martin,…

Read more →

  Fraudsters seem to be perpetually ahead of the curve. Early in 2022, research indicated that one in four online accounts was fraudulent, a figure that has only escalated since. In the auto lending sector alone, losses amounted to $7.9…

Read more →

  Europol has proposed solutions to address some of the challenges posed by privacy-enhancing technologies found in Home Routing, which pose a challenge for law enforcement agencies in intercepting communications during criminal investigations as a result of these technologies. There…

Read more →

  Cybersecurity agencies from Australia, Canada, Germany, Japan, New Zealand, South Korea, the United Kingdom, and the United States have issued a joint advisory about APT40, a China-linked cyber espionage group, warning regarding its ability to co-opt exploits for newly…

Read more →

  In the face of emerging quantum computing threats, traditional encryption methods are becoming increasingly vulnerable. This has spurred the development of quantum key distribution (QKD), a technology that uses the principles of quantum mechanics to secure data transmission. While…

Read more →

In recent months, cybersecurity researchers have detected a surge in the exploitation of a critical vulnerability known as CVE-2024-21412. This vulnerability specifically targets Microsoft SmartScreen, a security feature designed to protect users from malicious websites and downloads.  In this blog…

Read more →

The ACCC (Australian Competition and Consumer Commission) has cautioned that scammers are approaching victims with false offers to assist them in recovering from scams.  Scammers and Fake Recovery Offers The National Anti-Scam Centre warns Australians who have had their money…

Read more →

  A ransomware attack on Patelco Credit Union in the Bay Area has disrupted banking services for nearly half a million members, with the outage potentially lasting for weeks. The credit union announced the attack on June 29 through Twitter.…

Read more →

  As of July 1, Oregonians have gained significant new consumer privacy rights under the Oregon Consumer Privacy Act (OCPA). This law, enacted in July 2023 but now in effect, results from four years of work by the Attorney General’s…

Read more →

  The internet is becoming an increasingly important aspect of people’s lives since it allows them to perform an array of activities with minimal effort. However, it is also becoming a more dangerous place, as many hackers harm you by…

Read more →

  In a landmark ruling, the Supreme Court of India recently directed every advertiser and advertising agency to submit a self-declaration certificate confirming that their advertisements do not make misleading claims and comply with all relevant regulatory guidelines before broadcasting…

Read more →

  Several months ago, security researchers discovered the world’s largest collection of stolen passwords and credentials had been uploaded to an infamous criminal marketplace where cybercriminals would trade such credentials for a considerable amount of money. A hacker known as…

Read more →

  Researchers at QiAnXin XLab have found a new and dangerous botnet called Zergeca. This botnet, written in the Go programming language (Golang), can launch powerful distributed denial-of-service (DDoS) attacks, which can overwhelm and shut down targeted websites or services.…

Read more →

A recent security incident at OpenAI serves as a reminder that AI companies have become prime targets for hackers. Although the breach, which came to light following comments by former OpenAI employee Leopold Aschenbrenner, appears to have been limited to…

Read more →

  The information security community is buzzing with discussions about a vulnerability in Ghostscript, which some experts believe could lead to significant breaches in the coming months. Ghostscript, a Postscript and Adobe PDF interpreter, allows users on various platforms including…

Read more →

  At the bottom of a two-meter staircase in Gumi City Council, South Korea, a robot that worked for the city council was discovered unresponsive. There are those in the country who label the first robot to be built in…

Read more →

  The Fédération Internationale de l’Automobile (FIA), the governing body overseeing Formula 1 and other major motorsports worldwide, recently disclosed a significant cyberattack. This breach resulted from phishing attacks that compromised personal data within two FIA email accounts, exposing vulnerabilities…

Read more →

The BianLian ransomware organization is accused of cyberattacking against three major US companies, consisting of large amounts of sensitive data. The victims of the BianLian ransomware attack—Island Transportation Corp., Legend Properties Inc., and Transit Mutual Insurance Corporation of Wisconsin—had their…

Read more →

  Eldorado, a new ransomware-as-a-service (RaaS), was released in March and has locker variations for VMware ESXi and Windows. The gang has already claimed 16 victims, the majority of whom are in the United States and work in real estate,…

Read more →

  Earlier this year, a hacker successfully breached OpenAI’s internal messaging systems, obtaining sensitive details about the company’s AI technologies. The incident, initially kept under wraps by OpenAI, was not reported to authorities as it was not considered a threat…

Read more →

  Despite their growing popularity, passkeys are not as secure as many believe. According to Joe Stewart, principal security researcher at eSentire’s Threat Response Unit (TRU), many online accounts using passkeys can still fall victim to adversary-in-the-middle (AitM) attacks. This…

Read more →

  The latest figures suggest that nearly 1,500 medical operations have been cancelled at some of London’s leading hospitals in the four weeks following Qilin’s ransomware attack on pathology services provider Synnovis. But perhaps no one was more severely impacted…

Read more →

  A cybercriminal known as Alderson1337 has emerged on BreachForums, offering a critical exploit targeting npm accounts. This vulnerability poses a significant threat to npm, a crucial package manager for JavaScript managed by npm, Inc., a subsidiary of GitHub. Alderson1337…

Read more →

In the rapidly changing world of cloud technology, serverless computing, once hailed as a groundbreaking innovation, is now losing its relevance. When it first emerged over a decade ago, serverless computing promised to free developers from managing detailed compute and…

Read more →

In April 2023, OpenAI, a leading artificial intelligence research organization, faced a significant security breach. A hacker gained unauthorized access to the company’s internal messaging system, raising concerns about data security, transparency, and the protection of intellectual property.  In this…

Read more →

  The U.S. messaging giant Twilio has been accused of stealing 33 million phone numbers over the past week as a result of a hacker’s exploit. Authy, a popular two-factor authentication app owned by Twilio that uses the phone numbers…

Read more →

  Ministry of Justice employees referred to a woman as a “bitch” in an online conversation, which she later received a copy of, serving as a reminder of the importance of careful workplace communication, says an employment lawyer.  Academic and…

Read more →

  Cybersecurity researchers have identified a wave of attacks targeting outdated versions of the HTTP File Server (HFS) software from Rejetto, aiming to distribute malware and cryptocurrency mining tools. These attacks exploit a critical security flaw known as CVE-2024-23692, which…

Read more →

Patelco Credit Union, a prominent financial institution based in Dublin, has been thrust into the spotlight due to a crippling ransomware attack.  With over half a million members affected, the situation underscores the critical importance of robust cybersecurity measures for…

Read more →

  Ransomware demands are skyrocketing in 2024, with the average extortion demand per ransomware attack exceeding $5.2 million per incident in the first half of the year.  Following an attack on India’s Regional Cancer Centre (RCC) on April 20, a…

Read more →

  The recent attack on one of the largest financial services providers has led to a problem for many companies that work with the provider, two of which have already alluded to possible negative implications for customer data due to…

Read more →

  Indonesia recently faced its worst cyber attack in years, exposing critical weaknesses in the country’s IT policy. The ransomware attack, which occurred on June 20, targeted Indonesia’s Temporary National Data Center (PDNS) and used the LockBit 3.0 variant, Brain…

Read more →

As one of today’s most popular social media platforms, YouTube frequently attracts cybercriminals who exploit it to run scams and distribute malware. These schemes often involve videos masquerading as tutorials for popular software or ads for cryptocurrency giveaways. In other…

Read more →

  Cisco patched a NX-OS zero-day, identified as CVE-2024-20399 (CVSS score of 6.0), which the China-linked group Velvet Ant used to deploy previously unidentified malware as root on vulnerable switches.  The bug exists in the CLI of Cisco NX-OS Software;…

Read more →

  The future of payment technologies and consumer trends are exploding; GenZ’s are more tuned to flexible, and reliable payment sources. The market is evolving with the needs of this generation and adapting new business models and technologies to meet…

Read more →

  Wise, a prominent financial technology company, recently disclosed a data breach impacting some customer accounts due to a ransomware attack on their former partner, Evolve Bank & Trust. The breach has raised significant concerns about the security of third-party…

Read more →

In May, the hacking group ShinyHunters claimed to have gotten personal information from more than 500 million Ticketmaster users and was selling the data on the dark web, and the business has now admitted that consumer data may have been…

Read more →

  Researchers have identified a new ransomware group called Volcano Demon, responsible for at least two successful attacks in the past two weeks. Tim West, an analyst at cybersecurity firm Halcyon, revealed that the group targeted companies in the manufacturing…

Read more →

  Cambridge, Massachusetts-based enterprise software provider HubSpot is handling a security compromise that has affected many customer accounts. Less than fifty accounts have been compromised, the business said in an online post. Although the investigation is still ongoing, HubSpot stressed…

Read more →

  Amid escalating cyber threats, the Reserve Bank of India (RBI) has released a comprehensive advisory to all scheduled commercial banks. This advisory, disseminated by the Department of Banking Supervision in Mumbai, stresses upon the paramount importance of robust cybersecurity…

Read more →

Developers strive to maintain robust codebases, but occasionally, they encounter dubious or exaggerated reports that can disrupt their work.  A recent incident involving the popular open-source project “ip” sheds light on the challenges faced by developers when dealing with Common…

Read more →

Researchers from the University of California, San Diego, have discovered a new vulnerability in modern Intel processors, specifically the Raptor Lake and Alder Lake generations. This vulnerability, named ‘Indirector,’ can be used to steal sensitive information from the CPU.  The…

Read more →

  The most severe security failures are generally those that we cannot anticipate – until they occur. Prior to 9/11, national security and law enforcement planners expected that airline hijackers would land their planes and reach a settlement — until…

Read more →

  In the first half of 2024, the average ransom demand per ransomware attack reached over $5.2 million (£4.1 million), according to a new analysis by Comparitech. This figure is derived from 56 known ransom demands issued by cybercriminals from…

Read more →

  As of May 24, a circular was issued by SEBI prohibiting stock exchanges and intermediaries in India from sharing time-sensitive share price information with fantasy trading platforms that gamify stock trading in real-time. In the week after the Securities…

Read more →

A recent security analysis discovered critical vulnerabilities in CocoaPods, the widely used dependency management platform for Apple developers. These vulnerabilities pose significant risks to iOS and macOS apps, potentially allowing attackers to compromise user data and system integrity. Apple CocoaPods…

Read more →

Cyber fraudsters have developed a new method to deceive unsuspecting individuals by posing as police officers and claiming that a relative has been arrested in a narcotics case. They demand a bribe to drop the charges, preying on the victims’…

Read more →

  Police in Australia have arrested and charged a man with nine cybercrime crimes for allegedly setting up fictitious public Wi-Fi networks using a portable wireless access point to steal data from unsuspecting users.  The man designed “evil twin” Wi-Fi…

Read more →

In the rapidly evolving world of technology, generative artificial intelligence (GenAI) programs are emerging as both powerful tools and significant security risks. Cybersecurity researchers have long warned about the vulnerabilities inherent in these systems. From cleverly crafted prompts that can…

Read more →

  Cryptographers are making significant strides in the field of quantum encryption, developing new rules that promise to enhance data security in the quantum computing age. As quantum computers advance, they pose a threat to current encryption methods, which rely…

Read more →

  European Union regulators have accused Meta Platforms of violating the bloc’s new digital competition rules by compelling Facebook and Instagram users to either view ads or pay to avoid them. This move comes as part of Meta’s strategy to…

Read more →

  There has been a significant increase in the number of threats exploiting the drive-by-download method during the first half of 2024, such as the FakeBat loader, formerly EugenLoader or PaykLoader. There has been an increasing emphasis on using this…

Read more →

Microsoft recently faced material backlash over its new AI tool, Recall, leading to a delayed release. Recall, introduced last month as a feature of Microsoft’s new AI companion, captures screen images every few seconds to create a searchable library. This…

Read more →

  The Future of Cybersecurity Jobs in an AI-Driven World Artificial Intelligence (AI) is revolutionizing the cybersecurity landscape, enhancing both the capabilities of cyber attackers and defenders. But a pressing question remains: Will AI replace cybersecurity jobs in the future?…

Read more →

Hackers have claimed responsibility for three major cyberattacks in Italy in the last 24 hours. The RansomHub and RansomHouse gangs allegedly carried out the ransomware assaults in Italy. RansomHub targeted the websites of Cloud Europe and Mangimi Fusco, while RansomHouse…

Read more →

  Cybercriminals have carried out a series of hacks targeting big companies by breaking into the back ends of their software suppliers, disrupting operations at auto dealerships all over the U.S. This is the latest in a wide-ranging series that…

Read more →

  Infosys McCamish Systems (IMS) recently disclosed that a LockBit ransomware attack earlier this year compromised sensitive information of more than six million individuals. IMS, a multinational corporation specializing in business consulting, IT, and outsourcing services, primarily serves the insurance…

Read more →

  Data centre liquid cooling systems are becoming increasingly popular due to their greater heat management effectiveness when compared to traditional air cooling methods. However, as technology advances, new security issues emerge, such as cybersecurity and physical risks.  These concerns…

Read more →

  Multiple critical vulnerabilities have been identified in Emerson gas chromatographs, posing risks such as unauthorized access to sensitive data, denial-of-service conditions, and arbitrary command execution. Gas chromatographs are essential in various industries like chemical, environmental, and healthcare sectors for…

Read more →

  Researchers from Penn State University have uncovered critical vulnerabilities in 5G technology that put mobile devices at risk. At the upcoming Black Hat 2024 conference in Las Vegas, they will reveal how attackers can exploit these weaknesses to steal…

Read more →

Cybersecurity threats have become increasingly sophisticated, and state-sponsored actors continue to target government institutions and diplomatic entities. One such incident involves a Russian threat actor known as “Nobelium,” which has been launching spear phishing attacks against French diplomats. ANSSI Issued…

Read more →

  A new ransomware operation known as Brain Cipher has emerged, targeting organizations worldwide. This operation recently gained media attention due to an attack on Indonesia’s temporary National Data Center. Indonesia is developing National Data Centers to securely store servers…

Read more →

In early June, Kadokawa’s video-sharing platform Niconico experienced a server outage, which has now been claimed by the Russia-linked hacker group BlackSuit. This group, a rebrand of the Royal ransomware operation and linked to the defunct Conti cybercrime syndicate, has…

Read more →

  A July 4 deadline for Windows users who have not updated their systems is fast approaching. It was only two weeks ago that a two-week-old security vulnerability found in Windows was found to have been reactivated. Despite Microsoft’s claim…

Read more →

  We’re more than halfway into 2024, and we’ve already witnessed some of the largest and the most damaging data breaches in recent history. And just when you thought some of these hacks couldn’t be much worse, they did. The…

Read more →

  A major scandal has emerged in South Korea, where the internet service provider KT is accused of intentionally installing malware on the computers of 600,000 subscribers. This invasive action was reportedly designed to interfere with and block torrent traffic,…

Read more →

  Kadokawa Group, the parent company of renowned game developer FromSoftware, has fallen victim to a gruesome ransomware attack. The Japanese conglomerate, known for its diverse involvement in book publishing, the video-sharing service Niconico, and various other media enterprises, revealed…

Read more →

A major vulnerability exists in some versions of GitLab Community and Enterprise Edition products, which might be exploited to run pipelines as any user. GitLab is a prominent web-based open-source software project management and task tracking tool. There are an…

Read more →

  Cybercriminals have always been adept at abusing the latest technological developments in their attacks, and weaponizing QR codes is one of their most recent strategies. QR codes have grown in popularity as a method for digital information sharing due…

Read more →

  An investigation has found that a North Korea-linked threat actor, known as Kimsuky, has been involved in the use of a malicious Google Chrome extension to steal sensitive information to collect information as part of an ongoing intelligence collection…

Read more →

  iTeamViewer, a remote access software company, has announced that its corporate environment was compromised in a cyberattack. According to the company, the breach was detected on Wednesday, June 26, 2024, and is believed to have been carried out by…

Read more →

  This year, software company 37signals has made headlines with its decision to leave cloud computing, resulting in a significant profit boost of over $1 million (£790,000). This move highlights a growing trend among businesses reassessing the value of cloud…

Read more →

  In today’s digital age, entering your real email address into a website is a risky move. It’s all too common for websites to sell your information to data brokers, who then use it for marketing, targeted ads, or even…

Read more →

A Case of Privacy Breach and Unintended Disclosure In an unprecedented turn of events, the Internal Revenue Service (IRS) recently issued a public apology to billionaire investor Ken Griffin. The reason? Leaked tax records that exposed sensitive financial information, including…

Read more →

  In a recent study, university exams taken by fictitious students using artificial intelligence (AI) outperformed those by real students and often went undetected by examiners. Researchers at the University of Reading created 33 fake students and employed the AI…

Read more →

  The future of Web3 is being significantly shaped by two critical advancements: hyperscaling and on-chain confidentiality. As blockchain technology continues to evolve, these innovations are poised to address some of the fundamental challenges faced by decentralized systems, paving the…

Read more →

  Indian security agencies are concerned about a potential huge data breach triggered by Chinese microchips and hardware detected in biometric attendance systems (BAS) deployed in central and state government buildings, including sensitive departments.  During their investigations, intelligence agencies discovered…

Read more →

  Throughout the healthcare industry, CIOs are implementing technologies that allow precision diagnostics, reduce clinician workload, and automate back-office functions, from ambient documentation to machine learning-based scheduling. A lot of data is available in Penn Medicine BioBank, an institution run…

Read more →

  A hacker claims to have accessed a large database linked with the Indian government’s portal for blue-collar workers emigrating from the country.  The eMigrate portal’s database allegedly includes full names, contact numbers, email addresses, dates of birth, mailing addresses,…

Read more →

  Tech billionaire Jack Dorsey, best known as the founder of Twitter (now X), has issued a stark warning about the future. He predicts that in the next five to ten years, it will become increasingly difficult for people to…

Read more →

  In today’s rapidly advancing digital world, how organisations store their data is crucial to their cybersecurity strategies. Whether protecting sensitive customer information, securing intellectual property, or ensuring smooth business operations, effective data storage methods can prominently impact an organisation’s…

Read more →

  A newly discovered vulnerability in MOVEit, a popular file transfer tool, is currently under active exploitation, posing serious threats to remote workforces. Cybercriminals are taking advantage of this flaw to gain unauthorized access to sensitive data.  This exploitation highlights…

Read more →

  Security researchers announced on Monday that there had been a supply chain attack on up to 36,000 WordPress plugins running on a wide range of websites that had been backdoored by unknown hackers. Currently, researchers from security firm Wordfence…

Read more →

The convergence of Web3 technologies and the healthcare industry has sparked significant interest and investment. As blockchain, decentralized applications (dApps), and smart contracts gain traction, the potential benefits for healthcare are immense. However, this rapid adoption also brings cybersecurity challenges…

Read more →

In the past ten years, public cloud computing has dramatically changed the IT industry, promising businesses limitless scalability and flexibility. By reducing the need for internal infrastructure and specialised personnel, many companies have eagerly embraced public cloud services. However, as…

Read more →

The Attack The automotive industry has faced an unprecedented challenge: a cyberattack targeting CDK Global, a major software provider for auto dealerships. This incident has sent shockwaves through the industry, affecting dealerships across the United States. In this blog post,…

Read more →

  Cado Security experts warned that the P2Pinfect worm is used in attacks on Redis servers to deliver ransomware and cryptocurrency mining payloads.  Palo Alto Networks Unit 42 researchers uncovered the P2P worm P2PInfect in July 2023, which targets Redis…

Read more →

  Blockchain technology, which was first developed as part of the backbone of cryptocurrencies such as Bitcoin, has grown beyond its original purpose. To enhance efficiency, reduce fraud, and spur innovation across various industries, it has its unique attributes-decentralization, transparency,…

Read more →

  A recent study has unveiled a critical security threat impacting approximately 280 million Google Chrome users who have installed dangerous browser extensions. These extensions, often masquerading as useful tools, can lead to severe security risks such as data theft,…

Read more →

  Bharat Sanchar Nigam Limited (BSNL) has reportedly experienced a significant data breach, with the responsible threat actor claiming to have acquired sensitive user and operational data. The government-owned telecom provider’s servers were attacked, resulting in the hackers obtaining SIM…

Read more →

  Imagine receiving a message that your deceased father’s “digital immortal” bot is ready to chat. This scenario, once confined to science fiction, is becoming a reality as the digital afterlife industry evolves. Virtual reconstructions of loved ones, created using…

Read more →

  The Washington Post reported on Monday that federal law enforcement authorities have long received information about certain Americans’ mail via a little-known U.S. Postal Service operation known as the “mail covers program.” While officials argue that the program is…

Read more →

A survey discovered that nearly half of all new commercial artificial intelligence projects are abandoned in the middle. Navigating the AI Implementation Maze A recent study by the multinational law firm DLA Piper, which surveyed 600 top executives and decision-makers…

Read more →

  In recent weeks, the cybercriminal group UNC5537 has made significant waves. This ransomware gang, potentially linked to ShinyHunters or Scattered Spider, stole over 560 million customer records from Ticketmaster. On May 28, they listed this data for sale on…

Read more →

  In a statement released on 3 June, NHS England confirmed that the patient data managed by the company Synnovis for blood testing was stolen in a ransomware attack. In a threat to extort money from Synnovis, a group of…

Read more →

  In recent weeks, car dealerships across the United States and Canada have been severely disrupted by consecutive cyberattacks, underlining the growing vulnerability of the automotive retail sector. These attacks, involving sophisticated ransomware operations, have caused significant operational challenges, impacting…

Read more →

Generative AI (GenAI) has emerged as a driving focus area in the learning and development (L&D) strategies of IT and consulting firms. Companies are increasingly investing in comprehensive training programs to equip their employees with essential GenAI skills, spanning from…

Read more →

  Cryptography secures online communication, but with reported losses of $534 million due to data breaches in 2023, robust encryption is crucial. Weak encryption invites breaches and man-in-the-middle attacks. Strong VPNs provide robust encryption and secure internet communication paths, essential…

Read more →

  The National Testing Agency (NTA) in India is in the midst of a serious crisis, with its staff worried about the safety of any exam due to claims that the NTA’s website was hacked.  Following the cancellation of the…

Read more →

  Although local party anger has been expressed over the selection of Conservative Chairman Richard Holden as the party’s candidate for Basildon and Billericay, he has been appointed at the very last minute as the party’s candidate. The BBC contacted…

Read more →