Tag: CySecurity News – Latest Information Security and Hacking Incidents

  The Digital Crimes Unit of Microsoft disrupted a major supplier of cybercrime-as-a-service (CaaS) last week, dubbed Storm-1152. The attackers had registered over 750 million fake Microsoft accounts, which they planned to sell online to other cybercriminals, making millions of…

Read more →

Telus, a prominent telecoms provider, has accomplished a significant milestone by obtaining the prestigious ISO Privacy by Design certification. This certification represents a critical turning point in the business’s dedication to prioritizing privacy. The accomplishment demonstrates Telus’ commitment to implementing…

Read more →

  A significant trial began in a Belgian court on Monday, involving over 120 individuals accused of offenses such as drug and arms trafficking, extortion, torture, and attempted murder. This trial is notable not only for its sheer scale but…

Read more →

In a new finding, it has been revealed that the malware campaign that first came to light in March 2023 has used JavScript web injections in an attempt to steal data from over 50 banks, belonging to around 50,000 used…

Read more →

  Microsoft has revealed the introduction of Windows Protected Print Mode (WPP), a new feature that brings significant security enhancements to the Windows print system.  According to Johnathan Norman, the principal engineer manager at Microsoft Offensive Research & Security Engineering…

Read more →

Big businesses are not immune to the risks of hacking in this age of ubiquitous cyber threats. Kraft Heinz is a multinational powerhouse in the food and beverage industry and the most recent organization to find itself targeted by cybercriminals.…

Read more →

Imperva Threat Research team has recently discovered a previously unreported activity from the 8220 gang, which is well-known for mass-deploying a range of constantly evolving TTPs to distribute malware in large quantities. The threat actor has a history of using…

Read more →

  Hardly a day passes when we fail to notice some sort of scam on our phones or in our emails, attempting to trick us into downloading malware, revealing a password, or making a payment for something that isn’t genuine.…

Read more →

  Several days before the leak, the GokuMarket team found an unprotected MongoDB instance, which was storing information about its users, namely those who bought and sold crypto on the exchange. In GokuMarket’s case, it is the details of more…

Read more →

The Indian Computer Emergency Response Team (CERT-In) has discovered security flaws in high-profile smartphone brands, including Samsung, Apple, and Google Pixel devices. After carefully analyzing these devices’ security features, CERT-In has identified certain possible weaknesses that can jeopardize user privacy…

Read more →

  A newly identified multi-platform threat named NKAbuse has surfaced, employing a decentralized peer-to-peer network connectivity protocol known as NKN (New Kind of Network) for communication. Russian cybersecurity firm Kaspersky detailed the malware’s capabilities in a report, describing it as…

Read more →

  The Rhysida hacker group is believed to have carried out a cyberattack against Insomniac Games and is now demanding a ransom, starting at 50 Bitcoin, or more than $2 million. Sony, which owns the Spider-Man 2 and Ratchet &…

Read more →

  Security in the digital world continues to become more and more important with every passing year. Even though many of us rely on apps to entertain us, guide us, manage our exercise, and connect with family and friends, they…

Read more →

On Friday, China proposed a four-tier classification system, in an effort to address data security incidents, underscoring concerns of Beijing in regards to the widespread data leaks and hacking incidents in the country.  This emergency plan comes when the country…

Read more →

Threat actors responsible for attacking Ledger’s connector library have stolen assets valued at approximately $484,000. This information was given by the blockchain analysis platform Lookonchain. Ledger has said that the security breach might have a large effect, possibly totalling hundreds…

Read more →

  Lesotho’s central bank is grappling with widespread disruptions following a cyberattack detected earlier this week. The landlocked country, surrounded by South Africa and home to over 2 million people, disclosed multiple statements acknowledging the impact of the recent cyber…

Read more →

  Microsoft Corp. has shut down a cybercrime group’s US-based infrastructure, which created more than 750 million fake accounts across the company’s services.  Microsoft carried out the takedown with the support of Arkose Labs Inc., a venture-backed cybersecurity firm. The…

Read more →

   China has recently issued a stern warning regarding the use of foreign geographic software, expressing serious concerns about the potential leakage of critical information related to its essential infrastructure and military. The Ministry of State Security, while refraining from…

Read more →

  It is no longer news that children’s lives are becoming increasingly impacted by the digital realm in our modern world. There are a wide array of educational resources, entertainment, and social connections available on the Internet. Despite this, it…

Read more →

The introduction of generative AI has caused a paradigm change in the rapidly developing field of artificial intelligence, posing both unprecedented benefits and problems for companies. The need to strengthen security measures is becoming more and more apparent as these…

Read more →

User data security has grown critical in an era of digital transactions and networked apps. The misuse of OAuth applications is a serious danger that has recently attracted attention in the cybersecurity field. OAuth (Open Authorization) is a widely used…

Read more →

Recently, ransomware groups have been increasingly adopting newer tactics, one of them being the transparent, quasi-corporate strategy with the media, with the benefits of building pressure on the victims to pay ransom.  According to a report, released this week by…

Read more →

  OLVX has emerged as a new cybercrime marketplace, quickly gaining a loyal following of customers seeking through the marketplace tools used to conduct online fraud and cyberattacks on other websites. The launch of the OLVX marketplace follows along with…

Read more →

  Recruiting affiliates and developers from the troubled BlackCat/ALPHV and NoEscape ransomware operations is one of the calculated steps being taken by the LockBit ransomware group. An ideal opportunity emerged for LockBit to expand its network due to the recent…

Read more →

  China issued a cautionary notice regarding the utilization of foreign geographic software due to the discovery of leaked information concerning its critical infrastructure and military. The Ministry of State Security, while refraining from assigning blame, asserted that the implicated…

Read more →

When it initially came to light that governments globally demanded push notification data from Apple and Google, suspicion mounted that the US government was doing the same. This has now been confirmed, with one use of it being the monitoring…

Read more →

  FortiGuard Labs cybersecurity experts have discovered a sophisticated email phishing scheme that uses fraudulent hotel reservations to target unsuspecting victims. The phishing campaign involves the deployment of an infected PDF file, which sets off a chain of actions that…

Read more →

The conflict between tech behemoths Google and Apple and Fortnite creator Epic Games is a ground-breaking antitrust lawsuit that has rocked the app ecosystem. An important turning point in the dispute occurred when a jury decided to support the gaming…

Read more →

  There is an electronic trail behind every single reader when they read a newspaper online, buy an eBook, or watch a video on their computer. For companies and law enforcement agencies alike, this trail is likely to be a…

Read more →

In a recent study by Northwestern University, researchers uncovered a startling vulnerability in customized Generative Pre-trained Transformers (GPTs). While these GPTs can be tailored for a wide range of applications, they are also vulnerable to rapid injection attacks, which can…

Read more →

China has started a security investigation into the export of geolocation data, a development that highlights the nation’s rising concerns about data security. The probe, which was made public on December 11, 2023, represents a major advancement in China’s attempts…

Read more →

  Spies might be made out of regular employees at US companies if the recently proposed and approved legislation by the House Intelligence Committee greatly expands the federal government’s surveillance powers, experts warn.  The legislation, called H.R. 6611 or the…

Read more →

  It has been discovered that there is a strong coincidence in the targeting and tactics of Sandman, a mysterious advanced persistent threat (APT) that has been identified to use backdoors referred to as “Keypluggs,” and KEYPLUG, a China-based threat…

Read more →

Sharing her experience with the AI-powered robot cop in a New York subway station, ZDNET’s Nina Raemont reported of the robot – K5 – patrolling in The Times Square-42nd St. subway station’s mostly deserted mezzanine. It was pacing swiftly from…

Read more →

  The United States has shown a keen interest in the cybersecurity aspects of Bitcoin, particularly honing in on a vulnerability associated with the Ordinals Protocol in 2022. The National Vulnerability Database (NVD), overseen by the National Institute of Standards…

Read more →

  AI and blockchain are two of the most revolutionary technologies of our time, and their combination will totally transform the tech sector. The two main axes around which blockchain is conceptualised are cryptocurrencies and the infrastructure supporting them, which…

Read more →

Users of Google Android and Apple iPhone smartphones have recently received a vital warning to immediately remove certain apps from their devices. The programs that were found to be potentially dangerous have been marked as posing serious concerns to the…

Read more →

  Using Android 14 and 13 smartphones, a newly discovered bug allowing the user to bypass the lock screen can compromise sensitive information from Google accounts stored in users’ Google accounts, according to security researcher Jose Rodriguez.  It has now…

Read more →

  Artificial intelligence tools are more susceptible to targeted attacks than previously anticipated, effectively forcing AI systems to make poor choices. The term “adversarial attacks” refers to the manipulation of data being fed into an AI system in order to…

Read more →

Security researchers from the International Institute of Information Technology (IIIT) in Hyderabad, India, have discovered a new vulnerability with some Android password managers in which some malicious apps may steal or capture users’ data credentials in WebView.  The threat actors…

Read more →

  With the new artificial intelligence-powered system, Metro buses in Los Angeles will be able to use cameras to target drivers who are breaking the law by using bus lanes illegally and ticketing them. Los Angeles buses may soon use AI…

Read more →

On October 7, in a startling turn of events, Hamas carried out a planned invasion that escaped Israeli military detection, posing a serious intelligence failure risk to Israel. The event brought to light Israel’s vulnerabilities in its cybersecurity infrastructure as…

Read more →

  As time passes, it is disturbing to see how many people still have a casual attitude towards their personal data, despite the constant stream of cyber incidents and large data breaches in the headlines. Millions of accounts and sensitive…

Read more →

Last week, the El Salvador government, along with the stablecoin company Tether, joined in an initiative called ‘Adopting El Salvador Freedom,’ which will enable foreigners to obtain a Salvadoran passport in exchange for a million dollars in Bitcoin.   This initiative,…

Read more →

  jA widely-viewed video showcasing the purported real-time interaction capabilities of Google’s artificial intelligence model, Gemini, has been revealed to have been manipulated for demonstration purposes. The video, garnering 1.6 million views on YouTube, depicts seamless back-and-forth interactions between the…

Read more →

  Meta Platforms (META.O) announced on Wednesday the commencement of the rollout of end-to-end encryption for personal chats and calls on both Messenger and Facebook. This heightened security feature, ensuring that only the sender and recipients can access messages and…

Read more →

  Earlier this week, a report commissioned by Apple highlighted, yet again, why end-to-end encryption must be used when protecting sensitive data against theft and misuse, and why analysts have long recommended it.  In the report, a professor at the…

Read more →

The field of cybersecurity is always changing, and recent developments have refocused attention on Russian hackers and their purported participation in an elaborate cyber-espionage scheme. Russian security chief agency Federal Security Service (FSB) is suspected of leading a hack-and-leak operation…

Read more →

One might want to reconsider before scanning QR codes. The codes, which are a digital jumble of white and black squares that are frequently used to record URLs, are apparently commonplace; they may as well be seen, for example, on…

Read more →

  In the fast-evolving landscape of automotive technology, researchers have uncovered a critical vulnerability that exposes an unsettling potential: the ability for hackers to manipulate entire fleets of vehicles, even orchestrating their shutdown remotely. Shockingly, this major security concern has…

Read more →

  Setting the right strategy for a company is indeed only half the battle against the competition in today’s volatile digital world. A reliable model is also necessary to be able to translate these goals into actions that are carried…

Read more →

Google has recently launched Gemini, its most powerful generative AI software model to date. And since the model is designed in three different sizes, Gemini may be utilized in a variety of settings, including mobile devices and data centres. Google…

Read more →

  According to a recent report from Apple and a Massachusetts Institute of Technology researcher, the United States has witnessed a record-breaking surge in data breaches, fueled by increased attacks on third-party vendors and a rise in aggressive ransomware incidents. …

Read more →

Government spying through push notifications Government authorities have been snooping on smartphone users via push notifications sent out by applications, wrote a US senator in a letter to the Department of Justice on December 6.  Senator Ron Wyden of Oregon…

Read more →

Vulnerabilities in the constantly changing technology landscape present serious risks to the safety of our online lives. A significant Bluetooth security weakness that affects Apple, Linux, and Android devices has recently come to light in the cybersecurity community, potentially putting…

Read more →

Microsoft has issued a paper for the largely-anticipated glass-based storage tech that it’s been planning to replace the traditional technology that’s best fitted into the hard drives and best SSDs out in the market today.  The academic paper (which is…

Read more →

  Academic researchers have unveiled a novel side-channel attack named SLAM, designed to exploit hardware enhancements meant to bolster security in forthcoming CPUs from major manufacturers like Intel, AMD, and Arm. The attack aims to retrieve the root password hash…

Read more →

South Korea: Seoul police have charged Andariel, a North Korea-based hacker group for stealing critical defense secrets from South Korea’s defense companies. Allegedly, the laundering ransomware is redirected to North Korea. One of the 1.2 terabytes of data the hackers…

Read more →

Apple’s iPhone security has come under scrutiny in the ever-changing field of cybersecurity due to recent events. The security of these recognizable devices has come under scrutiny because to a number of attacks, notably the worrisome ‘BlastPass’ zero-click zero-day exploit.…

Read more →

  The renowned Bitcoin Core developer Luke Dashjr recently disclosed a serious flaw in the programme that he dubbed “Inscription,” which is part of the Bitcoin Core. The blockchain’s defence against spam may have a weakness, as this discovery has…

Read more →

  An Israeli data privacy company, Mine Inc., has announced that it has completed a $30 million Series B fundraising round led by Battery Ventures, PayPal Ventures, as well as the investment arm of US insurance giant Nationwide, with the…

Read more →

  Scientists at Google DeepMind, leading a research team, have adeptly utilized a cunning approach to uncover phone numbers and email addresses via OpenAI’s ChatGPT, according to a report from 404 Media. This discovery prompts apprehensions regarding the substantial inclusion…

Read more →

Healthcare departments under threat The alert from the Department of Health and Human Services Health Sector Cybersecurity Coordination Center on Nov. 30 and the AHA warning on Friday come amid an outbreak of ransomware attacks alleged to involve Citrix Bleed…

Read more →

The world of online cloud storage We live in a world of online cloud storage, where all our data is accessible everywhere and on any gadget. This has made the act of having physical storage media a lesser concern than…

Read more →

  A recent report from VentureBeat reveals that HuggingFace, a prominent AI leader specializing in pre-trained models and datasets, narrowly escaped a potential devastating cyberattack on its supply chain. The incident underscores existing vulnerabilities in the rapidly expanding field of…

Read more →

  As the use of cryptocurrency grows, more criminals are likely to start using it to raise, move, and conceal money outside of the established banking system, according to Canada’s financial intelligence agency.  In a report published on Monday, the…

Read more →

The intersection of wargames and artificial intelligence (AI) has become a key subject in the constantly changing field of combat and technology. Experts are advocating for ethical monitoring to reduce potential hazards as nations use AI to improve military capabilities.…

Read more →

In a sophisticated cyber campaign, the group Twisted Spider, also recognized as Storm-0216, has joined forces with the cybercriminal faction Storm-1044. Employing a strategic method, they target specific endpoints through the deployment of an initial access trojan known as DanaBot. …

Read more →

  The Worldwide Australian Labradoodle Association (WALA) has been the target of a new cyberattack in which private data of pet owners, pet microchip numbers, veterinarians, and testing laboratories affiliated with WALA have been leaked to the public as a…

Read more →

Upon discovering that the system has been breached, the initial reaction, marked by a skipped heartbeat, often prompts a common question: What steps should be taken next?  According to a recent study, over the last two years, more than half…

Read more →

  A hacker with a history of releasing private information has threatened to do so unless it receives a ransom payment of $300,000 ($380,000) in bitcoins from members of the British Royal Family, including X-rays, letters from consultants, clinical notes,…

Read more →

  The trend of choosing online shopping over traditional in-store visits is on the rise, with e-commerce transactions dominating the digital landscape. However, the security of these online interactions is not foolproof, as security breaches leading to unauthorized access to…

Read more →

This week, the US Department of Health and Human Services (HSS) has warned hospitals of the critical ‘Citrix Bleed’ Netscaler vulnerability that has been exploited by threat actors in cyberattacks. On Thursday, the department’s security team, Health Sector Cybersecurity Coordination…

Read more →

  “The Office of Foreign Assets Control (OFAC) of the US Department of Treasury recently announced that it has sanctioned the cyberespionage group Kimsuky, also known as APT43, for gathering intelligence on behalf of the Democratic People’s Republic of Korea…

Read more →

The ransomware strain Qilin has surfaced as a new danger to computers using VMware ESXi, which is a recent development in the cryptocurrency space. Concerned observers have expressed concern over the fact that this Qilin Linux version exhibits a targeted…

Read more →

The UK’s expedition into releasing a digital pound has triggered a strong debate among policymakers and finance experts. The House of Commons Treasury Committee has shown concerns, cautioning that bringing a central bank digital currency (CBDC) in the UK could…

Read more →

  Malware is being targeted at Mac users who receive pirated versions of popular apps from warez websites after they choose to download them from those websites. Various reports state that cybercriminals are infecting macOS devices with proxy trojans and…

Read more →

As technology advances quickly, governments all over the world are becoming increasingly concerned about artificial intelligence (AI) regulation. Two noteworthy recent breakthroughs in AI legislation have surfaced, providing insight into the measures governments are implementing to guarantee the proper advancement…

Read more →

ChatGPT has recently completed one year after its official launch. Since it introduced the world to the future, by showing (a part of) what a human-AI interaction looks like, ChatGPT has eventually transformed the entire tech realm into a cultural…

Read more →

  India has called for coordinated efforts through Interpol channels to address transnational crimes, including terrorism, online radicalization, and cyber-enabled financial fraud, on a real-time basis, officials revealed on Friday. At the 91st General Assembly of Interpol in Vienna, the…

Read more →

  Last year, hackers, mainly from North Korea, stole a whopping $3.8 billion in cryptocurrency, making it the worst year ever for crypto theft, according to experts at Chainalysis, a company that tracks cybercrime. This is a significant jump from…

Read more →

  A large number of Microsoft Exchange email servers in Europe, the United States, and Asia are currently vulnerable to remote code execution flaws due to their public internet exposure. These servers are running out-of-date software that is no longer…

Read more →

Having a robust security culture is the best way of protecting your organization from security data hacks. This blog will talk about six ways you can follow to foster a strong security culture.  The average cost to the organization of…

Read more →

In the constantly changing field of cybersecurity, 2023 has seen an increase in ransomware assaults, with important industries like healthcare, finance, and even mortgage services falling prey to sophisticated cyber threats. According to recent reports, a ransomware outbreak is aimed…

Read more →

  Various entities in the Middle East, Africa, and the United States have fallen victim to an unidentified threat actor orchestrating a campaign involving the dissemination of a recently discovered backdoor named Agent Racoon. According to Chema Garcia, a researcher…

Read more →

  In the current landscape, the prevalence of the cloud era is undeniable, and the market is characterized by constant dynamism. Enterprises, in order to maintain relevance amid this competitive environment, are unmistakably demonstrating a keen interest in embracing cloud…

Read more →

  Owing to a ransomware attack on a popular technology provider, about 60 credit unions are experiencing disruptions.  A spokesperson for the National Credit Union Administration (NCUA), Joseph Adamoli, stated that the ransomware attack was directed towards Ongoing Operations, a…

Read more →

  OpenAI has had a very exciting week both in terms of its major success with the ChatGPT service as well as its artificial intelligence (AI) division. The CEO of OpenAI, Sam Altman, who is arguably one of the most…

Read more →

A majority of security leader based in the United Arab Emirates (UAE) are convinced that their firms require improvements – in terms of how their teams, processes and technology operates – to mitigate any potential cyberattack. To provide insight into…

Read more →

In the Light of 23andMe Security Incident Following up on the recent security breach of 23andMe that impacted around 14,000 customer accounts, the security incident underscored the utilization of a cybersecurity tactic known as “credential stuffing,” where unauthorized access is…

Read more →

  Genetic testing company 23andMe declared on Friday that approximately 14,000 customer accounts were compromised in its recent data breach. In an updated submission to the U.S. Securities and Exchange Commission, the company revealed that its investigation determined the breach…

Read more →

The Treasury Department’s Office of Foreign Assets Control (OFAC) has recently confirmed the involvement of Kimsuky, a North-Korea sponsored hacking group, in a cyber breach attempt that resulted in the compromise of intel in support of the country’s strategic aims. …

Read more →

  You should log into any old Google account you wish to maintain if you haven’t used it in a few years to avoid having it deleted due to Google’s inactive account policy. Google revealed the new guidelines in May,…

Read more →

Federal authorities in the United States have effectively confiscated the Sinbad crypto mixer, a tool purportedly used by North Korean hackers from the Lazarus organization, in a key action against cybercriminal activities. The operation, which focused on the Lazarus group’s…

Read more →

  Dark forums are places where hackers advertise what they can do to increase attacks against Booking.com customers. As cybercriminals continue to target hotel guests by offering up to $2,000 for hotel logins, they are offering up to 2,000 dollars…

Read more →

  LockBit, the infamous ransomware group, has admitted to being behind a cyber assault on India’s state-owned aerospace research laboratory. Additionally, during the month of July, LockBit’s dark web leaked data of Granules, an Indian pharmaceutical company, as one of…

Read more →

The latest investigation Okta’s recent investigation into the exploit of its Help Center environment in October disclosed that the threat actors stole the data that belonged to all customer support system users. Okta mentioned that the hackers also stole extra…

Read more →

Google has recently introduced a new multilingual text vectorizer called RETVec (an acronym for Resilient and Efficient Text Vectorizer), to aid identification of potentially malicious content like spam and fraudulent emails in Gmail.  While massive platforms like YouTube and Gmail…

Read more →