Category: CySecurity News – Latest Information Security and Hacking Incidents

  < p style=”text-align: justify;”>According to VulnCheck, a critical vulnerability identified as CVE-2024-12856 has been discovered in Four-Faith industrial routers, specifically affecting the F3x24 and F3x36 models, as well as users’ machines. Evidence suggests active exploitation of this vulnerability in…

Read more →

< p style=”text-align: justify;”>Cybersecurity researchers are raising alarms over the misuse of large language models (LLMs) by cybercriminals to create new variants of malicious JavaScript at scale. A report from Palo Alto Networks Unit 42 highlights how LLMs, while not…

Read more →

  A novel two-step phishing strategy is targeting Microsoft Visio files (.vsdx) and SharePoint, signaling a new trend in cyber deception, according to experts. Researchers at Perception Point have noted a significant rise in attacks leveraging these previously uncommon .vsdx…

Read more →

  Cybercriminals on the dark web have developed new ways to exploit identity verification systems. Rather than hacking or stealing personal information, they are purchasing it directly from individuals, as revealed by security researchers at iProov. This approach allows them…

Read more →

  South Korea has announced sanctions against 15 North Korean nationals and the Chosun Geumjeong Economic Information Technology Exchange Corporation for orchestrating schemes that finance North Korea’s nuclear weapons and missile programs. These measures target a global network involved in…

Read more →

  The North Korean hackers behind the ongoing Contagious Interview campaign have been observed launching a new JavaScript malware named OtterCookie.  The campaign includes social engineering techniques, with the hacker team frequently posing as recruiters to trick job seekers into…

Read more →

  A malware attack on the European Space Agency’s official web shop revealed that the application was hacked by loading a JavaScript script that generated a fake Stripe payment page at checkout. With an annual budget of more than 10…

Read more →

  Zelle has become a popular choice for online money transfers due to its simplicity, zero fees, and support from over 1,700 banks. However, since its launch in June 2017, the peer-to-peer payment service has been plagued by fraud. On…

Read more →

  The Q3 2024 Threat Report from Gen unveils a concerning rise in the sophistication of cyber threats, shedding light on how artificial intelligence (AI) is both a tool for attackers and defenders.  As cybercriminals evolve their tactics, the line…

Read more →

  A distributed denial-of-service (DDoS) attack targets a VoIP server by overwhelming it with phony user requests. This excessive traffic can exceed the network’s capacity, causing service disruptions and making genuine user requests unprocessable. Online criminals exploit these attacks to…

Read more →

  In October 2024, Interlock claimed to have attacked several organizations, including Wayne County, Michigan, which is known for its cyberattacks. Ransomware is characterized by the fact that the encrypted data is encrypted by an encryptor specifically designed for the…

Read more →

  A huge data security breach has come to light, with the data platform Builder.ai. It’s a service that lets organizations build their own proprietary, custom software applications, which don’t need heavy programming. According to a blog post by a…

Read more →

  A joint alert from the FBI, the Department of Defense (D.O.D.) Cyber Crime Center and the National Police Agency of Japan reveal that a North Korean threat group carried out a significant cryptocurrency theft from Japan’s crypto firm DMM…

Read more →

  The Cybersecurity and Infrastructure Security Agency (CISA) issued updated recommendations in December 2024 aimed at enhancing mobile phone cybersecurity. Following a significant hack involving major U.S. telecom companies like AT&T, Verizon, and Lumen Technologies, these guidelines focus on adopting…

Read more →

  As technology advances at an unprecedented rate, the recent unveiling of Willow, Google’s quantum computing device, ushers in a new age for startups. Willow’s unprecedented computing capabilities—105 qubits, roughly double those of its predecessor, Sycamore—allow it to accomplish jobs…

Read more →

  The ethos of the tech industry for a long time has always been that there is no shortage of data, and that is a good thing. Recent patents from IBM and Intel demonstrate that the concept of data minimization…

Read more →

Healthcare industry giant Ascension has broken the silence and revealed more sensitive information concerning the recent hack in June. Through a worker opening a suspicious file without even knowing the malware was actually very harmful to download, it gave room…

Read more →

  Approximately 75% of ransomware attacks on the healthcare sector over the past year occurred during weekends or holidays, highlighting the urgency for organizations to strengthen their staffing and security measures during these high-risk periods. Jeff Wichman, director of incident…

Read more →

  In the age of rapidly evolving artificial intelligence (AI), a new breed of frauds has emerged, posing enormous risks to companies and their clients. AI-powered impersonations, capable of generating highly realistic voice and visual content, have become a major…

Read more →

  < p style=”text-align: justify;”> In today’s complex digital landscape, the role of human expertise in cybersecurity remains indispensable. Two pivotal approaches — human-led security testing and human-centric cybersecurity (HCC) — have gained prominence, each contributing distinct strengths. However, these…

Read more →