Tag: CySecurity News – Latest Information Security and Hacking Incidents

  Russian-speaking customers have been targeted in a new campaign aimed at distributing a commodity trojan known as DCRat (aka DarkCrystal RAT) using HTML smuggling.  This is the first time the malware has been propagated via this technique, which differs…

Read more →

  On Friday, Meta was fined €91 million ($101.5 million) by the European Union’s primary privacy regulator for accidentally storing some user passwords without proper encryption or protection. The investigation began five years ago when Meta informed Ireland’s Data Protection…

Read more →

Ransomware gangs are now employing a terrifying tactic—using stolen data to coerce and threaten CEOs.  Understanding Ransomware Attacks Ransomware is a type of malicious software that encrypts the victim’s data, rendering it inaccessible until a ransom is paid. Over the…

Read more →

  In a recent security advisory, Microsoft advised that the ransomware threat actor Storm-0501 has recently switched tactics, targeting hybrid cloud environments now to compromise the entire system of victimization. It is becoming increasingly apparent that cybercriminals are finding out…

Read more →

  The global phenomenon of cybercrime is emerging. And the soft targets in this regard are the small and medium-sized business enterprises. Day after day, while a few cyberattacks on big corporations capture the headlines in the news, many SMBs…

Read more →

  Payment fraud continues to be a significant and evolving threat to businesses, undermining their profitability and long-term sustainability. The FBI reports that between 2013 and 2022, companies lost around $50 billion to business email compromise, showing how prevalent this…

Read more →

  A recent cyber vulnerability in ChatGPT’s long-term memory feature was exposed, showing how hackers could use this AI tool to steal user data. Security researcher Johann Rehberger demonstrated this issue through a concept he named “SpAIware,” which exploited a…

Read more →

  Meta has released new versions of its renowned open source AI model Llama, including small and medium-sized models capable of running workloads on edge and mobile devices.  Llama 3.2 models were showcased at the company’s annual Meta Connect event.…

Read more →

Your IP address may look like a long number row, but to a hacker, it can be an instrument of evil activity. While your exposure to an IP doesn’t pose an immediate danger per se, it is thus important to…

Read more →

  Recent reports published by Deloitte and Deloitte Consulting, highlighting the significance of data privacy as it pertains to Generative Artificial Intelligence (GenAI), have been widely cited. As the survey found, there has been a significant increase in professionals’ concerns…

Read more →

  OpenAI has admitted that developing ChatGPT would not have been feasible without the use of copyrighted content to train its algorithms. It is widely known that artificial intelligence (AI) systems heavily rely on social media content for their development.…

Read more →

  The cyberthreats that are still unknown to us are the most severe. The majority of cyberdefenses rely on having prior knowledge of the attack’s nature. We just don’t know what zero days are, which is why they are so…

Read more →

  Educators and other school professionals are playing an increasingly crucial role in providing a safe environment in which students can learn in an era where children are being targeted by increasing physical and online attacks, according to US Homeland…

Read more →

  Last week, Delaware’s public libraries faced a cyberattack, causing widespread disruption to computer and internet access. Signs posted at libraries informed visitors that Wi-Fi and PCs were out of service, with officials confirming a ransomware attack took down all…

Read more →

  The top cybersecurity agency in the United States has released a new advisory, stating that nation-states and cybercriminals remain a threat to government-run water systems.  The Cybersecurity and Infrastructure Security Agency (CISA) issued the notification two days after Arkansas City,…

Read more →

  Social media has transformed into a breeding ground for cybercriminal activities, posing a significant threat to businesses of all sizes. According to recent reports, more than half of all companies suffer over 30% revenue loss annually due to fraudulent…

Read more →

The organization behind the privacy-centric Firefox browser, has come under fire for allegedly tracking users without their consent. This controversy centers around a feature called Privacy Preserving Attribution (PPA), which has sparked a heated debate about privacy, consent, and the…

Read more →

  In recent years, WhatsApp has become one of the most popular messaging apps in the world. End-to-end encryption is the process by which the service uses robust security for the protection of its users’ communications. The fact that messages…

Read more →

The tech industry is embracing Generative AI, but the conversation around data privacy has become increasingly important. The recent “State of Ethics and Trust in Technology” report by Deloitte highlights the pressing ethical considerations that accompany the rapid adoption of…

Read more →

  In its efforts to better its cloud security, Microsoft has done much to remove any potential vulnerabilities and tightened the process of authenticating individuals. This comes after the tech giant saw several security breaches within the past year. Under…

Read more →

Car dealership company Auto Canada warned that employee data might have been leaked in a ransomware attack claimed by the Hunters International ransomware group. In August 2024, the company suffered a company was hit by a cyber-attack. While Auto Canada…

Read more →

  Researchers found malicious code that they suspect was developed with the aid of generative artificial intelligence services to deploy the AsyncRAT malware in an email campaign that was directed towards French users.  While threat actors have employed generative AI…

Read more →

  Fortinet experienced a significant cybersecurity breach involving a third-party cloud drive, where 440 GB of data was leaked by a hacker named “Fortibitch” after the company refused to pay the ransom. The breach affected about 0.3% of Fortinet’s customers,…

Read more →

  A cyberattack that began on September 20 impacted MoneyGram International Inc.’s services significantly, likely due to a ransomware attack, causing significant disruptions to its services. There were reports of outages affecting company networks, and by September 23, the company…

Read more →

  An affiliate of the Mallox ransomware group, also known as TargetCompany, has been observed using a modified version of Kryptina ransomware to target Linux systems, according to SentinelLabs. This development is distinct from other Linux-targeting Mallox variants, such as…

Read more →

  Late last week, cybersecurity firm Kaspersky began deleting its anti-malware software from PCs in the United States. As a replacement, the company downloaded antivirus software from UltraAV.  If you use Kaspersky antivirus software, you may be aware that the…

Read more →

The Domain Name System (DNS) serves as a critical element of the internet’s infrastructure, acting like a phone book that translates human-friendly domain names into the numerical IP addresses that computers use to communicate. Without DNS, accessing websites would be…

Read more →

  Doxing is the online slang for “dropping documents,” which means revealing private information about a person or his identity to the public without his permission. It may be as simple as a person’s name, e-mail, or phone number, but…

Read more →

  In a recent court filing, attorneys on behalf of victims of a devastating ransomware attack in February 2023 have been awarded a settlement of $65 million after hackers uploaded nude photos of cancer patients on the internet. This settlement…

Read more →

A new variant of Necro malware loader was found on 11 million Android devices through Google Play in infected SDK supply chain attacks. The re-appearance of Necro malware is a sign of persistent flaws in popular app stores like Google. …

Read more →

  The recent series of explosions in Lebanon, allegedly linked to Israel, highlights the dangers of state-driven violence and the repurposing of civilian technology for malicious purposes.  With over 32 fatalities and more than 3,100 injuries, the blasts were caused…

Read more →

  Customer data, including sensitive medical records from India’s largest health insurer, Star Health, was discovered accessible through chatbots on Telegram. This revelation comes shortly after the app, founded by Pavel Durov, was scrutinized for allegedly enabling criminal activities. Security…

Read more →

  The cybercrime world is ever-changing, and hackers are preparing for a future quantum computer that might make current encryption techniques useless. This is called “harvest now, decrypt later,” a rising phenomenon since cybercriminals steal encrypted data with hope for…

Read more →

  As we approach the weekend, a new warning has been issued that a “global attack” is now targeting Windows users in multiple nations worldwide. The campaign is surprisingly basic, but it highlights the risk for the hundreds of millions…

Read more →

  The cybercriminal group “Marko Polo” is behind a major malware operation, running 30 infostealer campaigns targeting a wide array of victims. Using techniques such as spear-phishing, malvertising, and brand impersonation, the group spreads over 50 malware payloads, including AMOS,…

Read more →

  An anonymous threat actor named IntelBroker claimed to be responsible for the leak of internal messaging from Deloitte, one of the world’s leading auditing firms. According to reports, the breach occurred in September 2024 when an Apache Solr server…

Read more →

According to a new report published by the Federal Trade Commission (FTC), it was found that Facebook – that has since become Meta, YouTube, WhatsApp, and others – have been highly involved in mass surveillance practices while banking in billions…

Read more →

  The moment a password is discovered, a virtual private network (VPN) becomes public quickly. In a report published last week, password management provider Specops Software revealed 2,151,523 VPN credentials exposed by malware over the past year. One professional at…

Read more →

  When it comes to cyber threats, judging the threat by its name can be an imaginary endeavour. As the term “malvertising”, a portmanteau of the term “malicious advertising”, is always presented with the implication that it overlaps with ads,…

Read more →

FBI Joint Operation  The FBI has cracked down on a vast botnet operation linked to a Chinese hacking group, the attackers targeted government agencies, universities, and other entities in the US.  The Five Eyes intelligence alliance issued a joint report…

Read more →

  The Port of Seattle is confronting a severe cybersecurity crisis as the Rhysida ransomware group demands a ransom of 100 bitcoins (approximately $5.9 million). Rhysida, which has gained notoriety for targeting organizations worldwide, released screenshots of stolen documents, claiming…

Read more →

  Ransomware incidents are increasing, with a recent attack targeting American healthcare institutions by a well-known cybercrime group. Vice Society, also known as Vanilla Tempest by Microsoft, has been active since July 2022. This Russian-speaking group has utilized various ransomware…

Read more →

  AI is viewed by 48% of security experts as a major security threat to their organisation, according to a new HackerOne security research platform survey of 500 security professionals.  Their main worries about AI include the following:  Leaked training…

Read more →

  Data is more precious in today’s digital world than ever. Companies are trying to collect as much as possible to sell it to third-party data brokers. Cybercrime is growing steadily and targeting unsuspecting victims. Addressing both issues is one…

Read more →

  Small trade businesses are on high alert following a significant data breach at Total Tools, a major Australian hardware retailer, which exposed sensitive information of over 38,000 customers. This breach compromised customer names, credit card details, email addresses, passwords,…

Read more →

In May, Ascension, a healthcare provider with a network of 140 hospitals across the U.S., suffered a major cyber-attack that disrupted its clinical operations for almost a month. Experts traced the problem to a malicious ransomware that had exploited an…

Read more →

  In a time of increasing popularity for artificial intelligence (AI), the United Nations has warned that market forces should not be the sole determining factor as the technology becomes more widely used. United Nations experts called for creating tools…

Read more →

Tor Project, A Privacy Tool Tor is a privacy software used for keeping your identity secret by rerouting your web traffic through several nodes (computers) worldwide, which makes it difficult to track where the user traffic is coming from. In…

Read more →

  A critical vulnerability in Google Cloud’s Document AI service could have allowed cybercriminals to steal sensitive information from users’ cloud storage accounts and even inject malware, cybersecurity experts have warned.  The flaw was first discovered by researchers at Vectra…

Read more →

  In a major breakthrough, Ireland’s police service, An Garda Síochána, collaborated with Europol and law enforcement from eight other countries to dismantle a sophisticated criminal platform known as ‘Ghost.’ This encrypted platform was widely used for large-scale drug trafficking,…

Read more →

Tor Project, A Privacy Tool Tor is a privacy software used for keeping your identity secret by rerouting your web traffic through several nodes (computers) worldwide, which makes it difficult to track where the user traffic is coming from. In…

Read more →

  According to a new Venafi survey, developers in almost all (83%) organisations utilise AI to generate code, raising concerns among security leaders that it might lead to a major security incident.  In a report published earlier this month, the…

Read more →

  Raptor Train, the name of the botnet that has been used by hackers for decades, has infected hundreds of thousands of small offices/home offices (SOHOs) and IoT devices in the United States and Taiwan, including government agencies, higher education…

Read more →

Cyber security professionals are warning about a new cyber-attack vector: Lumma Stealer malware that uses fake CAPTCHA tests to spread malware on Windows devices. Users are advised to maintain caution when filling out a CAPTCHA challenge.  “We have identified more…

Read more →

A widespread Cloudflare outage is affecting access to websites globally, including BleepingComputer. While some regions can still access these sites, others are experiencing disruptions. Cloudflare has mentioned ongoing scheduled maintenance in Singapore and Nashville, but their status page shows no…

Read more →

  Strong security for emails is one of the top concerns of CNI dealing companies. According to a recent OPSWAT report, 80% of CNI companies reported an email-related security breach in the past year. Malicious emails are being exploited to…

Read more →

  Ransomware gangs like BianLian and Rhysida are increasingly using Microsoft’s Azure Storage Explorer and AzCopy to steal data from compromised networks and store it in Azure Blob Storage. Storage Explorer is a graphical management tool for Microsoft Azure, whereas…

Read more →

  The PKfail vulnerability in Secure Boot has grown into a far-reaching security threat, affecting thousands of devices across multiple sectors. Originally believed to be a limited issue, it arises from manufacturers releasing hardware with known compromised software, allowing unauthorized…

Read more →

In a recent ransomware attack that hit Kawasaki Motors Europe (KME), the company has confirmed that it suffered the breach causing major service disruptions as threat actors threatened to leak the data.  “At the start of September, Kawasaki Motors Europe…

Read more →

A new cyber threat has caught the attention of experts, Lumen’s Black Lotus Labs found a new botnet called Raptor Train, made of IOT and small office/home office (SOHO) devices. Experts believe that Raptor Train has links to China-based APT…

Read more →

  An analysis by Trend Micro indicates that the cyber espionage group Earth Baxia has been attempting to target government agencies in Taiwan, as well as potentially other countries in the Asia-Pacific (APAC) region, through spear-phishing campaigns and exploitation of…

Read more →

  The ransomware attack has significantly disrupted the port’s operations, highlighting the challenges that critical infrastructure providers face in the immediate aftermath of a cybersecurity breach. While recovery efforts are ongoing, the impact continues for some areas. Most affected systems…

Read more →

Dr. Eric Liederman, CEO of CyberSolutionsMD, emphasizes that healthcare organizations must be prepared for ransomware attacks with a structured approach, describing it as akin to a “12-step program.” He highlights that relying solely on protective measures is insufficient since all…

Read more →

  With its much-awaited iOS 18, Apple is now launching an app called Passwords, created to help improve one of the oldest but least-tampered-with needs when it comes to digital security: password management. Now, the ‘Passwords’ app is downloadable on…

Read more →

  Unidentified hackers have targeted construction firms using Foundation accounting software, security experts revealed earlier this week.  According to cybersecurity firm Huntress, the hackers hunt for publicly available Foundation installations on the internet and then test combinations of default usernames…

Read more →

  Over 3,000 of Red Hat OpenShift’s customers, including a significant portion of the Global Fortune 500, are trusting the platform because of its robust security features and its industry-leading hybrid cloud platform. However, two critical vulnerabilities in OpenShift could…

Read more →

  Deepfake videos featuring some of Britain’s most well-known television doctors are circulating on social media to sell fraudulent products,  as per report by the British Medical Journal (BMJ). Doctors like Hilary Jones, Rangan Chatterjee, and the late Michael Mosley…

Read more →

  As per recent findings from Mandiant, companies operating in the energy and aerospace sectors are being targeted by a cyber-espionage campaign that has connections with North Korea. The outfit behind the campaign, dubbed UNC2970, is most likely linked to…

Read more →

  The US Treasury Department imposed further sanctions on five individuals and one entity connected to the Intellexa Consortium, a reportedly tainted holding company behind notorious spyware known as Predator. US officials say that even though more sanctions were imposed…

Read more →

  As part of a three-day meeting with ‘like-minded’ countries, the UK has begun a conversation aimed at tackling the growing threat of cyber attacks and how to combat them. The government intends to initiate a global dialogue with leading…

Read more →

  In July, Columbus, Ohio, experienced a ransomware attack, which initially appeared to be a typical breach. However, the city’s unusual response sparked concern among cybersecurity experts and legal professionals. IT consultant David Leroy Ross, also known as Connor Goodwolf,…

Read more →

  23andMe has agreed to pay $30 million and provide three years of security monitoring as part of a settlement to resolve a lawsuit alleging the genetics testing company failed to safeguard the personal data of 6.9 million customers compromised…

Read more →

  Imagine this: your Chromebook fails just before you click “Save” after spending hours working on your project. Let’s imagine you want to watch a series, but it keeps crashing, making it impossible for you to get the most out…

Read more →

The Singaporean authorities have detained six people believed to be associated with a global cybercrime syndicate suspected of masterminding malicious cyber activities all over the world, latest reports said. The arrest was a result of an extensive operation carried out…

Read more →

  Kawasaki Motors Europe has been targeted by a ransomware attack orchestrated by the RansomHub gang, causing significant disruption to its services. The company, responsible for distributing and selling Kawasaki’s motorcycles across Europe, swiftly responded by isolating its servers to…

Read more →

The cybersecurity landscape advances daily and so do threats, e-commerce websites have become a main target for threat actors. In a recent incident, an advanced skimming attack on WooCommerce sites has shed light on the new methods hackers use to…

Read more →

  Reports indicate that some of the largest tech firms are paying millions of dollars each year to safeguard the CEOs of their companies, with some companies paying more than others depending on the industry. There has been a significant…

Read more →

  The Port of Seattle and Seattle-Tacoma International Airport have corroborated that the major system outages which took place late August were caused by a ransomware attack. On August 24, a cyberattack partially disrupted the critical operations at the airport…

Read more →

  Fortinet has disclosed a data breach impacting a “small number” of its clients after a hacker, using the alias “Fortibitch,” leaked 440GB of customer information on BreachForums. The hacker claimed to have accessed the data from an Azure SharePoint…

Read more →

  A recent Mandiant report highlighted the increasing cyber threats that Mexico is facing, including a sophisticated blend of domestic and global cybercrime that targets both individuals and businesses.  Mexico’s economy, ranked 12th largest in the world, makes it an…

Read more →

  CosmicBeetle is a cybercriminal group exploiting vulnerabilities in software commonly used by small and medium-sized businesses (SMBs) across Turkey, Spain, India, and South Africa. Their main tool, a custom ransomware called ScRansom, is still under development, leading to various…

Read more →

Threat actors were found exploiting poorly secured Oracle WebLogic servers for mining cryptocurrency, building a DDoS botnet, and other malicious activities.  The Discovery Researchers from Aqua Cybersecurity found various attacks in the wild and decided to catch culprits by running…

Read more →

Google is currently being investigated in Europe over privacy concerns raised about how the search giant has used personal data to train its generative AI tools. The subject of investigation is led by Ireland’s Data Protection Commission, which ensures that…

Read more →

  As part of its investigation, the Port of Seattle, which operates Seattle-Tacoma International Airport in the city, has determined that the Rhysida ransomware gang is responsible for the cyberattack that allowed it to reach its systems last month, causing…

Read more →

  Credit card fraud is a growing issue, with over 60% of cardholders experiencing attempted fraud in 2023. The use of AI by cybercriminals has dramatically increased, allowing them to open hundreds of accounts daily. Global losses from card fraud…

Read more →

  BT logs 2,000 potential cyber attack signals per second, according to the latest data from the telecom behemoth, as it warns of the rising threat from cyber criminals. The telecom firm stated it found that web-connected devices were being…

Read more →

  The London branch of the Industrial and Commercial Bank of China (ICBC) recently fell victim to a ransomware attack, resulting in the theft of sensitive data. According to a report by The Register, which references information posted on the…

Read more →

  Despite its long-standing reliance on Chinese marine cranes, the U.S. is placing a national security risk over the cranes’ ability to be operated remotely through built-in modems, according to a staff report released Friday by the House Select Committee…

Read more →

The United States Federal Bureau of Investigation (FBI) has recently highlighted a significant cybersecurity threat posed by North Korean cybercriminals targeting the web3 and cryptocurrency sectors.  Why Hackers Target ETFs? The cryptocurrency industry has witnessed tremendous growth, Ether and Bitcoin…

Read more →

  Among those filed recently is one from Ford for a system that gathers driver data to personalise in-car advertisements, which raises lots of concerns over privacy. This technological advancement can collect types of information from a car’s GPS location…

Read more →

  Cybersecurity experts discovered a new form of the TrickMo banking trojan, which now includes advanced evasion strategies and the ability to create fraudulent login screens and steal banking credentials.  This sophisticated malware employs malicious ZIP files and JSONPacker to…

Read more →

Telecom Regulatory Authority of India (Trai) and the Department of Telecom (DoT) have jointly disconnected over 1 crore mobile connections. This initiative is part of a broader strategy to curb spam calls, reduce cybercrime, and improve the overall telecom experience…

Read more →

  In an announcement, the Singapore Police Force (SPF) announced the arrest of five Chinese nationals and one Singaporean for allegedly engaging in illicit cyber activities within the country and that they had been arrested. As a result of a…

Read more →

  A data breach at Florida-based recruitment firm MNA Healthcare has left sensitive information of over 14,000 healthcare workers and 10,000 hospitals exposed. Discovered on June 20, 2024, by the Cybernews research team, the breach was caused by a misconfiguration…

Read more →

Ransomware groups continue to innovate and adapt their tactics to bypass security measures. One such group, RansomHub, reported by Malwarebytes, has recently garnered attention for its sophisticated approach to disabling Endpoint Detection and Response (EDR) systems. By leveraging Kaspersky’s TDSSKiller,…

Read more →

  For C-suite executives and security leaders, learning that your organisation has been infiltrated by network attackers, critical systems have been locked down, and data has been compromised, followed by a ransom demand, could be the worst day of their…

Read more →

Transport for London, the governmental body tasked with running the capital’s transit system, is battling a cyberattack that has stretched into a second week. The backbone of the transit operations remains intact and fully functional; however, many of TfL’s online…

Read more →

  Despite cryptocurrency no longer dominating the headlines like it did during the 2021 to 2022 boom, cybercriminals are still leveraging it to generate billions of dollars in fraudulent income every year. According to the FBI, 2023 was the most…

Read more →

  Despite active attacks by gangs such as the NoName ransomware group, which has targeted small and medium-sized businesses worldwide for the past three years, the group has continued to grow by using custom malware and evolving its attack methods.…

Read more →

  Slim CD, a leading provider of payment processing solutions, has disclosed a significant data breach that compromised the credit card and personal data of nearly 1.7 million individuals. Hackers had unauthorized access to the company’s network for almost a…

Read more →