Tag: CySecurity News – Latest Information Security and Hacking Incidents

  The old joke goes, “The opposite of pro is con, so the opposite of progress is Congress.” Getting laws proposed and passed can be difficult even in a more relaxed political climate, but the present state of the US…

Read more →

When did the attack surface? Rob Miller first learned there was a problem on a Sunday morning in mid-October 2020. The databases and IT systems at Hackney Council in East London suffered from outrages. During the time, the UK was…

Read more →

The department of Britain’s finance ministry came with robust regulations for crypto assets, following the collapse of the crypto exchange FTX last year in which millions of people lost billions of dollars.  However, regulation of crypto-assets could create a one-sized…

Read more →

Hacking organizations ‘Lazarus’ and ‘APT38’ supported by the North Korean government were responsible for the loss of $100 million worth of Ethereum from Harmony Horizon in June 2022.  The funds and the seizure of stolen assets were reported to the…

Read more →

  The threat group, known as LockBit, is one of the most notorious ransomware groups operating currently. As a result, they have become very active on dark web forums. In addition, they are exploiting the negative publicity created by other…

Read more →

Recently, a new Golang-based information stealer malware, named ‘Titan Stealer’ is being promoted by threat actors in their Telegram channel. Initial details regarding the malware were discovered by cybersecurity researcher Will Thomas in November 2022 by using the IoT search…

Read more →

Gurucul, is a California, United States-based company that is known for its innovative solutions for the Next Generation SIEM market, and also provides other companies with risk intelligence to detect, prevent, and deter advanced internal and external threats and fraud. …

Read more →

  Ransomware can be as disruptive to your day as a flood, earthquake, fire, or another natural disaster. It has the potential to devastate businesses, close hospitals, and close schools. And if you’re unlucky enough to be affected, it can…

Read more →

A SaaS software business named SysKit has released a report on the impact of digital transformation on IT administrators and the present governance environment. According to the report, 40% of businesses experienced a data breach in the last year. This…

Read more →

  As of today, VMware’s vRealize Log Insight platform is vulnerable to three security vulnerabilities, that have been exposed by publicly available exploit code. This has enabled cybercriminals to weaponize these vulnerabilities in a variety of ways. Several critical unauthenticated…

Read more →

About the vulnerability The vulnerabilities were found by experts working for SaiFlow, a company based in Israel that specializes in defending EV charging infrastructure and distributed energy resources.  The security loopholes are linked to the communications between the charging system…

Read more →

  The risk of being victimised by ransomware has grown over time. The frequency and sophistication of these attacks, which affects every industry, have both steadily increased. Additionally, when these attacks become more well-known among businesses, they search for fresh…

Read more →

  Jumbo, which debuted in 2019, made a promise to make the process of securing and safeguarding your privacy easier.  The iPhone and Android software would enhance your privacy settings on websites like Facebook and LinkedIn with a few touches,…

Read more →

The immense capability of ChatGPT has left the entire globe abuzz. Indeed, it solves both practical and abstract problems, writes and debugs code, and even has the potential to aid with Alzheimer’s disease screening. The OpenAI AI-powered chatbot, however, is…

Read more →

When you browse the web on a regular basis, it can be quite dangerous, but it becomes even more dangerous when you access certain types of sites. It should come as no surprise that porn, streaming, and video hosting websites…

Read more →

A new ransomware variant known as Mimic was found by security researchers, and it uses the Windows ‘Everything’ file search tool’s APIs to scan for files that should be encrypted. The virus has been “deleting shadow copies, terminating several apps…

Read more →

Qwant and DuckDuckGo are two privately-focused search engines that guarantee not to track your activities. Their ability to assist you in avoiding the privacy-invading methods that are all too prevalent among big search engines is one of the key components…

Read more →

  Despite being one of the most popular password managers on the market, LastPass has suffered another major breach, putting the passwords of customers risk as well as their personal information.   It was established just over a year ago that…

Read more →

  In a statement last week, the US Department of Justice claimed to have made progress against the significant ransomware organisation known as Hive.  Since last July, the FBI has been infiltrating Hive’s computer networks, and its disruption of the…

Read more →

  Over a 30-month period, cybercriminal groups and threat groups advertised for workers with expertise in software development, IT infrastructure maintenance, and designing fraudulent websites and email campaigns. In accordance with a new report from cybersecurity firm Kaspersky, demand for…

Read more →

  Despite being locked out of its data in January’s cyberattack, Qulliq Energy Corp. did not use the word, ransomware to describe what took place.  A cyberattack that targeted QEC on January 15 was discovered, and QEC announced that it…

Read more →

Following a cyber-attack, sportswear chain JD Sports has confirmed that the stored data of around 10 million customers might be at risk. The company said data that “may have been accessed” by the threat actors included names, addresses, email accounts,…

Read more →

  Reddit is the place to go if you want to find a community that shares your interests, whether you want to read the news, speak about your hobby, ask for advice, or debate your favourite band. But if you…

Read more →

Utilizing Google to look up the vendor’s official Web vault login page, several customers of Bitwarden’s password management service last week reported seeing paid advertising to phishing sites that steal credentials. Google ads targeting Bitwarden users Several password managers are…

Read more →

AI Crypto: The next big thing  AI crypto tokens will surely be the next big thing in the industry, an image of Metaverse mania, Defi boom, or meme coin explosion.  ChatGPT and other AI-based technologies have been viral across social…

Read more →

Recently, the government of Russia blocked another encrypted email provider Skiff. The government blocked Skiff after exactly three years when it had blocked similar email encrypted services including Proton Mail and Tutanota, according to a Russian digital rights organization and…

Read more →

When did the attack surface? Rob Miller first learned there was a problem on a Sunday morning in mid-October 2020. The databases and IT systems at Hackney Council in East London suffered from outrages. During the time, the UK was…

Read more →

  Ransomware can be as disruptive to your day as a flood, earthquake, fire, or another natural disaster. It has the potential to devastate businesses, close hospitals, and close schools. And if you’re unlucky enough to be affected, it can…

Read more →

Gurucul, is a California, United States-based company that is known for its innovative solutions for the Next Generation SIEM market, and also provides other companies with risk intelligence to detect, prevent, and deter advanced internal and external threats and fraud. …

Read more →

Hacking organizations ‘Lazarus’ and ‘APT38’ supported by the North Korean government were responsible for the loss of $100 million worth of Ethereum from Harmony Horizon in June 2022.  The funds and the seizure of stolen assets were reported to the…

Read more →

  The threat group, known as LockBit, is one of the most notorious ransomware groups operating currently. As a result, they have become very active on dark web forums. In addition, they are exploiting the negative publicity created by other…

Read more →

Recently, a new Golang-based information stealer malware, named ‘Titan Stealer’ is being promoted by threat actors in their Telegram channel. Initial details regarding the malware were discovered by cybersecurity researcher Will Thomas in November 2022 by using the IoT search…

Read more →

  The risk of being victimised by ransomware has grown over time. The frequency and sophistication of these attacks, which affects every industry, have both steadily increased. Additionally, when these attacks become more well-known among businesses, they search for fresh…

Read more →

Qwant and DuckDuckGo are two privately-focused search engines that guarantee not to track your activities. Their ability to assist you in avoiding the privacy-invading methods that are all too prevalent among big search engines is one of the key components…

Read more →

  Despite being one of the most popular password managers on the market, LastPass has suffered another major breach, putting the passwords of customers risk as well as their personal information.   It was established just over a year ago that…

Read more →

A new ransomware variant known as Mimic was found by security researchers, and it uses the Windows ‘Everything’ file search tool’s APIs to scan for files that should be encrypted. The virus has been “deleting shadow copies, terminating several apps…

Read more →

  In a statement last week, the US Department of Justice claimed to have made progress against the significant ransomware organisation known as Hive.  Since last July, the FBI has been infiltrating Hive’s computer networks, and its disruption of the…

Read more →

  The Internet Systems Consortium (ISC) has issued updates to address multiple security flaws in the Berkeley Internet Name Domain (BIND) 9 Domain Name System (DNS) software suite, which could result in a denial-of-service (DoS) condition.  According to its website,…

Read more →

  As a business owner, you should be aware that cyberattacks are inevitable and that breaches may occur at any time. It’s a motivating factor for companies to plan so that cyber resilience and business recovery become an integral part…

Read more →

  The reason why most cyberattacks succeed is that the attackers surprise their targets. Before you can even say, “Kevin Mitnick,” the world’s most famous hacker, you’re dealing with the fallout from an assault.  Knowing what hackers are aiming for,…

Read more →

Mandiant Managed Defense has reliably resolved GOOTLOADER infections since January 2021. When spreading GOOTLOADER, malicious actors cast a wide net, affecting a variety of industrial verticals and geographical areas. Gootkit Malware The Gootkit Trojan is Javascript-based malware that carries out…

Read more →

Trend Micro has recently revealed details of the new type of ransomware, apparently targeting the APIs ‘Everything’ search tool to attack English and Russian-speaking Windows users.  The malware was discovered by the security firm researchers in June 2022 and was…

Read more →

  Apple iPhones are known for their strength and security features. The Cupertino-based tech behemoth releases security updates for its devices on a regular basis. Although Apple recommends that people install the most recent builds of iOS on their iPhones…

Read more →

Riot Games reported last week that a social engineering attempt had infiltrated the systems in their software platform. Motherboard got the ransom note that was sent to Riot Games and reported that hackers demanded $10 million in exchange for keeping…

Read more →

The U.S. Department of Justice (DOJ) recently confirmed that the FBI has infiltrated the activities of a popular cyber-crime gang, covertly disrupting their hacking attacks for more than six months.  According to DOJ, FBI gained deep access to the Hive…

Read more →

  One of the most recent discoveries was the Aurora Stealer malware, which imitated popular applications in order to infect as many users as possible. Cyble researchers discovered that threat actors are actively changing and customizing their phishing websites in…

Read more →

  Last summer, several Federal Civilian Executive Branch (FCEB) agencies were breached across several states of the US through a clever hacking operation that employed two off-the-shelf remote monitoring and management systems (RMMs).  A joint advisory was released on Jan.…

Read more →

  Proof-of-concept (Poc) code has been made available for a high-severity security vulnerability in the Windows CryptoAPI that Microsoft was notified of by the U.S. National Security Agency (NSA) and the U.K. National Cyber Security Centre (NCSC) last year.  The…

Read more →

  Earlier this month, the Apache Software Foundation announced that its log4j Java-based logging utility (CVE-2021-44228) had been vulnerable to a remote code execution vulnerability (CVE-2021-4428). It was rated a critical severity vulnerability by MITRE and given a CVSS score…

Read more →

The Threat Response Unit (TRU) of eSentire has been monitoring one of the most effective and covert malware families, Golden Chickens, for the past 16 months. The malware of choice for FIN6 and Cobalt, two of the most established and…

Read more →

  A new Python-based malware has been discovered in the wild, with remote access trojan (RAT) capabilities that permit its operators to regulate the compromised systems. The new RAT, dubbed PY#RATION by researchers at threat analytics firm Securonix, communicates with…

Read more →

The World Economic Forum (WEF) in Devos, Switzerland has come up with its set of uplifting predictions for 2023. The latest report warns of a global catastrophic cyber event in the near future.  The WEF Annual Meeting includes government leaders,…

Read more →

  In an effort to commit cryptocurrency heists, North Korean hackers are exhibiting a “startup mentality,” according to a report released on Wednesday by cybersecurity company Proofpoint.  The Sunnyvale, California-based company claimed that in December, a group they call TA444,…

Read more →

The US Department of Justice (DOJ), along with eight other US states have filed a lawsuit against tech-giant Google. DOJ, on Tuesday, accused Google of abusing its dominance in the digital ad market.  It has threatened to dismantle a significant…

Read more →

GoTo, the parent company of LastPass, has disclosed that hackers recently broke into its systems and seized encrypted backups belonging to users. It claimed that in addition to LastPass user data, hackers managed to obtain data from its other enterprise…

Read more →

  There is only one way to find out if you can trust someone, and that is by trusting them, according to Ernest Hemingway, considering that most organizations follow zero trust policies, which were developed nearly two decades ago by…

Read more →

  Over the past ten years or so, the environment for cyber threats has undergone a significant transformation, which has accelerated in recent years. The term “cyberwar” didn’t even exist until 30 years ago, and it’s still somewhat debatable today. …

Read more →

Recent years have seen an alarming increase in the number of cyberattacks against critical infrastructure, many of which involved ransomware. Particularly in terms of cyber resilience, the industrial industry appears to be falling behind.  Statistics  Research by SecurityScorecard shows that…

Read more →

  A $100 million cryptocurrency heist was committed by the Lazarus Group last June, which has been blamed by the FBI for the crime. Known for stealing cryptocurrency to help support the military and weapons programs of the North Korean…

Read more →

  The number of incidents in the government and mass media segments will increase this year, according to Kaspersky research experts’ predictions for challenges in Security Operation Centers (SOCs) in 2023. SOCs in these and other industries, as well as…

Read more →

  Today’s AI is highly developed. Artificial intelligence combines disciplines that make an effort to essentially duplicate the capacity of the human brain to learn from experience and generate judgments based on that experience. Researchers utilize a variety of tactics…

Read more →

  As reported by the Identity Theft Resource Center, the first half of 2022 saw fewer compromises reported, owing in part to Russian-based cybercriminals being distracted by the war in Ukraine and volatility in cryptocurrency markets.  However, data compromises rose…

Read more →

  Your home Wi-Fi network may not be as secure as you believe. Internet crime costed Americans more than $6.9 billion in 2021. Personal data breaches were also significant, in addition to phishing and scams. Many personal data breaches could…

Read more →

  The Indian government has mandated the use of a standard USB Type C charging port for all mobile phones beginning in 2025, following the lead of a European Union regulation.  It’s not the first time that India has followed…

Read more →

Personal information of civilians who were on an outdated version of the US Government’s No Fly List and Terrorist Screening Database was found on an open server by a 23-year-old Swiss hacker. On January 12, Maia Arson Crimew, an influential…

Read more →

While more and more devices are adopting Linux as their operating system, the popularity of the software has nonetheless attracted cyber-criminals. According to recent reports, the number of malware aimed at the software increased dramatically in 2022.  As per the…

Read more →

  It seems that scammers never cease trying to con people. Keeping customers’ information private and secure is of the utmost importance to companies, so they use many ways to protect against a breach in their network.  Despite these digital…

Read more →

According to Los Angeles Unified School District (LAUSD), the second-largest school district in the U. S., the Vice Society ransomware group has stolen files containing private information, including Social Security Numbers, from contractors (SSNs). Additionally, LAUSD disclosed that the threat…

Read more →

  A security breach has been detected at FanDuel’s sportsbook and betting site, which exposed customers’ names, email addresses, and payment information. This occurred in January 2023, when MailChimp’s security was breached. A security advisory urges users to be wary…

Read more →

Since Apple came up with its ATT privacy framework in order to garner users’ control over their data, tech businesses are facing challenges over making tradeoffs to adapt to the new data restrictions, while still maintaining their growth objectives.  While…

Read more →

  A forensic extraction report outlined the contents of a suspect’s phone, specific tactical plans for upcoming police raids, and private police reports with descriptions of alleged crimes and suspects. These documents are part of a sizable data cache that…

Read more →

  Mousetrapping works in the identical way that a traditional mousetrap does: you unknowingly walk into a trap designed to keep you trapped for as long as possible. Operators who utilize mousetraps actively market their products or services. They may…

Read more →

Data security has become a priority for tax returns, credit cards, and other conventional targets of cyber criminals. Online thieves have recently been targeting employer retirement plans and the accounts in the plans.  Data security at retirement plans varies, and…

Read more →

  As per data from blockchain analysis firm Chainalysis, ransomware revenue for 2022 has dropped from $765.6 million to at least $456.8 million, representing a -40.3% year-over-year drop. The number of attacks is as high as it has ever been,…

Read more →

  Researchers from Avanan have seen the worldwide spread of a new threat known as ‘Blank Image,’ where hackers attach blank images to HTML messages. The user is instantly sent to a malicious URL once they open the attachment. Blank Image…

Read more →

  With its multi-talented AI chatbot, ChatGPT, the company now has another skill to add to its LinkedIn profile: it is capable of creating sophisticated “polymorphic” malware.  The chatbot from OpenAI has been reported as both skilled and resourceful when…

Read more →

  A number of businesses are utilising conversational AI technology to improve their product capabilities, including for security, despite some concerns about how generative AI chatbots like ChatGPT can be used maliciously — to create phishing campaigns or write malware. …

Read more →

  T-Mobile, a wireless provider in the United States, reported earlier this week that an unidentified malicious intruder broke into its network in late November and stole information on 37 million customers, including addresses, phone numbers, and dates of birth. …

Read more →

Researchers who recently disclosed and patched the zero-day vulnerability in Fortinet’s FortiOS SSL-VPN technology have identified a new backdoor, specifically created in order to run on Fortinet’s FortiGate firewalls.  Initial evidence collected by Google-owned security firm Mandiant suggests that the…

Read more →

  In December last year, hackers accessed the PayPal accounts of more than 1.6 million users of the online payment service. As a result, PayPal is now sending out data breach notifications to affected users.  A large number of customer…

Read more →

Malicious actors linked to the Roaming Mantis attack group were seen distributing an updated variation of their patented mobile malware called Wroba to compromise Wi-Fi routers and perform Domain Name System (DNS) theft. Kaspersky found that the threat actor behind…

Read more →

  Following high-profile blockchain hacks in the last year, many people have been left wondering: is the blockchain hackable? The short answer is that any system can be attacked. However, because blockchain is decentralized, hackers may find it more difficult…

Read more →

State-sponsored Activities  In the year 2022, we witnessed a number of state-sponsored cyber activities originating from different countries wherein the tactics employed by the threat actors varied. Apparently, this will continue into 2023, since government uses its cyber capabilities as…

Read more →

DoControl offers an integrated, automated, and risk-aware SaaS Security Platform that protects apps and data which are essential to corporate operations promotes operational efficiency and boosts productivity. Protecting data and business-critical SaaS apps through automated remediation is DoControl’s key strength.…

Read more →

  In a case that sounds like a script, US criminals stole more than $1 million by using hundreds of credit cards that were advertised for sale on the dark web. A portion of the details surrounding this complex criminal…

Read more →

  As per experts, a new phishing campaign has been discovered that impersonates logistics giant DHL in order to steal Microsoft 365 credentials from victims in the education industry. Cybersecurity researchers from Armorblox recently found a significant phishing campaign, with…

Read more →

  Several online pharmacies are selling abortion pills online and sharing their customers’ personal information, such as their search history and geolocation, with Google and other third parties. ProPublica has learned that by using this information, one can identify the…

Read more →

  A new report has revealed that the cost of data backup is rising due to the growing threat from cybercrime. This includes the requirement to guarantee the consistency and dependability of hybrid cloud data protection in order to counteract…

Read more →

HP Wolf Security’s cybersecurity researchers have issued a warning about various ongoing activities that aim to use typosquatting domains and malicious advertising to spread different types of malware to unwitting victims. Additionally, the scammers paid various ad networks to broadcast…

Read more →

  There has been a security threat affecting CircleCI, an American software development service, and the service has urged its users to rotate their secrets to avoid this kind of catastrophe.  Security Issue Alerts for CircleCI Users It has recently…

Read more →

North Korean state-owned threat actors Lazarus Group has stolen around 41,000 ETH or more than $60 million of Ethereum to the crypto exchanges Binance, Huobi and OKX. While Binance and Huobi both froze the funds, Binance declared that an asset…

Read more →

  The industry identified that basic fingerprinting could not maintain up with the rate of these developments, and the requirement to be everywhere, at all times, pushed the acceptance of AI technology to deal with the scale and complexity of…

Read more →

  Three months have passed since Elon Musk stormed into Twitter’s San Francisco headquarters, and the company has barely escaped the spotlight. We’ve talked a lot about his thoughts on the social network and some of his more controversial business…

Read more →

Threat actors are establishing fraudulent websites for popular free and open-source software in order to promote malicious downloads via advertisements present in the Google search result.  The info-stealing malware Rhadamanthys uses Google advertisements as a means of luring people into…

Read more →

Frankenstein ID, the use of fake identities by scammers, has become prevalent over the last 12 to 18 months, with US financial institutions (FIs) reporting losses of $20 billion in 2021 as compared to $6 billion in 2016. Synthetic Identity…

Read more →

  About 50 of the total orders that Sean Fothersgill, the proprietor of the model car retailer Pendle Slot Racing, receives each day come from outside the UK.  Those international orders have been sitting in a warehouse corner collecting dust…

Read more →

  A Norton LifeLock spokesperson has confirmed that malicious third parties are likely to have gained access to some customers’ accounts, possibly even gaining access to their password vaults.  The document describing affected customers’ rights as a result of a…

Read more →

In the tangible future, humans will be interfacing their flesh with chips. Therefore, perhaps we should not have been shocked when Microsoft’s researchers appeared to have hastened a desperate future.  It was interestingly innocent and so very scientific. The headline…

Read more →

  The software development process is becoming increasingly rapid. Devops teams are under additional pressure to get to market quickly, thanks in part to open-source software (OSS) packages. OSS has become so common that it is estimated to account for…

Read more →

Small businesses and organizations of various sizes worldwide rushed to upload patches and assess what had been compromised. Hacks expose the vulnerability of the 32 million small businesses, which are largely unable to afford to work with cybersecurity firms and…

Read more →