Category: CySecurity News – Latest Information Security and Hacking Incidents

Three severe SQL injection vulnerabilities have been identified in specific Amazon Redshift drivers, posing a significant risk of privilege escalation and data compromise. The vulnerabilities, labeled as CVE-2024-12744, CVE-2024-12745, and CVE-2024-12746, each hold a CVSS severity score of 8.0, emphasizing…

Read more →

  Botnet attacks exploit a command-and-control model, enabling hackers to control infected devices, often referred to as “zombie bots,” remotely. The strength of such an attack depends on the number of devices compromised by the hacker’s malware, making botnets a…

Read more →

  In today’s tech-driven world, scams have become increasingly sophisticated, fueled by advancements in artificial intelligence (AI) and deepfake technology. Falling victim to these scams can result in severe financial, social, and emotional consequences. Over the past year alone, cybercrime…

Read more →

  A new research published earlier this week by Fortinet Inc.’s FortiGuard Labs warns of two newly found malicious Python packages that indicate a major threat of credential theft, data exfiltration, and unauthorised system access. The first flaw, Zebo-0.1.0, was…

Read more →

  While phishing scams are on the rise over the holiday period, the FBI has reminded Gmail, Outlook, Apple Mail, and other services users to be more alert. More phishing schemes are becoming common as criminals use the festive season…

Read more →

  AI models are like babies: continuous growth spurts make them more fussy and needy. As the AI race heats up, frontrunners such as OpenAI, Google, and Microsoft are throwing billions at massive foundational AI models comprising hundreds of billions…

Read more →

  A Cybernews research team discovered a huge exposed data server on June 25th. The server contained 3GB of personal information and telemetry from iPhones equipped with an app known as “Home V.” According to the log samples, the data…

Read more →

  A Bengaluru software engineer recently fell victim to a complex cyber scam, losing ₹11.8 crore in just 18 days. The incident highlights the growing sophistication of cybercrimes in India, particularly in tech hubs like Bengaluru. The victim, whose identity…

Read more →

  The Clop ransomware gang has intensified its extortion tactics following a data theft attack targeting Cleo software. On its dark web portal, the group revealed that 66 companies have been given 48 hours to meet their ransom demands. According…

Read more →

  The infamous LockBit ransomware group has announced its return with the upcoming release of LockBit 4.0, set for February 2025. This marks a big moment for the group, which has had major setbacks over the last year. A global…

Read more →

  The ransomware epidemic may have been stopped by recent law enforcement operations that disrupted attack infrastructure, led to the arrest of cybercriminals, and broke up some threat groups, but this would be wrong as well. A recent study on…

Read more →

  Chainalysis, a blockchain analytics company that provides data analysis on the blockchain ecosystem, has reported that the volume of compromised crypto funds and the number of hacking incidents are set to rise in 2024. The report states that the…

Read more →

  Big Mama VPN, a free virtual private network app, is drawing scrutiny for its involvement in both legitimate and questionable online activities. The app, popular among Android users with over a million downloads, provides a free VPN service while…

Read more →

  When Microsoft launched Windows 11 in 2021, it introduced a strict hardware compatibility requirement, including the necessity for a Trusted Platform Module (TPM) that adheres to the TPM 2.0 standard. A TPM is a secure cryptoprocessor designed to manage…

Read more →

  ‘BMI CalculationVsn’ is a malicious Android spyware app that was identified on the Amazon Appstore. It poses as a simple health tool while covertly harvesting data from compromised devices.  Cybersecurity researchers from McAfee Labs discovered the app and notified…

Read more →

  < p style=”text-align: justify;”>For those who are concerned about privacy, Proton has announced an end-to-end encrypted document editor intended to be a viable alternative to Microsoft Word and Google Docs. This application, released on Wednesday by the Swiss software…

Read more →

  < p style=”text-align: justify;”>Mobile phishing attacks have continued to advance, targeting corporate executives. A report from mobile security firm Zimperium describes these attacks as highly sophisticated means of exploiting mobile devices. Thus, there is an emerging need for awareness…

Read more →

  A sophisticated phishing email campaign has emerged, targeting cryptocurrency users by impersonating Ledger, a prominent hardware wallet provider. These fraudulent emails claim that the recipient’s Ledger wallet seed phrase — also known as a recovery or mnemonic seed —…

Read more →

Artificial intelligence (AI) is rapidly transforming the world, and by 2025, its growth is set to reach new heights. While the advancements in AI promise to reshape industries and improve daily lives, they also bring a series of challenges that…

Read more →

  Juniper Networks has issued a warning about a vulnerability in its Session Smart Routers, emphasizing the risk of Mirai malware infection if factory-set passwords are not changed. Starting December 11, the company began receiving reports from customers about “suspicious…

Read more →