Recently, Varonis Threat Labs uncovered two novel techniques that allow threat actors to sidestep SharePoint security controls, evading detection while exfiltrating files. In this blog, we delve into these techniques and explore their implications for organizations relying on SharePoint for…
Tag: CySecurity News – Latest Information Security and Hacking Incidents
India’s Businesses Under Huge Cyber Threats, Kaspersky Reported
Indian businesses are being warned about the looming threat of ransomware attacks by cybersecurity experts. These attacks not only jeopardize company data but also pose a serious risk to user information. To address this urgent issue, experts stress the importance…
LinkedIn Users Targeted in Complex Phishing Scheme
LinkedIn Users Targeted in Complex Phishing Scheme A concerning security threat has emerged for users of the professional networking platform LinkedIn. Known as the “Microsoft Two-Step Phishing Campaign,” this attack involves hackers using compromised profiles to deceive users and…
Fostering Cybersecurity Culture: From Awareness to Action
The recent film “The Beekeeper” opens with a portrayal of a cyberattack targeting an unsuspecting victim, highlighting the modern challenges posed by technology-driven crimes. The protagonist, Adam Clay, portrayed by Jason Statham, embarks on a mission to track down…
E-commerce Breach: Hackers Target Magento, Steal Payment Data
In a concerning development for e-commerce security, hackers have been discovered exploiting a critical flaw in the popular Magento platform, leaving numerous online stores vulnerable to data breaches. The vulnerability, identified as CVE-2024-20720 with a severity score of 9.1,…
Hackers Siphon 340,000 Social Security Numbers From U.S. Consulting Firm
Greylock McKinnon Associates (GMA) has discovered a data breach in which hackers gained access to 341,650 Social Security numbers. The data breach was disclosed last week on Friday on Maine’s government website, where the state issues data breach notifications.…
Posthumous Data Access: Can Google Assist with Deceased Loved Ones’ Data?
Amidst the grief and emotional turmoil after loosing a loved one, there are practical matters that need to be addressed, including accessing the digital assets and accounts of the deceased. In an increasingly digital world, navigating the complexities of…
Combatting iPhone Scams: Steps Towards Enhanced Security
The latest revelation in the realm of iPhone scams comes in the form of MFA (Multi-Factor Authentication) bombing. This sophisticated threat targeting Apple users underscores the need for heightened awareness and informed responses. Apple has promptly responded to the…
Security Advisory: Protecting Mobile Devices for UAE Residents
In a security update released by Microsoft on Thursday, 61 high-risk vulnerabilities, including critical ones, were addressed. The cyber threat actor may be able to exploit some of these vulnerabilities to gain control of a computer that has been…
The Fake E-Shop Scam Campaign Sweeping Southeast Asia, seizing users banking details
In recent years, cybercriminals have been increasingly employing sophisticated tactics to target individuals and organizations across the globe. One such alarming trend is the proliferation of fake e-shop scam campaigns, particularly prevalent in Southeast Asia. These campaigns, characterized by…
Privacy is ‘Virtually Impossible’ on iPhones, Experts Warn
Keeping your data hidden from Apple is ‘virtually impossible’, experts have warned. A groundbreaking study reveals that the default apps on iPhones, iPads, and MacBooks collect personal data even when they appear to be disabled. In a world where privacy…
The Hidden Danger of Public USB Charging Stations: What You Need to Know
Whether you’re at the airport, a café, or a shopping mall, you’ve probably encountered those convenient public USB charging stations. They seem harmless, right? After all, they’re just there to help you power up your devices while you wait for…
Private Data of 7.5 million BoAt Users Leaked in Massive Data Breach
More than 7.5 million boAt customers’ customer information has surfaced on the dark web. It is possible to purchase personally identifiable information (PII) such as a name, address, contact number, email ID, customer ID, and more. The threat actor…
SurveyLama Data Breach Exposes Millions of Users’ Information
A major data breach has impacted the online survey platform SurveyLama, putting the sensitive data of over four million individuals at risk. The breach, which occurred in February of this year, was confirmed by the company to Troy Hunt,…
What AI Can Do Today? The latest generative AI tool to find the perfect AI solution for your tasks
Generative AI tools have proliferated in recent times, offering a myriad of capabilities to users across various domains. From ChatGPT to Microsoft’s Copilot, Google’s Gemini, and Anthrophic’s Claude, these tools can assist with tasks ranging from text generation to…
Room for Error: Hotel Check-In Terminal Flaw Leads to Access Code Leak
Ibis Budget hotels in Germany were found to leak hotel room key codes through self-service check-in terminals, and a researcher behind the discovery claims the problem could potentially affect hotels around the world. It would be very easy for…
Lazy Koala: New Cyber Threat Emerges in CIS Region
Cybersecurity researchers at Positive Technologies Expert Security Center (PT ESC) recently uncovered a new threat actor they’ve named Lazy Koala. Despite lacking sophistication, this group has managed to achieve significant results. The report reveals that Lazy Koala is targeting…
Email Security Vulnerabilities: Shocking Gaps in Malware Detection
In an era where digital communication dominates, email remains a fundamental tool for personal and professional correspondence. However, recent research by web browser security startup SquareX has exposed alarming vulnerabilities in email security. The study, titled “Security Bite: iCloud Mail,…
An Unusual Tracking Feature Identified on Millions of iPhone Users
Millions of iPhone users across the globe discovered an interesting new setting that was automatically switched on in their iPhones. The latest software version included a new setting called “Discoverable by Others”. It can be located under ‘Journalling Suggestions’…
Researchers Uncover Numerous Chinese Hacker Collectives Exploiting Ivanti Security Vulnerabilities
Several threat actors with connections to China have been identified as responsible for exploiting three security vulnerabilities affecting Ivanti appliances. These vulnerabilities are identified as CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893. Mandiant, a cybersecurity firm, has been monitoring these clusters of…