Category: CySecurity News – Latest Information Security and Hacking Incidents

  Using stolen Web session cookies, Evasive Panda, a China-sponsored hacking team, has unveiled CloudScout, a sleek and professional toolset created to recover data from compromised cloud services. ESET researchers have discovered CloudScout through an investigation into a couple of…

Read more →

  India, with rapid digital growth and reliance on technology, is in the hit list of cybercriminals. As one of the world’s biggest economies, the country poses a distinct digital threat that cyber-crooks might exploit due to security holes in…

Read more →

  Australians have been cautioned about a recent wave of scam websites falsely advertising significant Centrelink payments. These sites promise financial boosts, sometimes hundreds or thousands of dollars, to low-income residents and seniors, exploiting people facing financial challenges. Fraudsters create…

Read more →

  Free unofficial fixes are now available for a new zero-day flaw in Windows Themes that allows hackers to remotely harvest a target’s NTLM credentials. NTLM has been extensively exploited in NTLM relay attacks, in which threat actors force susceptible…

Read more →

  Over the years, zero trust has become a popular model adopted by organisations due to a growing need to ensure confidential information is kept safe, an aspect that organisations view as paramount in cybersecurity. Zero-trust is a vital security…

Read more →

  Losing access to your Gmail account can be a frightening experience, especially given that Gmail is deeply integrated into the online lives of more than 2.5 billion users globally. Unfortunately, the popularity of Gmail has also attracted scammers who…

Read more →

  With the risk of data misuse and breaches increasing daily, individuals will be driven to seek reliable methods for securing their online privacy in 2024 to manage these risks. A growing number of privacy solutions are available online now,…

Read more →

  Security experts have warned of an upsurge in phishing pages built with Webflow, a website builder tool, as attackers continue to use legitimate services such as Microsoft Sway and Cloudflare.  The malicious campaign targets login credentials for multiple corporate…

Read more →

  The leading advanced persistent threat group in Russia has been phishing thousands of targets in businesses, government agencies, and military institutions.  APT29 (also known as Midnight Blizzard, Nobelium, and Cozy Bear) is one of the world’s most prominent threat…

Read more →

  The Prometei botnet, active since at least 2016, continues to pose a persistent threat worldwide by exploiting unpatched software vulnerabilities. First identified in 2020, Prometei has since infected over 10,000 systems across diverse regions, including Brazil, Indonesia, Turkey, and…

Read more →

  Beginning November 1, 2024, Indian telecom providers Airtel, Jio, and Vi will follow a new set of SMS traceability and monitoring guidelines mandated by the Telecom Regulatory Authority of India (TRAI). Aimed at combating cybercrime, these measures seek to…

Read more →

  Phishing emails have undergone significant changes over the past few decades. Once simple and easy to detect, these scams have now evolved into a sophisticated cyber threat, targeting even the most tech-savvy individuals and organizations. Understanding the development of…

Read more →

  A much more potent version of the Qilin ransomware has been found, according to cybersecurity experts, showing a new and revamped kind that is ready to attack core systems using advanced encryption along with improved stealth techniques. A Rebranding…

Read more →

  Researchers at ESET claim that Embargo ransomware is using custom Rust-based tools to overcome cybersecurity defences built by vendors such as Microsoft and IBM. An instance of this new toolkit was observed during a ransomware incident targeting US companies…

Read more →

  UnitedHealth has acknowledged for the first time that over 100 million people’s personal details and healthcare data were stolen during the Change Healthcare ransomware assault, making it the largest healthcare data breach in recent years.  During a congressional hearing…

Read more →

  The energy industry is experiencing a sharp increase in supply chain risks, largely driven by its growing reliance on external vendors. According to a recent report, two-thirds of security breaches in this sector now originate from software and IT…

Read more →

  Several hundred million people’s personal information was compromised in a hack of UnitedHealth’s (UNH.N) tech unit Change in February, according to data published by the U.S. health department on its website. That makes it the largest healthcare data breach…

Read more →

  A Microsoft investigation published earlier this week revealed that ransomware attacks on the healthcare sector are rising and threatening lives.  The report, which uses both internal corporate data and external data, shows a 300% spike in ransomware attacks on…

Read more →

  There has been unprecedented exploitation by attackers of vulnerabilities in the software, Mandiant announced. According to the newly released report of the Mandiant cybersecurity firm, after an analysis of 138 exploits published in 2023, on average, in five days…

Read more →

  In a significant data breach, Cybernews researchers discovered a 500GB unprotected database from a Mexican health care company on August 26, 2024, exposing sensitive details of approximately 5.3 million people. Information in the leak included names, CURP identification numbers,…

Read more →