Tag: CySecurity News – Latest Information Security and Hacking Incidents

  At the bottom of a two-meter staircase in Gumi City Council, South Korea, a robot that worked for the city council was discovered unresponsive. There are those in the country who label the first robot to be built in…

Read more →

  The Fédération Internationale de l’Automobile (FIA), the governing body overseeing Formula 1 and other major motorsports worldwide, recently disclosed a significant cyberattack. This breach resulted from phishing attacks that compromised personal data within two FIA email accounts, exposing vulnerabilities…

Read more →

The BianLian ransomware organization is accused of cyberattacking against three major US companies, consisting of large amounts of sensitive data. The victims of the BianLian ransomware attack—Island Transportation Corp., Legend Properties Inc., and Transit Mutual Insurance Corporation of Wisconsin—had their…

Read more →

  Eldorado, a new ransomware-as-a-service (RaaS), was released in March and has locker variations for VMware ESXi and Windows. The gang has already claimed 16 victims, the majority of whom are in the United States and work in real estate,…

Read more →

  Earlier this year, a hacker successfully breached OpenAI’s internal messaging systems, obtaining sensitive details about the company’s AI technologies. The incident, initially kept under wraps by OpenAI, was not reported to authorities as it was not considered a threat…

Read more →

  Despite their growing popularity, passkeys are not as secure as many believe. According to Joe Stewart, principal security researcher at eSentire’s Threat Response Unit (TRU), many online accounts using passkeys can still fall victim to adversary-in-the-middle (AitM) attacks. This…

Read more →

  The latest figures suggest that nearly 1,500 medical operations have been cancelled at some of London’s leading hospitals in the four weeks following Qilin’s ransomware attack on pathology services provider Synnovis. But perhaps no one was more severely impacted…

Read more →

  A cybercriminal known as Alderson1337 has emerged on BreachForums, offering a critical exploit targeting npm accounts. This vulnerability poses a significant threat to npm, a crucial package manager for JavaScript managed by npm, Inc., a subsidiary of GitHub. Alderson1337…

Read more →

In the rapidly changing world of cloud technology, serverless computing, once hailed as a groundbreaking innovation, is now losing its relevance. When it first emerged over a decade ago, serverless computing promised to free developers from managing detailed compute and…

Read more →

In April 2023, OpenAI, a leading artificial intelligence research organization, faced a significant security breach. A hacker gained unauthorized access to the company’s internal messaging system, raising concerns about data security, transparency, and the protection of intellectual property.  In this…

Read more →

  The U.S. messaging giant Twilio has been accused of stealing 33 million phone numbers over the past week as a result of a hacker’s exploit. Authy, a popular two-factor authentication app owned by Twilio that uses the phone numbers…

Read more →

  Ministry of Justice employees referred to a woman as a “bitch” in an online conversation, which she later received a copy of, serving as a reminder of the importance of careful workplace communication, says an employment lawyer.  Academic and…

Read more →

  Cybersecurity researchers have identified a wave of attacks targeting outdated versions of the HTTP File Server (HFS) software from Rejetto, aiming to distribute malware and cryptocurrency mining tools. These attacks exploit a critical security flaw known as CVE-2024-23692, which…

Read more →

Patelco Credit Union, a prominent financial institution based in Dublin, has been thrust into the spotlight due to a crippling ransomware attack.  With over half a million members affected, the situation underscores the critical importance of robust cybersecurity measures for…

Read more →

  Ransomware demands are skyrocketing in 2024, with the average extortion demand per ransomware attack exceeding $5.2 million per incident in the first half of the year.  Following an attack on India’s Regional Cancer Centre (RCC) on April 20, a…

Read more →

  The recent attack on one of the largest financial services providers has led to a problem for many companies that work with the provider, two of which have already alluded to possible negative implications for customer data due to…

Read more →

  Indonesia recently faced its worst cyber attack in years, exposing critical weaknesses in the country’s IT policy. The ransomware attack, which occurred on June 20, targeted Indonesia’s Temporary National Data Center (PDNS) and used the LockBit 3.0 variant, Brain…

Read more →

As one of today’s most popular social media platforms, YouTube frequently attracts cybercriminals who exploit it to run scams and distribute malware. These schemes often involve videos masquerading as tutorials for popular software or ads for cryptocurrency giveaways. In other…

Read more →

  Cisco patched a NX-OS zero-day, identified as CVE-2024-20399 (CVSS score of 6.0), which the China-linked group Velvet Ant used to deploy previously unidentified malware as root on vulnerable switches.  The bug exists in the CLI of Cisco NX-OS Software;…

Read more →

  The future of payment technologies and consumer trends are exploding; GenZ’s are more tuned to flexible, and reliable payment sources. The market is evolving with the needs of this generation and adapting new business models and technologies to meet…

Read more →

  Wise, a prominent financial technology company, recently disclosed a data breach impacting some customer accounts due to a ransomware attack on their former partner, Evolve Bank & Trust. The breach has raised significant concerns about the security of third-party…

Read more →

In May, the hacking group ShinyHunters claimed to have gotten personal information from more than 500 million Ticketmaster users and was selling the data on the dark web, and the business has now admitted that consumer data may have been…

Read more →

  Researchers have identified a new ransomware group called Volcano Demon, responsible for at least two successful attacks in the past two weeks. Tim West, an analyst at cybersecurity firm Halcyon, revealed that the group targeted companies in the manufacturing…

Read more →

  Cambridge, Massachusetts-based enterprise software provider HubSpot is handling a security compromise that has affected many customer accounts. Less than fifty accounts have been compromised, the business said in an online post. Although the investigation is still ongoing, HubSpot stressed…

Read more →

  Amid escalating cyber threats, the Reserve Bank of India (RBI) has released a comprehensive advisory to all scheduled commercial banks. This advisory, disseminated by the Department of Banking Supervision in Mumbai, stresses upon the paramount importance of robust cybersecurity…

Read more →

Developers strive to maintain robust codebases, but occasionally, they encounter dubious or exaggerated reports that can disrupt their work.  A recent incident involving the popular open-source project “ip” sheds light on the challenges faced by developers when dealing with Common…

Read more →

Researchers from the University of California, San Diego, have discovered a new vulnerability in modern Intel processors, specifically the Raptor Lake and Alder Lake generations. This vulnerability, named ‘Indirector,’ can be used to steal sensitive information from the CPU.  The…

Read more →

  The most severe security failures are generally those that we cannot anticipate – until they occur. Prior to 9/11, national security and law enforcement planners expected that airline hijackers would land their planes and reach a settlement — until…

Read more →

  In the first half of 2024, the average ransom demand per ransomware attack reached over $5.2 million (£4.1 million), according to a new analysis by Comparitech. This figure is derived from 56 known ransom demands issued by cybercriminals from…

Read more →

  As of May 24, a circular was issued by SEBI prohibiting stock exchanges and intermediaries in India from sharing time-sensitive share price information with fantasy trading platforms that gamify stock trading in real-time. In the week after the Securities…

Read more →

A recent security analysis discovered critical vulnerabilities in CocoaPods, the widely used dependency management platform for Apple developers. These vulnerabilities pose significant risks to iOS and macOS apps, potentially allowing attackers to compromise user data and system integrity. Apple CocoaPods…

Read more →

Cyber fraudsters have developed a new method to deceive unsuspecting individuals by posing as police officers and claiming that a relative has been arrested in a narcotics case. They demand a bribe to drop the charges, preying on the victims’…

Read more →

  Police in Australia have arrested and charged a man with nine cybercrime crimes for allegedly setting up fictitious public Wi-Fi networks using a portable wireless access point to steal data from unsuspecting users.  The man designed “evil twin” Wi-Fi…

Read more →

In the rapidly evolving world of technology, generative artificial intelligence (GenAI) programs are emerging as both powerful tools and significant security risks. Cybersecurity researchers have long warned about the vulnerabilities inherent in these systems. From cleverly crafted prompts that can…

Read more →

  Cryptographers are making significant strides in the field of quantum encryption, developing new rules that promise to enhance data security in the quantum computing age. As quantum computers advance, they pose a threat to current encryption methods, which rely…

Read more →

  European Union regulators have accused Meta Platforms of violating the bloc’s new digital competition rules by compelling Facebook and Instagram users to either view ads or pay to avoid them. This move comes as part of Meta’s strategy to…

Read more →

  There has been a significant increase in the number of threats exploiting the drive-by-download method during the first half of 2024, such as the FakeBat loader, formerly EugenLoader or PaykLoader. There has been an increasing emphasis on using this…

Read more →

Microsoft recently faced material backlash over its new AI tool, Recall, leading to a delayed release. Recall, introduced last month as a feature of Microsoft’s new AI companion, captures screen images every few seconds to create a searchable library. This…

Read more →

  The Future of Cybersecurity Jobs in an AI-Driven World Artificial Intelligence (AI) is revolutionizing the cybersecurity landscape, enhancing both the capabilities of cyber attackers and defenders. But a pressing question remains: Will AI replace cybersecurity jobs in the future?…

Read more →

Hackers have claimed responsibility for three major cyberattacks in Italy in the last 24 hours. The RansomHub and RansomHouse gangs allegedly carried out the ransomware assaults in Italy. RansomHub targeted the websites of Cloud Europe and Mangimi Fusco, while RansomHouse…

Read more →

  Cybercriminals have carried out a series of hacks targeting big companies by breaking into the back ends of their software suppliers, disrupting operations at auto dealerships all over the U.S. This is the latest in a wide-ranging series that…

Read more →

  Infosys McCamish Systems (IMS) recently disclosed that a LockBit ransomware attack earlier this year compromised sensitive information of more than six million individuals. IMS, a multinational corporation specializing in business consulting, IT, and outsourcing services, primarily serves the insurance…

Read more →

  Data centre liquid cooling systems are becoming increasingly popular due to their greater heat management effectiveness when compared to traditional air cooling methods. However, as technology advances, new security issues emerge, such as cybersecurity and physical risks.  These concerns…

Read more →

  Multiple critical vulnerabilities have been identified in Emerson gas chromatographs, posing risks such as unauthorized access to sensitive data, denial-of-service conditions, and arbitrary command execution. Gas chromatographs are essential in various industries like chemical, environmental, and healthcare sectors for…

Read more →

  Researchers from Penn State University have uncovered critical vulnerabilities in 5G technology that put mobile devices at risk. At the upcoming Black Hat 2024 conference in Las Vegas, they will reveal how attackers can exploit these weaknesses to steal…

Read more →

Cybersecurity threats have become increasingly sophisticated, and state-sponsored actors continue to target government institutions and diplomatic entities. One such incident involves a Russian threat actor known as “Nobelium,” which has been launching spear phishing attacks against French diplomats. ANSSI Issued…

Read more →

  A new ransomware operation known as Brain Cipher has emerged, targeting organizations worldwide. This operation recently gained media attention due to an attack on Indonesia’s temporary National Data Center. Indonesia is developing National Data Centers to securely store servers…

Read more →

In early June, Kadokawa’s video-sharing platform Niconico experienced a server outage, which has now been claimed by the Russia-linked hacker group BlackSuit. This group, a rebrand of the Royal ransomware operation and linked to the defunct Conti cybercrime syndicate, has…

Read more →

  A July 4 deadline for Windows users who have not updated their systems is fast approaching. It was only two weeks ago that a two-week-old security vulnerability found in Windows was found to have been reactivated. Despite Microsoft’s claim…

Read more →

  We’re more than halfway into 2024, and we’ve already witnessed some of the largest and the most damaging data breaches in recent history. And just when you thought some of these hacks couldn’t be much worse, they did. The…

Read more →

  A major scandal has emerged in South Korea, where the internet service provider KT is accused of intentionally installing malware on the computers of 600,000 subscribers. This invasive action was reportedly designed to interfere with and block torrent traffic,…

Read more →

  Kadokawa Group, the parent company of renowned game developer FromSoftware, has fallen victim to a gruesome ransomware attack. The Japanese conglomerate, known for its diverse involvement in book publishing, the video-sharing service Niconico, and various other media enterprises, revealed…

Read more →

A major vulnerability exists in some versions of GitLab Community and Enterprise Edition products, which might be exploited to run pipelines as any user. GitLab is a prominent web-based open-source software project management and task tracking tool. There are an…

Read more →

  Cybercriminals have always been adept at abusing the latest technological developments in their attacks, and weaponizing QR codes is one of their most recent strategies. QR codes have grown in popularity as a method for digital information sharing due…

Read more →

  An investigation has found that a North Korea-linked threat actor, known as Kimsuky, has been involved in the use of a malicious Google Chrome extension to steal sensitive information to collect information as part of an ongoing intelligence collection…

Read more →

  iTeamViewer, a remote access software company, has announced that its corporate environment was compromised in a cyberattack. According to the company, the breach was detected on Wednesday, June 26, 2024, and is believed to have been carried out by…

Read more →

  This year, software company 37signals has made headlines with its decision to leave cloud computing, resulting in a significant profit boost of over $1 million (£790,000). This move highlights a growing trend among businesses reassessing the value of cloud…

Read more →

  In today’s digital age, entering your real email address into a website is a risky move. It’s all too common for websites to sell your information to data brokers, who then use it for marketing, targeted ads, or even…

Read more →

A Case of Privacy Breach and Unintended Disclosure In an unprecedented turn of events, the Internal Revenue Service (IRS) recently issued a public apology to billionaire investor Ken Griffin. The reason? Leaked tax records that exposed sensitive financial information, including…

Read more →

  In a recent study, university exams taken by fictitious students using artificial intelligence (AI) outperformed those by real students and often went undetected by examiners. Researchers at the University of Reading created 33 fake students and employed the AI…

Read more →

  The future of Web3 is being significantly shaped by two critical advancements: hyperscaling and on-chain confidentiality. As blockchain technology continues to evolve, these innovations are poised to address some of the fundamental challenges faced by decentralized systems, paving the…

Read more →

  Indian security agencies are concerned about a potential huge data breach triggered by Chinese microchips and hardware detected in biometric attendance systems (BAS) deployed in central and state government buildings, including sensitive departments.  During their investigations, intelligence agencies discovered…

Read more →

  Throughout the healthcare industry, CIOs are implementing technologies that allow precision diagnostics, reduce clinician workload, and automate back-office functions, from ambient documentation to machine learning-based scheduling. A lot of data is available in Penn Medicine BioBank, an institution run…

Read more →

  A hacker claims to have accessed a large database linked with the Indian government’s portal for blue-collar workers emigrating from the country.  The eMigrate portal’s database allegedly includes full names, contact numbers, email addresses, dates of birth, mailing addresses,…

Read more →

  Tech billionaire Jack Dorsey, best known as the founder of Twitter (now X), has issued a stark warning about the future. He predicts that in the next five to ten years, it will become increasingly difficult for people to…

Read more →

  In today’s rapidly advancing digital world, how organisations store their data is crucial to their cybersecurity strategies. Whether protecting sensitive customer information, securing intellectual property, or ensuring smooth business operations, effective data storage methods can prominently impact an organisation’s…

Read more →

  A newly discovered vulnerability in MOVEit, a popular file transfer tool, is currently under active exploitation, posing serious threats to remote workforces. Cybercriminals are taking advantage of this flaw to gain unauthorized access to sensitive data.  This exploitation highlights…

Read more →

  Security researchers announced on Monday that there had been a supply chain attack on up to 36,000 WordPress plugins running on a wide range of websites that had been backdoored by unknown hackers. Currently, researchers from security firm Wordfence…

Read more →

The convergence of Web3 technologies and the healthcare industry has sparked significant interest and investment. As blockchain, decentralized applications (dApps), and smart contracts gain traction, the potential benefits for healthcare are immense. However, this rapid adoption also brings cybersecurity challenges…

Read more →

In the past ten years, public cloud computing has dramatically changed the IT industry, promising businesses limitless scalability and flexibility. By reducing the need for internal infrastructure and specialised personnel, many companies have eagerly embraced public cloud services. However, as…

Read more →

The Attack The automotive industry has faced an unprecedented challenge: a cyberattack targeting CDK Global, a major software provider for auto dealerships. This incident has sent shockwaves through the industry, affecting dealerships across the United States. In this blog post,…

Read more →

  Cado Security experts warned that the P2Pinfect worm is used in attacks on Redis servers to deliver ransomware and cryptocurrency mining payloads.  Palo Alto Networks Unit 42 researchers uncovered the P2P worm P2PInfect in July 2023, which targets Redis…

Read more →

  Blockchain technology, which was first developed as part of the backbone of cryptocurrencies such as Bitcoin, has grown beyond its original purpose. To enhance efficiency, reduce fraud, and spur innovation across various industries, it has its unique attributes-decentralization, transparency,…

Read more →

  A recent study has unveiled a critical security threat impacting approximately 280 million Google Chrome users who have installed dangerous browser extensions. These extensions, often masquerading as useful tools, can lead to severe security risks such as data theft,…

Read more →

  Bharat Sanchar Nigam Limited (BSNL) has reportedly experienced a significant data breach, with the responsible threat actor claiming to have acquired sensitive user and operational data. The government-owned telecom provider’s servers were attacked, resulting in the hackers obtaining SIM…

Read more →

  Imagine receiving a message that your deceased father’s “digital immortal” bot is ready to chat. This scenario, once confined to science fiction, is becoming a reality as the digital afterlife industry evolves. Virtual reconstructions of loved ones, created using…

Read more →

  The Washington Post reported on Monday that federal law enforcement authorities have long received information about certain Americans’ mail via a little-known U.S. Postal Service operation known as the “mail covers program.” While officials argue that the program is…

Read more →

A survey discovered that nearly half of all new commercial artificial intelligence projects are abandoned in the middle. Navigating the AI Implementation Maze A recent study by the multinational law firm DLA Piper, which surveyed 600 top executives and decision-makers…

Read more →

  In recent weeks, the cybercriminal group UNC5537 has made significant waves. This ransomware gang, potentially linked to ShinyHunters or Scattered Spider, stole over 560 million customer records from Ticketmaster. On May 28, they listed this data for sale on…

Read more →

  In a statement released on 3 June, NHS England confirmed that the patient data managed by the company Synnovis for blood testing was stolen in a ransomware attack. In a threat to extort money from Synnovis, a group of…

Read more →

  In recent weeks, car dealerships across the United States and Canada have been severely disrupted by consecutive cyberattacks, underlining the growing vulnerability of the automotive retail sector. These attacks, involving sophisticated ransomware operations, have caused significant operational challenges, impacting…

Read more →

Generative AI (GenAI) has emerged as a driving focus area in the learning and development (L&D) strategies of IT and consulting firms. Companies are increasingly investing in comprehensive training programs to equip their employees with essential GenAI skills, spanning from…

Read more →

  Cryptography secures online communication, but with reported losses of $534 million due to data breaches in 2023, robust encryption is crucial. Weak encryption invites breaches and man-in-the-middle attacks. Strong VPNs provide robust encryption and secure internet communication paths, essential…

Read more →

  The National Testing Agency (NTA) in India is in the midst of a serious crisis, with its staff worried about the safety of any exam due to claims that the NTA’s website was hacked.  Following the cancellation of the…

Read more →

  Although local party anger has been expressed over the selection of Conservative Chairman Richard Holden as the party’s candidate for Basildon and Billericay, he has been appointed at the very last minute as the party’s candidate. The BBC contacted…

Read more →

In recent days, the automotive industry has been hit by a significant IT outage that has disrupted operations for car dealerships across North America. The culprit? The notorious BlackSuit ransomware gang. In this blog post, we’ll delve into the details…

Read more →

  A severe cyberattack on Ascension, one of the largest healthcare systems in the United States, has disrupted patient care significantly. The ransomware attack, which began on May 8, has locked medical providers out of critical systems that coordinate patient…

Read more →

  In a severe cyber attack targeting a London hospital, hackers have published a massive 400GB of sensitive data, raising significant alarm within the healthcare sector. This breach underscores the escalating threat posed by cybercriminals to critical infrastructure, especially within…

Read more →

  Qilin, also known as Agenda, is a ransomware-as-a-service operation that collaborates with affiliates to encrypt and exfiltrate data from hacked organizations, demanding a ransom in return.  Despite its name deriving from a mythical Chinese creature that combines features of…

Read more →

  A prominent threat actor known as IntelBroker, notorious for orchestrating several high-profile data breaches, has now set its sights on Apple. The hacker successfully leaked the company’s source code associated with several internal tools, announcing this development through a…

Read more →

  Jollibee Foods Corp., a fast-food company specializing in Filipino fare, is investigating a report of a data breach in its delivery service system, adding its name to a growing list of companies which have been targeted by hackers in…

Read more →

Change Healthcare, a company that handles medical billing, claims processing, and other critical healthcare functions, fell victim to a sophisticated cyberattack. The attackers gained unauthorized access to the company’s systems, compromising a vast amount of sensitive data. The Breach UnitedHealth…

Read more →

In the realm of cybersecurity, ensuring the safety and integrity of a network is a multifaceted endeavor. One crucial aspect of this process is the regular assessment of potential vulnerabilities within the system. As a cybersecurity professional, our work revolves…

Read more →

  The Unified Payments Interface (UPI) has transformed the infrastructure of digital transactions in India, providing a fast, easy, and secure method for payments. However, its rapid adoption has also attracted the attention of cybercriminals. This article delves into the…

Read more →

  Security experts are raising alarms about a new infostealer named Fickle Stealer, which is being disseminated through various techniques across the internet. Fickle Stealer engages in typical malicious activities, such as stealing sensitive files, system information, browser-stored files, and…

Read more →

  With minimal expense and a bit of time, passwords can be cracked much faster than expected using a smart brute-force guessing algorithm. A recent analysis by Kaspersky revealed that 59% of 193 million real passwords were cracked in under…

Read more →

  Banks, credit card companies, the government, and a variety of other entities are continually looking for new ways to protect your money and data. But scammers never appear to be far behind. According to a 2023 Ipsos poll conducted…

Read more →

ISIS, a terrorist organization allegedly launched two fake channels on Google-owned video platforms YouTube and Facebook. CNN and Al Jazeera claimed to be global news platforms through their YouTube feeds. This goal was to provide credibility and ease the spread…

Read more →

  There is no doubt that traffic violations have also been victimized by scammers, as have most online services, as phishing has become one of the new ways in which unsuspecting victims have been tricked into giving out their personal…

Read more →

  If you’re not using strong, random passwords, your accounts might be more vulnerable than you think. A recent study by cybersecurity firm Kaspersky shows that a lot of passwords can be cracked in less than an hour due to…

Read more →