Tag: CySecurity News – Latest Information Security and Hacking Incidents

  UK Police stated that they have infiltrated a massive phishing website on the dark web that has defrauded tens of thousands of individuals, and learned that university students have turned to cyber fraud as a way to increase their…

Read more →

  In the ever-evolving landscape of cybersecurity, safeguarding sensitive information and ensuring secure access to corporate networks are paramount concerns for organizations worldwide. Recently, Cisco Duo, a leading provider of multi-factor authentication (MFA) and Single Sign-On services, found itself grappling…

Read more →

  The executive vice president of security at Microsoft, Charlie Bell, recently proposed that the company is the neighbourhood of foreign state-sponsored hackers in an interview with Bloomberg. It has certainly been true over the years that they are particularly…

Read more →

Recently, an incident involving Delinea’s Secret Server SOAP API highlighted the challenges faced by both parties in the disclosure process. Vulnerability Details A major flaw in Delinea’s Secret Server SOAP API was discovered this week, prompting security professionals to rush…

Read more →

  A recent cyberattack on Change Healthcare, a subsidiary of United Health, has led to a distressing data extortion situation, further complicating an already tumultuous ordeal. Let’s delve into the details to understand the gravity of the situation and its…

Read more →

  Handala, an Iranian cyber outfit, has claimed to have taken down the Iron Dome missile defence system and breached Israel’s radars.  A major cyber attack is believed to have unfolded when the Handala hacking group, which is renowned for…

Read more →

  The LightSpy spyware has been used by cyberespionage groups to spy on users of iPhones, iPads, and other mobile devices in the South Asian region in a recent cyberespionage campaign. According to reports, the cybercriminals behind this cybercriminal campaign…

Read more →

  In the rapidly evolving landscape of online pharmaceuticals, the proliferation of counterfeit drugs poses a significant threat to consumer safety. Cybersecurity firm BrandShield has emerged as a stalwart defender in this battle, successfully dismantling over 250 websites selling counterfeit…

Read more →

  Suspected state-sponsored hackers have exploited a zero-day vulnerability in Palo Alto Networks firewalls, identified as CVE-2024-3400, since March 26. These hackers have utilized the compromised devices to breach internal networks, pilfer data, and hijack credentials. Palo Alto Networks issued…

Read more →

  In the past decade, the services of Virtual Private Networks (VPNs) have drastically transformed. Once solely focused on providing secure internet connections, VPN companies are now expanding their offerings into comprehensive privacy and security suites. This shift reflects a…

Read more →

  According to a new Statista Market Insights report, cybercrime is rising at an unprecedented pace. Approximately one-third of the United States’ GDP or about 24 times Apple’s annual revenue in 2023 will be incurred as a result of cyberattacks,…

Read more →

  Checkmarx, an application security firm, has discovered that threat actors are altering GitHub search results in order to infect developers with persistent malware. As part of the campaign, attackers were seen developing fake repositories with popular names and themes,…

Read more →

  As businesses navigate the digital landscape, the threat of ransomware looms larger than ever before. Each day brings new innovations in cybercriminal techniques, challenging traditional defense strategies and posing significant risks to organizations worldwide. Ransomware attacks have become increasingly…

Read more →

Data brokers work in secrecy, collecting personal details about our lives. These entities collect, and misuse our personal information without our explicit consent.  The Rise of Data Brokers The Consumer Financial Protection Bureau (CFPB) has taken notice, and their proposed…

Read more →

  The Heritage Foundation, a prominent conservative think tank based in Washington, DC, revealed on Friday that it had fallen victim to a cyberattack earlier in the week. The attack, which occurred amid ongoing efforts to mitigate its effects, left…

Read more →

  There are numerous voices around the world opposing the use of facial recognition technology. Many people believe facial recognition poses a severe threat to individual privacy, free speech, racial inequality, and data security. People who oppose it have solid…

Read more →

  The International Monetary Fund (IMF) has raised concerns about the increasing frequency and severity of cyber attacks, warning that they could potentially lead to bank runs. According to the IMF, these cyber threats pose significant risks to financial stability…

Read more →

Security experts have highlighted three compelling reasons why tourists should avoid charging their phones at airports. In light of these risks, it’s advisable to exercise caution when using public charging stations, especially at airports. Protecting your personal information should always…

Read more →

  In a recent set of events, streaming giant Roku has disclosed an eminent security breach affecting over half a million user accounts. Following a recent data breach, Roku has uncovered additional compromised accounts, totaling approximately 576,000 users affected by…

Read more →

  The digital landscape has become increasingly treacherous, with a startling surge in data-stealing malware compromising millions of devices worldwide. According to cybersecurity firm Kaspersky, the number of devices infected with data-stealing malware has skyrocketed by over 600% in the…

Read more →

  As a result of the rapid development of generative artificial intelligence, cyberattackers will likely have the upper hand in the short to medium term, compounding the long-term increase in cybersecurity risks for businesses, according to a report published by…

Read more →

  The Cybersecurity and Infrastructure Security Agency (CISA) has issued a new emergency directive aimed at U.S. federal agencies in response to the breach of multiple Microsoft corporate email accounts by the Russian APT29 hacking group. The directive, known as…

Read more →

Data is the new currency, but what happens when the guardians of our privacy mess up? The recent incident involving iCabbi, a taxi software vendor, brings notice to the delicate balance between convenience and security. The Breach Unveiled On a…

Read more →

  Amazon.com Inc. is swiftly increasing the use of robotics, with over 750,000 robots functioning alongside its employees.  There are 1.5 million people at the second-largest private company in the world. Even if it’s a large number, it represents a…

Read more →

  The Federal Bureau of Investigation (FBI) has alerted the public to a widespread SMS phishing scam sweeping across the United States. The scam, which began in early March 2024, specifically targets individuals with fraudulent messages regarding unpaid road toll…

Read more →

  It has been reported that Apple sent notifications on April 10 to its Indian and 91 other users letting them know they might have been a victim of a possible mercenary spyware attack. As stated in the company’s notification…

Read more →

  In the intricate tapestry of cybersecurity, recent events have thrust vulnerabilities and threats into the spotlight once again. The breach of data analytics powerhouse Sisense, coupled with the emergence of novel sub-techniques utilized by North Korean threat actors, underscores…

Read more →

  Apple issued security alerts to individuals in 92 nations on Wednesday, cautioning them that their iPhones had been targeted in a remote spyware attack linked to mercenaries. The company sent out threat notification emails, informing recipients, “Apple has detected…

Read more →

  MuddyWater, an Iranian threat actor, has used a novel command-and-control (C2) infrastructure known as DarkBeatC2 in its the most recent attack. This tool joins a list of previously used systems, including SimpleHarm, MuddyC3, PhonyC2, and MuddyC2Go. In a recent…

Read more →

  Within the dynamic sphere of digital technology, businesses are continually seeking innovative solutions to streamline operations and step up their security measures. One such innovation that has garnered widespread attention is facial biometrics, a cutting-edge technology encompassing face recognition…

Read more →

A six-year-old vulnerability has recently come to light, affecting Intel and Lenovo servers. Let’s delve into the details of this silent flaw and its implications.  About vulnerability The vulnerability resides within the Lighttpd web server, a lightweight and efficient open-source…

Read more →

  In the wake of a cyberattack on Tarrant County Appraisal District in March, the Medusa ransomware gang has claimed responsibility for the hack and has threatened the public with the threat of leaking 218 GB of the stolen data…

Read more →

  There remains a significant disparity in utilisation of resources between defensive and offensive cybersecurity technologies. When comparing the return on investment (ROI) for defensive and offensive investments, security experts discovered that offensive security routinely outperforms defensive security. For example,…

Read more →

Zambia has exposed a sophisticated Chinese cybercrime syndicate that preyed on unsuspecting victims across the globe. The operation, which unfolded during a multi-agency raid, led to the apprehension of 77 individuals, including 22 Chinese nationals.  This case sheds light on…

Read more →

  Amidst an ever-growing demand for electricity, artificial intelligence (AI) is stepping in to mitigate power disruptions. Aseef Raihan vividly recalls a chilling night in February 2021 in San Antonio, Texas, during winter storm Uri. As temperatures plunged to -19°C,…

Read more →

  X, the social media platform formerly known as Twitter, recently grappled with a significant security flaw within its iOS app. The issue involved an automatic alteration of Twitter.com links to X.com links within Xeets, causing widespread concern among users.…

Read more →

  In a cautionary tale from Thane, a 41-year-old man, M.R. Bhosale, found himself embroiled in a sophisticated online scam after his father fell victim to a deceptive text message. The incident sheds light on the dangers of trusting unknown…

Read more →

  An array of cunning cyberattack campaigns utilizing seemingly innocuous invoices to deliver malware attacks have been uncovered by cybersecurity researchers. In this deceptive campaign, malicious Scalable Vector Graphics (SVG) file attachments are embedded in phishing emails that have been…

Read more →

  A significant security loophole within the Rust standard library has emerged, posing a threat specifically to Windows users by enabling potential command injection attacks. Designated as CVE-2024-24576 and carrying a maximum severity score of 10.0 according to the Common…

Read more →

  According to a recent discovery by Varonis Threat Labs, two new techniques have emerged that pose a significant threat to data security within SharePoint, a widely used platform for file management. These techniques enable users to evade detection and…

Read more →

  In the realm of technology and communications, the race for supremacy between quantum computers and space encryption is intensifying.  While quantum computers hold the promise of unprecedented processing power, space encryption, leveraging light to beam data around, presents a…

Read more →

  Jamie Dimon might be concerned about the economy, but he’s optimistic regarding artificial intelligence. In his annual shareholder letter, JP Morgan Chase’s (JPM) CEO stated that he believes the effects of AI on business, society, and the economy would…

Read more →

In the digital landscape where information flows freely and transactions occur at the speed of light, a new predator has emerged. Aptly named the “Vulture,” this cyber threat silently circles its unsuspecting prey, waiting for the right moment to strike.…

Read more →

  In the ongoing battle against cyber threats, government and corporate heads are increasingly turning to artificial intelligence (AI) and machine learning (ML) for a stronger defense. However, the companies are facing a trio of significant hurdles.  Firstly, the reliance…

Read more →

  In a statement announced Tuesday, the Kolkata Police said that more than 20 schools across the city have been threatened with bombs, which have been later revealed as hoaxes. According to the sender, bombs had been placed in numerous…

Read more →

  In today’s digitised world, safeguarding personal information and digital assets is of great importance. One emerging threat is the SIM swap scam, a sophisticated form of identity theft where fraudsters manipulate mobile carriers to transfer a victim’s phone number…

Read more →

  New vulnerabilities have been discovered in LG TVs that could allow unauthorised access to the devices’ root systems, possibly exposing thousands of units worldwide.  The finding, made as part of Bitdefender’s continuing inspection of the popular Internet of Things…

Read more →

  On April 8 of this year, sources in the Ukrainian Security Service of Ukraine (SBU) told the Kyiv Independent that Ukrainian hackers, possibly linked to the SBU, destroyed a data centre used by Russian military, energy, and telecommunications companies.…

Read more →

Recently, Varonis Threat Labs uncovered two novel techniques that allow threat actors to sidestep SharePoint security controls, evading detection while exfiltrating files. In this blog, we delve into these techniques and explore their implications for organizations relying on SharePoint for…

Read more →

Indian businesses are being warned about the looming threat of ransomware attacks by cybersecurity experts. These attacks not only jeopardize company data but also pose a serious risk to user information. To address this urgent issue, experts stress the importance…

Read more →

  LinkedIn Users Targeted in Complex Phishing Scheme A concerning security threat has emerged for users of the professional networking platform LinkedIn. Known as the “Microsoft Two-Step Phishing Campaign,” this attack involves hackers using compromised profiles to deceive users and…

Read more →

  The recent film “The Beekeeper” opens with a portrayal of a cyberattack targeting an unsuspecting victim, highlighting the modern challenges posed by technology-driven crimes. The protagonist, Adam Clay, portrayed by Jason Statham, embarks on a mission to track down…

Read more →

  In a concerning development for e-commerce security, hackers have been discovered exploiting a critical flaw in the popular Magento platform, leaving numerous online stores vulnerable to data breaches. The vulnerability, identified as CVE-2024-20720 with a severity score of 9.1,…

Read more →

  Greylock McKinnon Associates (GMA) has discovered a data breach in which hackers gained access to 341,650 Social Security numbers.  The data breach was disclosed last week on Friday on Maine’s government website, where the state issues data breach notifications.…

Read more →

  Amidst the grief and emotional turmoil after loosing a loved one, there are practical matters that need to be addressed, including accessing the digital assets and accounts of the deceased. In an increasingly digital world, navigating the complexities of…

Read more →

  The latest revelation in the realm of iPhone scams comes in the form of MFA (Multi-Factor Authentication) bombing. This sophisticated threat targeting Apple users underscores the need for heightened awareness and informed responses. Apple has promptly responded to the…

Read more →

  In a security update released by Microsoft on Thursday, 61 high-risk vulnerabilities, including critical ones, were addressed. The cyber threat actor may be able to exploit some of these vulnerabilities to gain control of a computer that has been…

Read more →

  In recent years, cybercriminals have been increasingly employing sophisticated tactics to target individuals and organizations across the globe. One such alarming trend is the proliferation of fake e-shop scam campaigns, particularly prevalent in Southeast Asia.  These campaigns, characterized by…

Read more →

Keeping your data hidden from Apple is ‘virtually impossible’, experts have warned. A groundbreaking study reveals that the default apps on iPhones, iPads, and MacBooks collect personal data even when they appear to be disabled. In a world where privacy…

Read more →

  Having social media software for managing users’ privacy settings, and security settings, and keeping track of recent news and marketing opportunities can provide a great way to keep in touch with family, and friends, and stay updated on recent…

Read more →

  Five hospitals in Ontario, which fell victim to a ransomware attack last autumn, are initiating a mass notification effort to inform over 326,000 patients whose personal data was compromised. The cyber breach on October 23, targeted Bluewater Health, Chatham-Kent Health…

Read more →

Recent research from Waterfall Security Solutions has revealed important insights into the changing nature of cyberattacks on Operational Technology (OT) organizations. One key finding is the rise of hacktivist groups as major players in targeting OT systems.  Additionally, the study…

Read more →

  Last Friday, Prudential Financial began informing over 36,000 people of a data incident that occurred in early February 2024.  The breach, first disclosed in a regulatory filing with the SEC in February, occurred on February 4 and was purportedly…

Read more →

  A significant security breach has impacted the European Union’s law enforcement agency, Europol, according to a report by Politico. Last summer, a collection of highly confidential documents containing personal information about prominent Europol figures vanished under mysterious circumstances. The…

Read more →

  A recent investigation by Black Lotus Labs team at Lumen Technologies has revealed a concerning trend in cybercriminal activity targeting end-of-life (EoL) routers and IoT devices. The research sheds light on a sophisticated campaign utilising updated malware known as TheMoon, which…

Read more →

  Microsoft has taken a significant step forward in the realm of enterprise data privacy and compliance with the expansive expansion of its Priva platform. With the introduction of five new automated products, Microsoft aims to assist organizations worldwide in…

Read more →

Defending Against IoT Ransomware Attacks in a Zero-Trust World In our interconnected digital landscape, the proliferation of Internet of Things (IoT) devices has revolutionized how we live and work. From smart homes to industrial automation, IoT devices play a pivotal…

Read more →

  A data breach allegedly occurred on Sunday at Pandabuy, an online store that aggregates items from Chinese e-commerce sites. As a result, 1,348,307 accounts were affected. A large amount of information has been leaked, including user IDs, first and…

Read more →

  The OWASP Foundation has recently made public a data breach incident where the resumes of certain members were inadvertently made accessible online due to a misconfiguration of its previous Wiki web server. OWASP, which stands for Open Worldwide Application…

Read more →

Recently, what we are observed is that enterprises facing a persistent threat from social engineering tactics aimed at acquiring login credentials for crucial systems like Identity and Access Management (IAM), cloud resources, and Single Sign-On (SSO) platforms. Successful breaches through…

Read more →

  The Office of the Assistant Secretary of Defence for Cyber Policy has been formally constituted, the Pentagon announced in a statement last week. Congress directed the Pentagon to set up the office, elevating cyber policy within the office of…

Read more →

  As cyber threats continue to evolve, Mac users are increasingly finding themselves in the crosshairs of malicious actors. In recent developments, a new strain of malware has emerged, posing a significant risk to Mac users worldwide. This malware, designed…

Read more →

  Data security has become a necessity since the world is completely dependent on the Internet for everything, including the most basic things. Security challenges have become increasingly important with the amount of sensitive data the Internet carries, including users’…

Read more →

In a digital age where privacy concerns loom large, the recent legal settlement involving Google’s Incognito mode has captured attention worldwide. The tech giant, known for its dominance in search, advertising, and web services, has agreed to delete billions of…

Read more →

Recently, cybersecurity researchers have unearthed a disturbing trend: threat actors are exploiting YouTube to distribute malware disguised as video game cracks. This alarming course of action poses a significant risk to unsuspecting users, especially those seeking free software downloads. According…

Read more →

  Google’s latest update to its Messages app, dubbed Gemini, has ignited discussions surrounding user privacy. Gemini introduces AI chatbots into the messaging ecosystem, but it also brings forth a critical warning regarding data security. Unlike conventional end-to-end encrypted messaging…

Read more →