Cisco patched a NX-OS zero-day, identified as CVE-2024-20399 (CVSS score of 6.0), which the China-linked group Velvet Ant used to deploy previously unidentified malware as root on vulnerable switches. The bug exists in the CLI of Cisco NX-OS Software;…
Tag: CySecurity News – Latest Information Security and Hacking Incidents
Gen Z’s Payment Preferences are Transforming Retail and Dining
The future of payment technologies and consumer trends are exploding; GenZ’s are more tuned to flexible, and reliable payment sources. The market is evolving with the needs of this generation and adapting new business models and technologies to meet…
Wise and Evolve Data Breach Highlights Risks of Third-Party Partnerships
Wise, a prominent financial technology company, recently disclosed a data breach impacting some customer accounts due to a ransomware attack on their former partner, Evolve Bank & Trust. The breach has raised significant concerns about the security of third-party…
Inside the Ticketmaster Hack: 440,000 Taylor Swift Fans at Risk
In May, the hacking group ShinyHunters claimed to have gotten personal information from more than 500 million Ticketmaster users and was selling the data on the dark web, and the business has now admitted that consumer data may have been…
This New Ransomware Group Uses Phone Calls to Pressure Victims
Researchers have identified a new ransomware group called Volcano Demon, responsible for at least two successful attacks in the past two weeks. Tim West, an analyst at cybersecurity firm Halcyon, revealed that the group targeted companies in the manufacturing…
HubSpot Investigates Limited Security Breach Affecting Customer Accounts
Cambridge, Massachusetts-based enterprise software provider HubSpot is handling a security compromise that has affected many customer accounts. Less than fifty accounts have been compromised, the business said in an online post. Although the investigation is still ongoing, HubSpot stressed…
RBI Issues Advisory to Support Cybersecurity in Banks
Amid escalating cyber threats, the Reserve Bank of India (RBI) has released a comprehensive advisory to all scheduled commercial banks. This advisory, disseminated by the Department of Banking Supervision in Mumbai, stresses upon the paramount importance of robust cybersecurity…
Maintaining Sanity Amidst Unnecessary CVE Reports
Developers strive to maintain robust codebases, but occasionally, they encounter dubious or exaggerated reports that can disrupt their work. A recent incident involving the popular open-source project “ip” sheds light on the challenges faced by developers when dealing with Common…
New Intel CPU Vulnerability ‘Indirector’ Found
Researchers from the University of California, San Diego, have discovered a new vulnerability in modern Intel processors, specifically the Raptor Lake and Alder Lake generations. This vulnerability, named ‘Indirector,’ can be used to steal sensitive information from the CPU. The…
A World of Novel Risks: Stress-Testing Security Assumptions
The most severe security failures are generally those that we cannot anticipate – until they occur. Prior to 9/11, national security and law enforcement planners expected that airline hijackers would land their planes and reach a settlement — until…
Comparitech Report Reveals Average Ransom Demands of Over $5.2 Million in Early 2024
In the first half of 2024, the average ransom demand per ransomware attack reached over $5.2 million (£4.1 million), according to a new analysis by Comparitech. This figure is derived from 56 known ransom demands issued by cybercriminals from…
SEBI Circular Forces Stock Gaming Apps to Shut Down and Reevaluate
As of May 24, a circular was issued by SEBI prohibiting stock exchanges and intermediaries in India from sharing time-sensitive share price information with fantasy trading platforms that gamify stock trading in real-time. In the week after the Securities…
CocoaPods Security Alert: Critical Bugs Expose Millions of Apps
A recent security analysis discovered critical vulnerabilities in CocoaPods, the widely used dependency management platform for Apple developers. These vulnerabilities pose significant risks to iOS and macOS apps, potentially allowing attackers to compromise user data and system integrity. Apple CocoaPods…
New Online Scam: Fraudsters Pose as Police Officers to Extort Money
Cyber fraudsters have developed a new method to deceive unsuspecting individuals by posing as police officers and claiming that a relative has been arrested in a narcotics case. They demand a bribe to drop the charges, preying on the victims’…
Australian Man Arrested for Evil Twin Wi-Fi Attacks on Domestic Flights
Police in Australia have arrested and charged a man with nine cybercrime crimes for allegedly setting up fictitious public Wi-Fi networks using a portable wireless access point to steal data from unsuspecting users. The man designed “evil twin” Wi-Fi…
The Growing Cybersecurity Concerns of Generative Artificial Intelligence
In the rapidly evolving world of technology, generative artificial intelligence (GenAI) programs are emerging as both powerful tools and significant security risks. Cybersecurity researchers have long warned about the vulnerabilities inherent in these systems. From cleverly crafted prompts that can…
New Rules for Quantum Encryption Unveiled by Cryptographers
Cryptographers are making significant strides in the field of quantum encryption, developing new rules that promise to enhance data security in the quantum computing age. As quantum computers advance, they pose a threat to current encryption methods, which rely…
EU Claims Meta’s Paid Ad-Free Option Violates Digital Competition Rules
European Union regulators have accused Meta Platforms of violating the bloc’s new digital competition rules by compelling Facebook and Instagram users to either view ads or pay to avoid them. This move comes as part of Meta’s strategy to…
Exploring Fake-Bat Loaders: Distribution Tactics and Cybercrime Networks
There has been a significant increase in the number of threats exploiting the drive-by-download method during the first half of 2024, such as the FakeBat loader, formerly EugenLoader or PaykLoader. There has been an increasing emphasis on using this…
Tech Giants Face Backlash Over AI Privacy Concerns
Microsoft recently faced material backlash over its new AI tool, Recall, leading to a delayed release. Recall, introduced last month as a feature of Microsoft’s new AI companion, captures screen images every few seconds to create a searchable library. This…