Category: CySecurity News – Latest Information Security and Hacking Incidents

In recent days, the automotive industry has been hit by a significant IT outage that has disrupted operations for car dealerships across North America. The culprit? The notorious BlackSuit ransomware gang. In this blog post, we’ll delve into the details…

Read more →

  A severe cyberattack on Ascension, one of the largest healthcare systems in the United States, has disrupted patient care significantly. The ransomware attack, which began on May 8, has locked medical providers out of critical systems that coordinate patient…

Read more →

  In a severe cyber attack targeting a London hospital, hackers have published a massive 400GB of sensitive data, raising significant alarm within the healthcare sector. This breach underscores the escalating threat posed by cybercriminals to critical infrastructure, especially within…

Read more →

  Qilin, also known as Agenda, is a ransomware-as-a-service operation that collaborates with affiliates to encrypt and exfiltrate data from hacked organizations, demanding a ransom in return.  Despite its name deriving from a mythical Chinese creature that combines features of…

Read more →

  A prominent threat actor known as IntelBroker, notorious for orchestrating several high-profile data breaches, has now set its sights on Apple. The hacker successfully leaked the company’s source code associated with several internal tools, announcing this development through a…

Read more →

  Jollibee Foods Corp., a fast-food company specializing in Filipino fare, is investigating a report of a data breach in its delivery service system, adding its name to a growing list of companies which have been targeted by hackers in…

Read more →

Change Healthcare, a company that handles medical billing, claims processing, and other critical healthcare functions, fell victim to a sophisticated cyberattack. The attackers gained unauthorized access to the company’s systems, compromising a vast amount of sensitive data. The Breach UnitedHealth…

Read more →

In the realm of cybersecurity, ensuring the safety and integrity of a network is a multifaceted endeavor. One crucial aspect of this process is the regular assessment of potential vulnerabilities within the system. As a cybersecurity professional, our work revolves…

Read more →

  The Unified Payments Interface (UPI) has transformed the infrastructure of digital transactions in India, providing a fast, easy, and secure method for payments. However, its rapid adoption has also attracted the attention of cybercriminals. This article delves into the…

Read more →

  Security experts are raising alarms about a new infostealer named Fickle Stealer, which is being disseminated through various techniques across the internet. Fickle Stealer engages in typical malicious activities, such as stealing sensitive files, system information, browser-stored files, and…

Read more →

  With minimal expense and a bit of time, passwords can be cracked much faster than expected using a smart brute-force guessing algorithm. A recent analysis by Kaspersky revealed that 59% of 193 million real passwords were cracked in under…

Read more →

  Banks, credit card companies, the government, and a variety of other entities are continually looking for new ways to protect your money and data. But scammers never appear to be far behind. According to a 2023 Ipsos poll conducted…

Read more →

ISIS, a terrorist organization allegedly launched two fake channels on Google-owned video platforms YouTube and Facebook. CNN and Al Jazeera claimed to be global news platforms through their YouTube feeds. This goal was to provide credibility and ease the spread…

Read more →

  There is no doubt that traffic violations have also been victimized by scammers, as have most online services, as phishing has become one of the new ways in which unsuspecting victims have been tricked into giving out their personal…

Read more →

  If you’re not using strong, random passwords, your accounts might be more vulnerable than you think. A recent study by cybersecurity firm Kaspersky shows that a lot of passwords can be cracked in less than an hour due to…

Read more →

  The RansomHub ransomware operation is now employing a Linux encryptor specifically designed to target VMware ESXi environments during corporate attacks. Launched in February 2024, RansomHub operates as a ransomware-as-a-service (RaaS) with connections to ALPHV/BlackCat and Knight ransomware. The group…

Read more →

  Private data of TheBus and Handi-Van customers appears to have been hacked in an alleged ransomware attack on the company that operates the transportation services. The websites for TheBus and Handi-Van have been down for four days as the…

Read more →

  Small businesses are becoming more concerned about payment fraud, as revealed by a recent survey from regional bank KeyBank. The survey included nearly 2,000 small-to-medium-sized businesses with annual revenues of less than $10 million. The results show that payment…

Read more →

  In a recent report to the company’s employees, Ohio-based Crown Equipment, which is one of the world’s largest industrial and forklift truck manufacturers, confirmed that it had been attacked by a cybercriminal organization. After a cyberattack, the company has…

Read more →

The integration of artificial intelligence (AI) has significantly transformed the landscape of mobile phone networks. From optimizing network performance to enhancing user experiences, AI plays a pivotal role in shaping the future of telecommunications.  In this blog post, we delve…

Read more →

  Spanish police, aided by the FBI, have made a major breakthrough in combating cybercrime by arresting a 22-year-old man in Palma de Mallorca. The suspect, Tyler Buchanan from Dundee, Scotland, is believed to be a leading figure in the…

Read more →

  The European elections have ended, and the European football tournament is in full flow; why not allow bulk searches of people’s private communications, including encrypted ones? Activists around Europe are outraged by the proposed European Union legislation.  The EU…

Read more →

  Criminals are targeting thousands of organizations worldwide with social engineering attacks that use fake error messages to trick users into running malicious PowerShell scripts. This new Windows malware campaign uses bogus error messages from Google Chrome, Microsoft Word, and…

Read more →

  Organizations’ data and systems can be compromised by seemingly benign entities—third-party contractors, vendors, and outsourced service providers—when those entities are seemingly innocent. External entities that perform these tasks must have access to sensitive data and systems. However, improper management…

Read more →

The healthcare industry has become a prime target for ransomware attacks in recent years. These malicious campaigns exploit vulnerabilities in healthcare systems, disrupt critical services, and compromise sensitive patient data.  According to Steve Stone, president of Rubrik’s Zero Labs, ransomware…

Read more →

  Hackers who stole terabytes of data from Ticketmaster and other customers of the cloud storage firm Snowflake claim they gained access to some Snowflake accounts by breaching a Belarusian-founded contractor working with those customers. Approximately 165 customer accounts were…

Read more →

  Data breaches are now a significant threat to Australian businesses, posing the risk of “irreversible brand damage.” A cybersecurity expert from Fortinet, a global leader in the field, has raised alarms about cybercriminals increasingly targeting the nation’s critical infrastructure.…

Read more →

  Ticketmaster and other organisations’ Snowflake accounts were said to have been accessed by a ShinyHunters hacker via a breach of software engineering firm EPAM Systems, validating a Mandiant report attributing some of the intrusions to third-party contractor hacks, Wired…

Read more →

  Modern computing’s demand for electricity is growing at an alarming pace. By 2026, energy consumption by data centers, artificial intelligence (AI), and cryptocurrency could potentially double compared to 2022 levels, according to a report from the International Energy Agency…

Read more →

Researchers from Rapid7 recently uncovered a sophisticated malvertising campaign that exploits unsuspecting users searching for popular software downloads. This campaign specifically targets users seeking legitimate applications like Google Chrome and Microsoft Teams, leveraging fake software installers to distribute the Oyster…

Read more →

  Based on emails reviewed by POLITICO, the FBI abruptly cancelled two large Hill briefings scheduled for this week about encryption, without telling staffers who were invited. A two-day virtual briefing on “warrant-proof encryption” was scheduled for congressional staff last…

Read more →

Cybersecurity threats have evolved beyond traditional attack vectors. One such sophisticated campaign involves the exploitation of F5 BIG-IP appliances by a group known as ‘Velvet Ant.’ In this blog post, we delve into the details of this stealthy data theft…

Read more →

  Researchers from MIT and several other institutions have introduced an innovative technique that enhances the problem-solving capabilities of large language models by integrating programming and natural language. This new method, termed natural language embedded programs (NLEPs), significantly improves the…

Read more →

  The suspected China-based cyber espionage actor has been attributed with a prolonged cyber espionage attack that lasted approximately three years against an unnamed organization based in East Asia, in which the adversary allegedly established persistence using legacy F5 BIG-IP…

Read more →

  A newly identified speculative execution attack named “TIKTAG” exploits ARM’s Memory Tagging Extension (MTE) to leak data with a success rate exceeding 95%, allowing hackers to circumvent this security feature. This discovery was detailed in a paper by researchers…

Read more →

  The notorious cyber gang UNC3944, which is suspected of involvement in the recent attacks on Snowflake and MGM Entertainment, among other things, has modified its methods and is now targeting SaaS apps.  According to Google Cloud’s Mandiant threat intelligence…

Read more →

Keytronic, a prominent printed circuit board assembly (PCBA) manufacturer, recently confirmed a significant data breach. The breach occurred after the Black Basta ransomware gang leaked over 500GB of the company’s stolen data. In this blog post, we delve into the…

Read more →

With the digital age ushering in massive data flows into organizational systems daily, the real value of this data lies in its ability to generate critical insights and predictions, enhancing productivity and ROI. To harness these benefits, data must be…

Read more →

  In the ever-changing environment of education, a seismic shift is taking place, with technology emerging as a change agent and disrupting conventional approaches to learning. Technology bridges the gap between theoretical knowledge and practical application, especially in the transformative…

Read more →

  At Apple’s WWDC 2024, much attention was given to its “Apple Intelligence” features, but the company also emphasized its commitment to user privacy. To support Apple Intelligence, Apple introduced Private Cloud Compute (PCC), a cloud-based AI processing system designed…

Read more →

  In response to a tip-off about suspicious activities occurring at a Sandton home, the South African Police Service (SAPS) took action. Upon receiving this information, members of the Gauteng Organised Crime Investigation Unit operationalised the intelligence as soon as…

Read more →

  Truist Bank, one of the largest commercial banks in the United States, has confirmed a cybersecurity breach after stolen data appeared for sale on a hacking forum. The breach, which occurred in October 2023, was brought to light when…

Read more →

  Security researchers revealed that ransomware attackers have swiftly turned a simple-to-exploit PHP programming language vulnerability—which allows malicious code to be executed on web servers—into a weapon.  As of Thursday last week, Censys’ Internet scans had found 1,000 servers infected…

Read more →

  With evolving cyber threats and stringent regulatory requirements, CISOs are tasked with ensuring the confidentiality, integrity, and availability of an organization’s digital systems and data. This article examines the regulatory landscape surrounding cybersecurity and explores effective strategies for CISOs…

Read more →

  Over 20,000 individuals from the Chinese University of Hong Kong (CUHK) were impacted by a data breach at one of the institution’s schools in the city that resulted in their personal information being stolen. This is just the latest…

Read more →

  A recently developed phishing campaign has emerged, leveraging the Windows Search protocol to deliver malicious scripts to unsuspecting users. This sophisticated attack uses HTML attachments to exploit the search-ms URI, pushing harmful batch files hosted on remote servers. The…

Read more →

  In the rapidly changing digital landscape, identity verification is emerging as a critical concern. As Web3 places increasing emphasis on data ownership and trust, authenticating one’s identity is becoming a major challenge. Recently, Roundtable anchor Rob Nelson and Ralf…

Read more →

  A recent report from Mandiant, a subsidiary of Google Cloud, has uncovered a significant cyber threat involving the exploitation of the Snowflake platform. A financially motivated threat actor, identified as UNC5537, targeted around 165 organizations’ Snowflake customer instances, aiming…

Read more →

  The confidential medical information that is believed to have been held by a medical student in Jesmond was discovered among household waste last week in Jesmond. A letter sent by a patient’s doctor following an appointment, filled with sensitive…

Read more →

  Ascension, one of the largest healthcare systems in the United States, disclosed that a ransomware attack in May 2024 was initiated when an employee mistakenly downloaded a malicious file onto a company device. The healthcare provider indicated that the…

Read more →

  A team led by Matthew Jackson, the William D. Eberle Professor of Economics in the Stanford School of Humanities and Sciences, used psychology and behavioural economics tools to characterise the personality and behaviour of ChatGPT’s popular AI-driven bots in…

Read more →

A Costly Decision: The $22 Million Ransom When Change Healthcare paid $22 million in March to a ransomware gang that had devastated the company as well as hundreds of hospitals, medical practices, and pharmacies throughout the US, the cybersecurity industry…

Read more →

  A new and intricate alware campaign has been discovered by Trustwave SpiderLabs, leveraging the Windows search feature embedded in HTML code to spread malicious software. The attack begins with a phishing email containing an HTML attachment disguised as a…

Read more →

The protection of personal data is of utmost importance. A recent report has brought to public attention an alleged significant data breach involving a U.S. data broker. This incident, which purportedly affects billions of records and over 300 million people,…

Read more →

  Ascension, one of the largest health systems in the country, recently revealed that a ransomware attack on its systems was due to a worker accidentally downloading a malicious file. The health system emphasized that this was likely an honest…

Read more →

  The STR RAT is a remote access trojan (RAT) written in Java, first detected in 2020. Like other RATs, it allows threat actors full control of an infected machine. STR RAT is capable of keylogging, credential theft, and deploying…

Read more →

  You shouldn’t use any random cable that is provided to you to charge your favourite Android phone—or any other device, for that matter—at a public charging station for a few very good reasons. More importantly, there are always a…

Read more →

  Even though quantum technologies may sound like something that is decades into the future, a new report released today shows that quantum technology has already come into being – especially in the telecommunications industry – even though most people…

Read more →

  Apple’s WWDC 2023 brought exciting news for tech enthusiasts: the introduction of Apple Intelligence, a groundbreaking AI system. However, if you’re eager to try out these new features, you’ll need the latest devices. Apple Intelligence features will be exclusively…

Read more →

Cybersecurity has become a critical concern for organizations worldwide. As threats evolve and technology advances, the role of cybersecurity operations is undergoing significant transformation. Let’s delve into the key aspects of this evolution.  Today’s changing cyber threat landscape presents a…

Read more →

  The TellYouThePass ransomware gang has been exploiting the recently patched CVE-2024-4577 remote code execution vulnerability in PHP to deliver webshells and execute their ransomware payload on target systems. The attacks began on June 8, less than 48 hours after…

Read more →

  The Toronto District School Board (TDSB) has issued a warning following a ransomware attack on its software testing environment and is currently investigating whether any personal data was compromised.  TDSB is Canada’s largest school board and the fourth largest…

Read more →

  The Dutch Military Intelligence and Security Service (MIVD) has issued a warning about the far-reaching consequences of a Chinese cyber-espionage operation disclosed earlier this year. According to the MIVD, the scale of this campaign is “much larger than previously…

Read more →

  According to many experts, large language models and artificial intelligence are dramatically simplifying the process of creating quality software, and this is a perspective that is being touted a lot. It has even been predicted that this trend could…

Read more →

  In a recent speech at an AI summit in Switzerland, IMF First Deputy Managing Director Gita Gopinath cautioned that while artificial intelligence (AI) offers numerous benefits, it also poses grave risks that could exacerbate economic downturns. Gopinath emphasised that…

Read more →

  Data volumes are not only expanding, but also accelerating and diversifying. According to recent IDG research, data professionals state that data volumes are rising by 63 percent every month on average in their organisations. The majority of these organisations…

Read more →

A 67-year-old Pune woman lost Rs 1.6 crore of her life savings to cyber crooks after receiving a call claiming that her phone number was used to send vulgar texts and that Mumbai police had arrested her. She was issued…

Read more →

  Cyber offensives by China against foreign targets are of concern to the international community because its military and civilian technological institutions work together to achieve greater effectiveness thanks to the combination of civilian and military technology services. In democratic…

Read more →

  While many are aware of the risks associated with public Wi-Fi, fewer realize that home networks are also vulnerable to cyberattacks. Hackers can infiltrate home networks to access sensitive information like bank details, private conversations, and personal photos. Here…

Read more →

  Microsoft and Google have announced initiatives to offer free or discounted cybersecurity services to rural hospitals across the United States, aiming to reduce their vulnerability to cyberattacks that have disrupted patient care and threatened lives, according to a joint…

Read more →

 A team of Israeli researchers investigated the security of the Visual Studio Code (VSCode) marketplace and managed to “infect” over 100 organizations by embedding risky code into a popular theme, revealing significant vulnerabilities in the system.  VSCode, a source code…

Read more →

  A long time has gone by since Apple announced several new AI-based features at its WWDC developer conference on Monday, as well as partnering with an upstart in generative artificial intelligence called OpenAI to create generative AI. Even though…

Read more →

While we have all learned to avoid clicking on suspicious links and be wary of scammers, this week we were reminded that there are some silent threats out there that we should be aware of zero-click assaults. Recent Incidents As…

Read more →

  In today’s digital landscape, manufacturers face increasing cyber threats that can disrupt operations and compromise sensitive data. Building a culture of cyber resilience is essential to safeguard against these risks. Here are three key strategies manufacturers can implement to…

Read more →

  A backdoor in Executable and Linkable Format (ELF) files used by Chinese hackers has been misidentified as a version of existing malware for years, Trend Micro claimed in a recent analysis.  In Noodle RAT: Reviewing the New Backdoor utilised by…

Read more →

  Cyberattacks are becoming alarmingly frequent, with a new attack occurring approximately every 39 seconds. These attacks, ranging from phishing schemes to ransomware, have devastating impacts on businesses worldwide. The cost of cybercrime is projected to hit $9.5 trillion in…

Read more →

  People with knowledge of the matter claim that Apple Inc. launched a new homegrown app this week called Passwords, with the goal of making it simpler for users to log in to websites and apps.  The company introduced the…

Read more →

  A ransomware attack on a pathology services vendor earlier this week continues to disrupt patient care, including transplants, blood testing, and other services, at multiple NHS hospitals and primary care facilities in London. The vendor, Synnovis, is struggling to…

Read more →

  With global tensions on the rise, ensuring your home security system is up to par is a wise decision. Advances in science and technology have provided a variety of effective options, with even more innovations on the horizon. Smart…

Read more →

  A large portion of Apple’s developer conference on Monday was devoted to infusing artificial intelligence (AI) technology into its software. Some of the features Apple has rumoured to incorporate are not expected to work on all iPhones. If you…

Read more →

  A new wave of cyberattacks is targeting GitHub repositories, wiping their contents, and demanding ransom from victims. This alarming campaign, first identified on Wednesday by Germán Fernández, a security researcher at Chilean cybersecurity firm CronUp, is being orchestrated by…

Read more →

  In Canada, the ransomware business is booming, with some of the largest corporations having fallen victim to them, including London Drugs, the City of Hamilton, Ont., and the government of Newfoundland and Labrador. Even though criminals often boast about…

Read more →

  Microsoft is making changes to a controversial feature announced for its new range of AI-powered PCs after it was flagged as a potential “privacy nightmare.” The “Recall” feature for Copilot+ was initially introduced as a way to enhance user…

Read more →

  Club Penguin fans reportedly hacked a Disney Confluence server to collect information about their favourite game but ended up with 2.5 GB of internal corporate data instead.  From 2005 until 2018, Club Penguin was a multiplayer online game (MMO)…

Read more →

  Concerned about modern chatbots learning from your personal data? DuckDuckGo has introduced a free and “anonymous” solution for users to interact with popular chatbots without compromising their privacy. The new service, DuckDuckGo AI Chat, ensures that all interactions between…

Read more →

Arctic Wolf Labs has identified a new, sophisticated ransomware variant named “Fog,” which has been aggressively targeting organizations in the United States, particularly within the education and recreation sectors. This variant came to light following several incident response cases in…

Read more →

  Chinese threat actors are exploiting CVE-2018-20062 and CVE-2019-9082 vulnerabilities in ThinkPHP applications to install Dama, a persistent web shell. The web shell allows for further exploitation of the compromised endpoints, such as enlisting them as part of the perpetrators’…

Read more →

  A new research indicates that software supply chain attacks are becoming an increasingly effective method for cybercriminals to compromise large organizations and disrupt their IT infrastructure. A report by BlackBerry revealed that a significant majority (74%) of companies have…

Read more →

  Recently, the Moonlock Lab cybersecurity team discovered a macOS malware strain that can easily evade detection, posing a significant threat to users’ data privacy and security. The infection chain for this malware begins when a Mac user visits a…

Read more →

  This eSIM management technology will have a significant impact on the IoT, as it represents an evolution from physical SIM cards to virtual SIM cards, which will have the greatest impact on its acceptance. Mobile network operators (MNOs), who…

Read more →

The tech company Aura sent its experts to investigate the telltale indicators that cybercriminals have overcome your wi-fi. A hacker can access all of your sensitive information through your wifi in a number of methods, and it’s far easier to…

Read more →

  In a major development against cybercrime, the US Federal Bureau of Investigation (FBI) has disclosed the recovery of over 7,000 decryption keys to assist victims of the notorious LockBit ransomware gang. This revelation follows a disruptive international law enforcement…

Read more →

Recent data breaches at Ticketmaster and Santander Bank have exposed major security vulnerabilities in the use of third-party cloud storage services. These breaches highlight the urgent need for robust security measures as more organisations move their data to the cloud.…

Read more →

  A number of current and former OpenAI and Google DeepMind employees have claimed that AI businesses “possess substantial non-public data regarding the capabilities and limitations of their systems” that they cannot be expected to share voluntarily. The claim was…

Read more →

  Driving to a weekend getaway or a doctor’s appointment leaves more than just a memory; it leaves a data trail. Modern cars equipped with internet capabilities, GPS tracking, or services like OnStar, capture your driving history. This data is…

Read more →

  Tenable recently identified a notable security issue within Microsoft’s Azure Network service tags. While Tenable classified this as a high-severity vulnerability, Microsoft disagreed with this classification. Despite their differences, both companies jointly disclosed the security issue on Monday.  What…

Read more →

  This month, Nvidia has achieved a historic achievement by overtaking Apple to become the world’s second most valuable company, a feat that has only been possible because of the overwhelming demand for its advanced chips that are used to…

Read more →

  Cybersecurity experts have informed The U.S. Sun that chatbots represent a “treasure trove” ripe for exploitation by criminals. The intelligence of artificial intelligence chatbots is advancing rapidly, becoming more accessible and efficient. Because these AI systems mimic human conversation…

Read more →

The American Radio Relay League (ARRL), the primary body for amateur radio in the United States, has released new details about the May 2024 cyberattack. The ARRL cyberattack took down its Logbook of the World (LoTW), leaving many members dissatisfied…

Read more →

  Virtual Private Networks, or VPNs, have become essential tools for internet users worldwide. By encrypting web traffic and masking IP addresses, VPNs promise an extra layer of privacy and security. However, not all VPNs live up to this promise.…

Read more →