Category: CySecurity News – Latest Information Security and Hacking Incidents

  ST. JOHN’S – The Newfoundland Broadcasting Company Limited, owner of a popular independent TV station in Newfoundland and Labrador, has been targeted by a ransomware attack. Attack Details and Immediate Impact The cyberattack, claimed by the Play ransomware group,…

Read more →

  Threat actors are continuously evolving, yet Cyber Threat Intelligence (CTI) remains fragmented across isolated point solutions. Organizations need a holistic analysis that spans external data, inbound and outbound threats, and network activity to accurately assess their cybersecurity posture. Cato’s…

Read more →

  Eventually, artificial intelligence systems like ChatGPT will run out of the tens of trillions of words people have been writing and sharing on the web, which keeps them smarter. In a new study released on Thursday by Epoch AI,…

Read more →

  Despite global law enforcement efforts and heightened attention from the White House, ransomware incidents continue to rise unabated, according to a new report from cybersecurity firm Mandiant. Researchers at the Google-owned company identified 50 new ransomware variants in 2023,…

Read more →

  Noyb (None of Your Business), also known as the European Centre for Digital Rights, has filed two complaints against Microsoft under Article 77 of the GDPR, alleging that the tech giant breached schoolchildren’s privacy rights with its Microsoft 365…

Read more →

Jensen Huang, CEO of NVIDIA, highlighted the company’s robotics and industrial digitization advances at COMPUTEX 2024 in Taipei. Huang described how manufacturers like Foxconn use NVIDIA technology, such as Omniverse, Isaac, and Metropolis, to create advanced robotic facilities. “Robotics are…

Read more →

  An internal leak has revealed troubling privacy and security practices at Google, exposing substantial lapses over a span of six years. This revelation highlights the tech giant’s failure to prioritise user data protection, raising concerns about the company’s handling…

Read more →

The privacy policy update Meta will reportedly amend its privacy policy beginning June 26 to allow its AI to be educated on your data.  The story spread on social media after Meta sent out emails and notifications to subscribers in…

Read more →

  A newly leaked internal database has revealed thousands of previously unknown privacy incidents at Google over the past six years. This information, first reported by tech outlet 404 Media, highlights a range of privacy issues affecting a broad user…

Read more →

    The cyberattack that disrupted First American Financial’s systems in late December impacted 44,000 individuals, according to regulatory filings on Friday. In an 8K disclosure to the Securities and Exchange Commission (SEC), the title insurance company stated that its…

Read more →

  Researchers discovered a new Linux variation of the TargetCompany ransomware family that targets VMware ESXi setups and uses a custom shell script to distribute and execute payloads. The TargetCompany ransomware operation, also known as Mallox, FARGO, and Tohnichi, began…

Read more →

  In recent years, cyberattacks have surged, putting every segment of the nation’s healthcare system—from hospitals and physician practices to payment processing companies and biomedical facilities—under stress. These attacks disrupt patient care and cost the industry billions. Erik Decker, Vice…

Read more →

  In the last few months, Microsoft has been touting AI PCs. Additionally, Microsoft recently released a new feature for Windows 11 called “Recall” that is capable of taking a screenshot of everything users do and making all their actions…

Read more →

  In a security breach, Japanese cryptocurrency exchange DMM Bitcoin announced the theft of approximately 4,502.9 Bitcoin, valued at around 48.2 billion yen (approximately $304 million). The incident marks one of the largest cryptocurrency heists in recent history. The breach…

Read more →

  In a concerning development on May 31, the Polish Press Agency (PAP), a state-run media outlet, was targeted in a cyberattack that authorities have attributed to Russian-backed operatives. This incident adds to a growing list of cyber aggression linked…

Read more →

  The cybercriminal group behind the Grandoreiro banking trojan has re-emerged in a global campaign since March 2024, following a significant law enforcement takedown earlier this year. This large-scale phishing operation targets over 1,500 banks across more than 60 countries,…

Read more →

  A Meta-owned company called WhatsApp announced on Saturday that the company had banned more than 7.1 million Indian WhatsApp accounts for violating local laws in April. Approximately 1,302,000 of the 7,182,000 banned WhatsApp accounts were proactively blocked before any…

Read more →

  The reel is frequently influenced by the real. Jamtara, an OTT series, was inspired by cyber fraud activities carried out in a remote part of Jharkhand. However, the script appears to need some tuning in the future. This is…

Read more →

In 2021, a major supplier of oil and gas to the American east coast, Colonial Pipeline, was taken offline, after a reported ransomware attack. The 5,500-mile pipeline attack triggered a call for increased regulations to protect and strengthen critical infrastructure…

Read more →

  In an extraordinary global effort, authorities have successfully dismantled what is described as the world’s most sophisticated hacking group. This achievement is the result of a relentless joint operation between Thai and US security agencies. The FBI and Thailand’s…

Read more →

  The United Arab Emirates (UAE) is emerging as a beacon of innovation and technological advancement in the Middle East, and its commitment to cybersecurity is a vital element in shaping its hyper-connected future. As the UAE’s digital footprint expands,…

Read more →

  Fake web browser updates are being used to spread remote access trojans (RATs) and information stealer malware like BitRAT and Lumma Stealer (aka LummaC2).  “Fake browser updates have been responsible for numerous malware infections, including those of the well-known…

Read more →

A new wave of cyberattacks has been reported, leveraging a critical zero-day vulnerability in Palo Alto Networks’ firewall software, PAN-OS. The flaw, identified as CVE-2024-3400 and assigned a maximum CVSS score of 10.0, enables unauthenticated attackers to execute arbitrary code…

Read more →

  An increase in cybersecurity incidents among mid-market firms has been observed in recent years. For example, a survey in the UK revealed that 45% of medium-sized businesses experienced cybercrimes, with phishing attacks being the most common. Despite this, many…

Read more →

  Artificial Intelligence (AI) is set to transform the job market profoundly over the next decade. According to a comprehensive report by McKinsey, AI will result in approximately 12 million occupational transitions by 2030. This shift is anticipated to match…

Read more →

The stone age of AI Despite all the talk of generative AI disrupting the world, the technology has failed to significantly transform white-collar jobs. Workers are experimenting with chatbots for activities like email drafting, and businesses are doing numerous experiments,…

Read more →

  As stated by experts, quantum computers could break cryptography by 50% by the year 2033. Many cryptographic methods that are being used today are believed to be the result of mathematical problems which are too difficult to solve by…

Read more →

In a significant cybersecurity incident, Spain’s largest bank, Santander, has confirmed a data breach involving unauthorized access to sensitive information. The breach, detected two weeks ago, was linked to a third-party provider’s database and impacted employees and customers in Chile,…

Read more →

  The Insikt Group has identified evolving tactics used by the GRU’s BlueDelta, targeting European networks with Headlace malware and credential-harvesting web pages. BlueDelta’s operations spanned from April to December 2023, employing phishing, compromised internet services, and living off-the-land binaries…

Read more →

  The increasing frequency of ransomware attacks is a significant challenge, as seen by the recent rise in APT groups with ties to Pakistan before the Indian elections and the disruption of significant Ransomware-as-a-Service (RaaS) operations. The Seqrite report states…

Read more →

  In a significant incident, Google has confirmed the leak of 2,500 internal documents, exposing closely guarded information about its search ranking algorithm. This breach was first highlighted by SEO experts Rand Fishkin and Mike King of The Verge, who…

Read more →

    Meta, the company behind Facebook and Instagram, is set to begin using public posts from European users to train its artificial intelligence (AI) systems starting June 26. This decision has sparked discussions about privacy and GDPR compliance. Utilising…

Read more →

Bank frauds in India: A soaring trend According to an analysis of frauds recorded across banks, the number of fraud cases filed in FY24 increased by approximately 300 percent from 9,046 in FY22. However, the sum involved has decreased from…

Read more →

  This is the biggest-ever international operation against ransomware, coordinated by the justice and police agencies of the European Union. Police have taken down computer networks that spread ransomware via infected emails in what is described as the largest international…

Read more →

  California lawmakers are making significant strides in regulating artificial intelligence (AI) technologies, with a series of proposals aimed at addressing discrimination, misinformation, privacy concerns and prohibiting deepfakes in the contexts of elections and pornography, advancing in the legislature last…

Read more →

Ransomware attacks in Healthcare: A threat to patient safety A ransomware attack on a major U.S. hospital network has been endangering patients’ health. Nurses are forced to manually enter prescription information and work without electronic health records cyberattacks have become…

Read more →

  A hacker group known as 888 has claimed responsibility for a data breach targeting Shell, the British multinational oil and gas company. The breach, allegedly impacting around 80,000 individuals across multiple countries, has raised significant concerns about data security…

Read more →

  The Seattle Public Library (SPL) has faced a significant cybersecurity incident, with its online services being disrupted due to a ransomware attack. This attack, detected over the weekend, led to the library taking proactive measures by bringing its online…

Read more →

  Cryptomining malware, potentially of North Korean origin, is targeting edge devices, including a zero-day vulnerability in Palo Alto Networks’ custom operating system that the company quickly patched in April. Researchers from Akamai identified the malware, dubbed RedTail due to…

Read more →

Professional sports has a cybersecurity issue. Last year, the National Cyber Security Centre discovered that 70% of sports organisations face at least one cyberattack each year. This indicates a significant increase from general companies, of which only 32% reported dealing…

Read more →

  We are all music fans at heart, and recently the most eye-catching tour is the three-hour Taylor Swift concert. The platform that sells tickets for these in-demand tours, Ticketmaster, has taken a hit. In a substantial blow to one…

Read more →

  Two decades ago, economist Steven Levitt and New York Times reporter Stephen Dubner published “Freakonomics,” a book that applied economic principles to various social phenomena. They argued that understanding how people make decisions requires examining the incentives they respond…

Read more →

  The hackers are distributing a malware cocktail via cracked versions of Microsoft Office marketed on torrent websites. Malware distributed to customers includes remote access trojans (RATs), cryptocurrency miners, malware downloaders, proxy tools, and anti-AV programs.  The AhnLab Security Intelligence…

Read more →

  The National Institute of Standards and Technology (NIST) has announced a new program called Assessing Risks and Impacts of AI (ARIA), aimed at better understanding the capabilities and impacts of artificial intelligence. ARIA is designed to help organizations and…

Read more →

In today’s digital age, cybersecurity has become a top priority for organizations of all sizes. The ever-evolving landscape of cyber threats necessitates robust and comprehensive approaches to identifying and mitigating vulnerabilities. Two effective methods in this domain are automated vulnerability…

Read more →

Moonstone Sleet: A New North Korean Threat Actor Microsoft discovered a new North Korean threat actor, Moonstone Sleet (formerly Storm-1789), who targets companies with a combination of tried-and-true techniques used by other North Korean threat actors as well as unique…

Read more →

  It has been reported that First American Financial Corporation, one of the largest title insurance companies in the United States, was compromised in December when the company’s computer systems were taken down due to a cyberattack that compromised the…

Read more →

  In a significant victory against cybercrime, an international law enforcement team has successfully dismantled the massive “911 S5” botnet, which has been operational for almost a decade. This extensive network, believed to be the largest of its kind globally,…

Read more →

  In 2023, the Securities and Exchange Commission (SEC) significantly tightened its cybersecurity regulations for publicly traded companies. This move, aimed at enhancing investor protection and ensuring market transparency, responds to the increasing prevalence of cyber threats and their potential…

Read more →

An official release states that the government has blacklisted ‘principal entities’ behind SMS headers that have been sent over 10,000 fraudulent messages over the past three months as part of a crackdown on SMS scammers. As part of the Sanchar…

Read more →

  A Go Public investigation discovered that Meta has allowed a scam campaign to flourish on Facebook, as fraudsters lock users out of their accounts and mimic them.  According to the CBC, Lesa Lowery is one of the many victims.…

Read more →

  Cybersecurity researchers are raising alarms about phishing campaigns that exploit Cloudflare Workers to serve phishing sites designed to harvest user credentials associated with Microsoft, Gmail, Yahoo!, and cPanel Webmail. This attack method, known as transparent phishing or adversary-in-the-middle (AitM)…

Read more →

In a recent six-month investigation, cybersecurity firm Bitdefender discovered a disturbing trend: fraudsters are using Discord, a popular communication platform, to distribute malware and carry out phishing attacks. The Rise of Malicious Links The research, in which Bitdefender shows over 50,000…

Read more →

  LivaNova employees have been impacted by a ransomware attack, with the LockBit group claiming responsibility. The UK-based medical device manufacturer, LivaNova, has notified current and former employees about a “cybersecurity incident” that compromised their personal data. The stolen information…

Read more →

  Hackers are exploiting code from a Python clone of Microsoft’s classic Minesweeper game to conceal malicious scripts in attacks targeting financial institutions in Europe and the US. Ukraine’s CSIRT-NBU and CERT-UA have identified the threat actor ‘UAC-0188’ as responsible…

Read more →

  Artificial Intelligence (AI) is increasingly shaping the future of education in the South East, moving beyond its initial role as a tool for students to assist with essay writing. Schools are now integrating AI into their administrative and teaching…

Read more →

  Even though people rely on smartphones and iPhones to communicate, entertain, and be productive, many users fail to turn off their iPhones regularly. Despite this, they still use them for communication, entertainment, and productivity. As simple as this is…

Read more →

  Cisco addressed a flaw in the web-based management interface of the Firepower Management Centre (FMC) Software, identified as CVE-2024-20360 (CVSS score 8.8).  The vulnerability is a SQL injection bug; an intruder can use it to acquire any data from…

Read more →

The Internet Archive is allegedly subject to continuing DDoS (distributed denial-of-service) attacks. The attacks began over the Memorial Day holiday weekend, according to the California-based charity, and some users reported being unable to access the digital archive site for several hours on Monday.…

Read more →

  A recent report from Check Point Research (CPR) has unveiled the activities of an Iranian hacker group known as Void Manticore, which has been linked to a series of destructive cyber attacks on Israel and Albania. Affiliated with Iran’s…

Read more →

  Geoffrey Hinton, often referred to as the “godfather of artificial intelligence,” has expressed grave concerns about the rapid advancements in AI technology, emphasising potential human-extinction level threats and significant job displacement. In an interview with BBC Newsnight, Hinton warned…

Read more →

  Data breaches within the Ministry of Defence (MoD) have surged nearly fivefold over the past five years, raising concerns about the UK’s resilience against cyber threats from nations like Russia and China. MoD figures reveal 550 data incidents last…

Read more →

  Employers should be aware of the potential data protection issues before experimenting with generative AI tools like ChatGPT. You can’t just feed human resources data into a generative AI tool because of the rise in privacy and data protection…

Read more →

  In recent times, fraudsters have increasingly used international spoofed calls displaying Indian mobile numbers to commit cybercrime and financial fraud. These calls, which appear to originate within India, are actually made by criminals abroad who manipulate the calling line…

Read more →

Hackers have broken into a popular brand of recording software used in courtrooms, jails, and prisons, allowing them to obtain complete control of the system via a backdoor implanted in an update to the application. Software and its purpose Justice…

Read more →

  If China invades Taiwan, chip machine maker ASML is rumoured to have the ability to disable its equipment remotely in TSMC’s fabrication facilities. In ASML’s EUV lithography systems, the most extensive client is TSMC, which uses extreme ultraviolet (EUV)…

Read more →

Hackers continue to find ingenious ways to infiltrate organizations and compromise sensitive data. Recently, a peculiar attack vector emerged—one that leverages an unsuspecting source: a Python clone of the classic Minesweeper game.  In this blog post, we delve into the…

Read more →

  With every major version of Windows, there are several editions to choose from. Windows 11 has many versions in addition to Home, Pro, Enterprise, and Windows 11 SE, which are specially designed for students. Although Windows 11 contains a…

Read more →

Check Point Research has been monitoring Sharp Dragon, a Chinese cyber threat group, since 2021. This group, previously known as Sharp Panda, has primarily targeted organisations in Southeast Asia with phishing campaigns. Recently, however, they have expanded their activities to…

Read more →

  A Morocco-based cybercrime group, Storm-0539, is making headlines for its sophisticated email and SMS phishing attacks aimed at stealing and reselling gift cards. Microsoft’s latest Cyber Signals report reveals that this group is responsible for significant financial theft, with…

Read more →

  Estonia has accused neighbouring Russia of jamming GPS navigation equipment in airspace over the Baltic republics, echoing airline worries that they have been dealing with such interference for months. Estonian Foreign Minister Margus Tsahkna’s accusation, for which he gave…

Read more →

  A recent cyberattack on healthcare services has been disclosed by US drug distributor Cencora, revealing a significant breach compromising highly sensitive medical data. According to Reuters, the company notified affected individuals, stating that personal and highly sensitive medical information…

Read more →

  Aside from Find My, maps, routes, and emergency SOS, Apple’s location services are quite handy, and they have many useful features. A research team at the University of Maryland has uncovered a critical vulnerability in Apple’s location services, which…

Read more →

  Recently, a significant data breach compromised the personal information of thousands of law enforcement officials and police officer applicants in India. Discovered by security researcher Jeremiah Fowler, the breach exposed sensitive details such as fingerprints, facial scans, signatures, and…

Read more →

  The new ransomware strain, ShrinkLocker, is creating significant concerns by using Windows BitLocker to encrypt corporate systems through the creation of new boot partitions. ShrinkLocker, named for its method of creating a boot volume by shrinking available non-boot partitions,…

Read more →

  In an era where digital transformation is swiftly reshaping the business world, the most recent research from CyberArk, an identity security company, highlights a growing concern: identity-related breaches.  The 2024 Identity Security Threat Landscape Report highlights a concerning trend…

Read more →

  A recent report reveals that more than a third of healthcare organisations are unprepared for cyberattacks, despite an apparent rise in such incidents. Over the past three years, over 30% of these organisations have faced cyberattacks. The HHS Office…

Read more →

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the web-based management interface does not adequately…

Read more →

Criminals are using a new “Digital House Arrest” method to target individuals. Scammers contact victims and compel them to stay home by pretending to be law enforcement officials such as police officers, Central Bureau of Investigation (CBI) agents, or customs…

Read more →

  Google has announced an urgent security update for its Chrome browser to fix a newly discovered vulnerability that is actively being exploited. This recent flaw, identified as CVE-2024-5274, is the eighth zero-day vulnerability that Google has patched in Chrome…

Read more →

  The Caller ID company Truecaller will now allow users to create an AI version of their voice to answer calls. Truecaller, known for identifying and blocking spam calls, is introducing a new feature for users with access to its…

Read more →

  With the ongoing barrage of new attacks and emerging dangers, one might argue that every day is an exciting day in the security operations centre (SOC). However, today’s SOC teams are experiencing one of the most compelling and transformative…

Read more →

  Over the last few years, the landscape of cyber threats has significantly evolved. The once-common traditional phishing emails, marked by obvious language errors, clear malicious intent, and unbelievable narratives, have seen a decline. Modern email security systems can easily…

Read more →

  An armed cybercriminal group working out of Morocco has been targeting major retailers for creating fake gift cards, infiltrating their systems to steal millions of dollars by using them as a source of revenue, according to a new report…

Read more →

  The Police Service of Northern Ireland (PSNI) is set to receive a £750,000 fine from the UK Information Commissioner’s Office (ICO) due to a severe data breach that compromised the personal information of over 9,000 officers and staff. This…

Read more →

  A team from the Gurugram Police cyber unit detained a Deputy Manager of a private bank for allegedly providing bank accounts for cyber fraud in order to attain his goals, police said.  According to Priyanshu Diwan, Assistant Commissioner of…

Read more →

  There is a growing concern among soldiers in the armed forces that their information has been hacked, which may have led to a cyber attack on the Ministry of Defence. According to a law firm, these soldiers fear losing…

Read more →

  Microsoft’s introduction of the AI-driven Windows 11 Recall feature has raised significant privacy concerns, with many fearing it could create new vulnerabilities for data theft. Unveiled during a Monday AI event, the Recall feature is intended to help users…

Read more →

  A newly identified cyber threat group, known as “Unfading Sea Haze,” has been secretly infiltrating military and government networks in the South China Sea region since 2018, according to a recent report by Bitdefender researchers. The group’s activities align…

Read more →

Introduction: Phishing attacks have become one of the most prevalent cybersecurity  threats, targeting individuals and organizations to steal sensitive information such as login credentials, financial data, and personal information. To combat this growing threat, a comprehensive approach involving the deployment…

Read more →

APT41: A well-known Chinese cyberespionage group with a history of targeting various sectors globally. They are known for their sophisticated techniques and possible state backing. KeyPlug: A modular backdoor malware allegedly used by APT41. It is written in C++ and…

Read more →

  It was recently found that 93% of cybersecurity leaders have deployed generative artificial intelligence in their organizations, yet 34% of those implementing the technology have not taken steps to minimize security risks, according to a recent survey conducted by…

Read more →

  Wondering what to do in the aftermath of a fraud can be extremely difficult. The Better Business Bureau’s (BBB) new fraud Survival Toolkit helps fraud survivors navigate the recovery process. Fraudsters target people from many walks of life. BBB…

Read more →

  YouTube has become a new battleground for cybercriminals to launch phishing attacks, spread malware, and promote fraudulent investment schemes, according to a recent report by Avast, a leading security vendor. Avast’s researchers highlighted the use of tools like Lumma…

Read more →

  A recent report from the Environmental Protection Agency (EPA) revealed that over 70% of surveyed water systems have failed to meet key cybersecurity standards, making them vulnerable to cyberattacks that could disrupt wastewater and water sanitation services across the…

Read more →

In a recent turn of events, the LockBit ransomware gang has claimed responsibility for the cyberattack on Canadian pharmacy chain London Drugs, which occurred in April. The cybercriminals are now threatening to release sensitive data online after reportedly unsuccessful negotiations…

Read more →

Recently found malware uses advanced techniques to defeat antivirus safeguards, delete signs of infection, and permanently infect devices with cryptocurrency-mining software, experts said.  “The first goal of the GhostEngine malware is to disable endpoint security solutions and specific Windows event…

Read more →

  21st century parenting is firmly grounded in technology. From iPads keeping kids entertained on flights, to apps that allow parents to track their children’s feeds, development, and more, technology has changed what it means to be a parent. But…

Read more →

An overview Geopolitical Tensions: Regional stability issues, such as political conflicts and economic tensions, have a direct impact on cyber threats. As geopolitical events unfold, threat actors adapt their strategies to exploit vulnerabilities. Attack Trends: While no groundbreaking attack methods…

Read more →

  Breach Forums, the infamous cybercrime and hacker forum, is all set to return to the dark web under a new Onion label, Hackread reported. While the exact timing for the resuscitation of its clearnet domain is unknown, officials are…

Read more →