Tag: CySecurity News – Latest Information Security and Hacking Incidents

  It is no longer necessary for a person to commute to a physical location to find information about anything they are interested in.  Currently, Google can be trusted to provide the most relevant information about anything and everything. Google…

Read more →

  When our information falls into the wrong hands, it could cause a lot of harm, especially since con artists frequently prey on helpless victims. More evidence that widespread fraud and scams are on the rise comes from the recent…

Read more →

  When was the last time you used WiFi in a public setting? Nowadays, almost every coffee shop, library, airport, and hotel provides a way for you to use your phone or other mobile devices to access the internet. That…

Read more →

As the alarms start to go off globally about the spread of the covid virus in China, official authorities in Washington are now concerned about the threat the virus may pose in America. In regards to this, they have turned…

Read more →

  We all use password protection, which is an effective access control method. It is likely to continue to be a crucial component of cybersecurity for years to come. On the contrary hand, cybercriminals use a variety of techniques to…

Read more →

  As part of a lawsuit filed against the digital surveillance firm Voyager Labs, Meta claims that the company created 38,000 fake, unauthorized accounts to collect 600,000 Facebook users’ personal information.  A federal lawsuit filed by Microsoft has asked a…

Read more →

According to an Adastra survey, more than 77% of IT decision-makers in the U.S. and Canada estimate their organizations will likely experience a data breach over the next three years. Employees should be aware of data security practices since the…

Read more →

  A software company CircleCi has acknowledged that a data breach that occurred last month resulted in the theft of customers’ personal information.  After an engineer contracted data-stealing malware that made use of CircleCi’s 2FA-backed SSO session cookies to get…

Read more →

In the beginning of year 2023, CircleCI, a development-pipeline service provider cautioned online users of a security breach, advising companies to take immediate action on the issue by changing the passwords, SSH keys, and other secrets stored on or managed…

Read more →

  An old vulnerability in Intel drivers is being exploited by cybercriminals in an attempt to gain access to networks. This is in the form of a security flaw that enables them to get around cybersecurity measures and bypass security…

Read more →

  Customers of Norton LifeLock have been the victims of a credential-stuffing attack. In accordance with the company, cyberattackers utilised a third-party list of stolen username and password combinations to attempt to hack into Norton accounts and possibly password managers. …

Read more →

  Criminal organisations are now employing a new strategy to ensure ransomware payouts: they skip the step of encrypting target companies’ systems and instead go straight to demanding the ransom payment for the company’s valuable data. Malicious hackers are constantly…

Read more →

  A software company CircleCi has acknowledged that a data breach that occurred last month resulted in the theft of such customers’ personal information.  After an engineer contracted data-stealing malware that took use of CircleCi’s 2FA-backed SSO session cookies to…

Read more →

Several end-of-life (EoL) VPN routers are affected by a critical authentication bypass flaw that Cisco alerted customers. The issue has publicly available attack code. Hou Liuyang of Qihoo 360 Netlab discovered the security hole (CVE-2023-20025) in the internet management interface…

Read more →

  In a report from Hornetsecurity, the leading cybersecurity provider, it has been found that 33% of businesses do not provide cybersecurity awareness training to employees working remotely.  According to the study, nearly three-quarters (74%) of remote staff have access…

Read more →

  Mobile connectivity has come a long way since 1979 when NTT initiated the first generation of cellular networks in Tokyo. 2G and 3G quickly followed 1G. These were voice and text communication networks. The more recent 4G and 5G…

Read more →

  Critical national infrastructure (CNI) is under greater physical threat than ever. It is still unknown who was responsible for the attack that destroyed at least 50 metres of the Nord Stream 1 and 2 underground pipelines that once carried…

Read more →

Twitter has denied the claim of getting hacked and the stolen data being sold online.  According to a LinkedIn post last week by Alon Gal, co-founder of the Israeli cybersecurity monitoring company Hudson Rock, stolen data has been discovered, that…

Read more →

  The unlawful use of cryptocurrencies reached a new high of $20.1 billion last year, as transactions involving companies sanctioned by the United States skyrocketed, as per data from blockchain analytics firm Chainalysis released on Thursday. In 2022, the cryptocurrency…

Read more →

  We all have way too many passwords, and they probably are not nearly as secure as we believe. Passkeys are the next step in the evolution of passwords and aim to make passwords obsolete in favour of a more…

Read more →

Artificial intelligence and machine learning (AI/ML) systems have proven to be effective in improving the sophistication of phishing lures, creating fake profiles, and developing basic malware. Security experts have demonstrated that a complete attack chain may be established, and malicious…

Read more →

A new wave of advanced persistent threat (APT) attacks has been discovered, that is apparently launched by a threat group named Dark Pink.  The attack was launched between June and December 2022 and has been targeting countries in the Asia-Pacific,…

Read more →

  Several proposals are being considered by the government, including the introduction of a “digital pound,” according to the Treasury’s economic secretary.  According to Andrew Griffith, the UK intends to become a world leader in the cryptocurrency industry.  There was…

Read more →

  The Python package repository PyPI was discovered to be hosting malware and AWS keys. Tom Forbes, a software developer, created a Rust-based application that searched all new PyPI packages for AWS API keys. The tool returned 57 successful results,…

Read more →

  Despite WannaCry infecting thousands of PCs worldwide in 2017, ransomware has always remained one of the biggest threats to corporations worldwide. There is, however, new research that indicates that this persistent threat may be on the decline.   Privileged access…

Read more →

The Uptycs Threat research team has revealed a new malware campaign, targeting Italy with phishing attacks in order to deploy information-stealing malware on victims’ compromised Windows systems.  According to Uptycs security researcher Karthickkumar Kathiresan, the malware campaign is designed to…

Read more →

  Malicious hackers have uploaded a vast collection of private documents from the police department of a San Francisco Bay Area transit system to the internet, including specific claims of child abuse.  The Bay Area Rapid Transit (BART) Police Department…

Read more →

  As per experts, the website of consumer credit reporting giant Experian comprised a major privacy vulnerability that allowed hackers to obtain customer credit reports with just a little identity data and a small change to the address displayed in…

Read more →

Prototype Pollution Prototype pollution is a severe vulnerability class associated with prototype-based languages, the most popular among them being JavaScript.  However, a researcher has discovered Python-specific variants of prototype pollution, and other class-based programming languages may also be exposed to…

Read more →

  The software supply chain security company Phylum has discovered a malicious assault using the PoweRAT backdoor and an information thief that targets users of the Python Package Index (PyPI). The campaign was initially discovered on December 22, 2022, when…

Read more →

  Several major Toronto hospitals had their digital systems down on Monday, and they are investigating the cause, following which University Health Network issued a “code grey” to indicate a system failure.  Gillian Howard, a spokeswoman for UHN, said the…

Read more →

In the widely-used open-source project, JavaScript library JsonWebToken researchers from Palo Alto Networks unit 42 found a new high-severity vulnerability –  CVE-2022-23529.  Palo Alto Networks released a security advisory on Monday highlighting how the weakness could be used by an attacker to execute…

Read more →

  Traditional Domain Name System (DNS) traffic, such as user requests to visit specific websites, has been largely unencrypted throughout the history of the internet. This means that every party involved in the DNS value chain that your request goes…

Read more →

Email is the primary form of communication in both our personal and professional lives. Users might be surprised to hear that email was never intended to be secure due to our dependency on it. Email communication carries some risks, but…

Read more →

  The changes to Apple’s privacy policy last year were one of those events where the worried predictions turned out to be precisely the opposite of what happened – specifically, marketers will have a significant reduction in their ability to target…

Read more →

A Twitter API vulnerability that was detected in June 2021, and was later patched, has apparently been haunting the organization yet again.  In December 2022, a hacker claimed to have access to the personal data of 400 million Twitter users…

Read more →

  Your WiFi connection might go unnoticed by you. The world is in order as long as it is operational. But maintaining your privacy and keeping your data to yourself requires a secure WiFi network. And you might be unknowingly…

Read more →

  The StrongPity APT hacking group is disseminating a bogus Shagle chat app that is a trojanized version of the Telegram for Android app with a backdoor added. Shagle is a legitimate random video chat platform that allows strangers to…

Read more →

  Russian state-sponsored cyber threat actor Turla victimized a Ukrainian organization in a recent attack. The hackers leveraged legacy Andromeda malware that was executed by other hackers via an infected USB drive, Mandiant reports.  Turla is active since at least…

Read more →

Broward prosecutors are investigating whether the former Schools Superintendent, Robert Runcie, and two other administrators have infringed any law when they used highly guarded information about a district ransomware attack in a private business pitch.  While the district did not…

Read more →

What is LastPass Breach? On 22nd December 2022, online password management service LastPass revealed that threat actors can steal sensitive information from user accounts like billing, end-user names, email IDs, IP address info, and telephone numbers.  The leak also includes…

Read more →

  Several days ago, the commercially available off-the-shelf malware BitRat was observed with a newly discovered distribution method for how it was spread. Now, a new information theft malware called Vidar Stealer has been discovered. This malware uses advanced techniques…

Read more →

Chick-fil-A- is investigating concerns of suspicious transactions on its mobile app after multiple users claimed that hackers gained their personal data, including bank account details. Customers at Chick-fil-A, a well-known chicken restaurant business, may be the latest targets of hackers.…

Read more →

  Data breaches have been a worry ever since Elon Musk invested $44 billion in Twitter and fired a sizable portion of the workforce. Now it appears that a security incident from before Musk’s takeover is giving people trouble. This…

Read more →

  You are not alone if you dislike using passwords. Passwords are inconvenient, forgettable, and often not the best security solution for most of us. The best part is that passwords are likely to become obsolete. Passwords will be phased…

Read more →

Automakers struggling with vulnerabilities A range of automakers from Toyota to Acura is affected by vulnerabilities within their vehicles that can let hackers steal personally identifiable information (PII), lock owners out of their vehicles, and even control functions like starting…

Read more →

  Silvergate, the US bank that offers cryptocurrency services, has reported that its clients have withdrawn over $8 billion (£6.7 billion) of their cryptocurrency-linked deposits over the past several weeks.  In the final three months of 2022, roughly one-third of…

Read more →

Cybersecurity company, Bitdefender, has launched a new tool that would help victims of MegaCortex ransomware unlock their files, offering a sigh of relief to those whose files had been locked for years following the cyberattack.   MegaCortex Ransomware The MegaCortex ransomware…

Read more →

On Friday, a report from Israeli security company Check Point warned companies against the threat actors who have started using OpenAI’s artificially intelligent chatbot ChatGPT to quickly build hacking tools.  Hackers are also working to build other chatbots which will…

Read more →

  Security experts have discovered a new Linux malware downloader that uses cryptocurrency miners and DDoS IRC bots to attack Linux servers with weak security. After the downloader’s shell script compiler (SHC) was uploaded to VirusTotal, researchers from ASEC found…

Read more →

  The Federal Communications Commission of the United States intends to improve federal law enforcement and modernise breach notification needs for telecommunications firms so that customers are notified of security breaches as soon as possible. The FCC’s proposals (first made…

Read more →

Researchers suggest that a widespread cache of email addresses related to roughly 200 million users is probably a revised version of the larger cache with duplicate entries deleted from the end of 2022 when hackers are selling stolen data from…

Read more →

Cybernews researchers have discovered ChatGPT, a platform that provides hackers step-by-step instructions on hacking a website. An AI-based chatbot, ChatGPT was launched recently and has caught the attention of the online community.  The team at Cybernews has warned that AI…

Read more →

  The eSentire’s Threat Research Unit (TRU) confirmed in its recent research that the threat actors are exploiting Fortinet Virtual Private Network (VPN) devices that remain vulnerable to critical authentication bypass vulnerability.  The VPNs were being controlled by third-party providers;…

Read more →

Microsoft has recently revealed information on the four different ransomware families, i.e. KeRanger, FileCoder, MacRansom, and EvilQuest that are apparently impacting Apple macOS systems.  These ransomware families first spread through what the Windows makers refer to as “user-assisted methods,” in…

Read more →

  Bogus advertising: a tightrope walk  Since the early days of the Internet, rogue ads have been a particular plague on the Internet. As a user, you never quite know what’s waiting in the browser, such as an irritating pop-up…

Read more →

  The use of end-to-end encryption for email and other cloud services is expanding. This comes as no surprise given that email is one of the top two cyberattack vectors.  Mail servers made up 28% of all affected hardware, according…

Read more →

On January 5, WhatsApp revealed a new feature that enables users to connect via proxy servers so they may continue using the service even when the internet is restricted or disrupted by shutdowns. Concept of Whatsapp proxy  When selecting a…

Read more →

  A new partnership between satellite phone company Iridium and chip giant Qualcomm will bring satellite connectivity to premium Android smartphones later this year. It implies that handsets can communicate with passing satellites to send and receive messages even in…

Read more →

In October 2020, Christian Lödden’s potential clients sought to discuss just one thing, which carried on for a week. Every individual whom the German criminal defense lawyer has contacted had apparently been utilizing the encrypted phone network EncroChat. This information…

Read more →

What is the Flipper Zero campaign? Experts have found a new phishing campaign that targets cybersecurity professionals and hacking enthusiasts. The campaign steals cryptocurrency and the personal information of victims.  Flipper Zero is behind the attack, it’s a portable multi-tool…

Read more →

  According to Rackspace Technology, a cloud hosting company that provides managed cloud services, the massive December 2 attacks have caused the company to take action. As part of the attack, thousands of small and midsized businesses suffered disruption in…

Read more →

Every day we are witnessing ransomware attacks, and companies worldwide are investing millions to protect their network and systems from digital attacks, however, it is getting increasingly challenging to fight against cyber threats because cyber attackers do not only use…

Read more →

Microsoft has published a warning over the imminent end of support for Windows 8.1, which would not receive any updates or patches after January 10th, 2023. According to the research, over 100 million computers were still running Windows 7 as…

Read more →

  Training artificial intelligence (AI) and machine learning (ML) models to provide enterprises with hybrid cybersecurity at scale requires human intelligence and intuition. When human intelligence and intuition are combined with AI and ML models, subtleties in attack patterns that…

Read more →

  Following a breach of the company’s systems, CircleCI, whose development products are popular with software engineers, has advised customers to rotate their secrets. This is to prevent a repetition of this incident.  There are more than one million engineers…

Read more →

  2022 was a challenging year for cyberspace businesses. Companies faced ransomware, the continued effects of the SolarWinds and Log4j exploits, and rising cyber insurance premiums. Unfortunately, the consequences of malware have gotten worse year after year.  The costs of…

Read more →

On Wednesday, Train ticketing platform RailYatri released its statement in which it confirmed that the platform suffered a data breach in December 2022. The confirmation is coming after the Railway Ministry denied such an attack and also remarked that no…

Read more →

Healthy, clean data can prove to be a major competitive upper hand for businesses that spend resources and time on their data management planning. The industry today lives in the age of data, and the companies that use data smartly…

Read more →

Crowdsourced Security  Organizations of all sizes conventionally use penetration testing to secure their systems. Pen testing simulates a cyberattack with the goal of exposing security flaws, much like any real attack would. These vulnerabilities are patched up once they are…

Read more →

According to an analysis by cybersecurity company Dr. Web, WordPress-based websites are being targeted by an unidentified Linux malware variant. Recognized as LinuxBackDoor.WordPressExploit.1, while it can also operate on 64-bit Linux versions, the Trojan favors 32-bit versions. 30 vulnerabilities in…

Read more →

  In cybersecurity, artificial intelligence is becoming more and more significant, both for good and bad. The most recent AI-based tools can help organizations better identify threats and safeguard their systems and data resources. However, hackers can also employ the…

Read more →

  Since at least October 2022, financial institutions have been targeted by a new version of Android malware called SpyNote, which combines spyware and banking trojan characteristics.  “The reason behind this increase is that the developer of the spyware, who…

Read more →

  Criminals make billions of dollars via digital tricks including romance scams and business email hacks. And they always begin with a small amount of “social engineering” to deceive a victim into taking an unfavourable action, like transferring money into…

Read more →

  The typical approach to detection used by organizations is to employ a variety of methods, such as antivirus software, sandbox engines, extensive data analysis, and anomaly detection, among others. This depends on the organization. Through monitoring and spotting, these…

Read more →

  Data security is becoming costlier for organizations worldwide and the threats of cyber attacks added pressure on organizations from customers to protect their sensitive information. As a result, several organizations have already invested in new processes to safeguard their…

Read more →

  California’s unique consumer privacy law was strengthened on January 1 as a result of a ballot initiative that 2020 voters endorsed. A new privacy law that puts new requirements on companies to make sure that employees have more authority…

Read more →

Suppose you are part of an organization that has any form of an online presence. In that case, you will ultimately have to take initiative to look after the security of the systems, devices, and data. And if driven criminals,…

Read more →

AI in threat detection In the current complicated cybersecurity scenario, threat detection is just a needle in the haystack.  We have seen malicious actors exploiting everything they can get their hands on, from AI tools, to open-source code to multi-factor…

Read more →

  The Abu Dhabi Judicial Department (ADJD) held an awareness-raising lecture on “Cybercrime and its Dangers to Society” in conjunction with “Majalis” Abu Dhabi at the Citizens and Community Affairs Office of the Presidential Court as part of its initiatives…

Read more →

Recently a study has been done on password reuse threats and it was discovered that password reuse is a big security threat to companies worldwide since 64% of people continue to use passwords that have been exposed in a breach. …

Read more →

The CentraState Medical Center’s cybersecurity issue has caused the hospital to divert ambulances and the majority of new patients to other institutions.  The Medical Center’s spokesperson, Lori Palmer says that the hospital’s critical care has not been affected and they…

Read more →

What is the “Year of Mass Exploits?’ Experts at GreyNoise Intelligence have added more than 230 tags since January 1, 2022. It includes detections for more than 160 CVEs. In its annual report titled GreyNoise Intelligence 2022 “Year of Mass…

Read more →

  Since performing national security-related business through personal devices and email accounts, members of the UK government have run the risk of operating in “wild west” conditions, according to intelligence analysts and former government officials. Unsettlingly, it has been reported…

Read more →

  Chinese students studying in the UK have been one of the most common targets of scammers. RedZei (aka RedThief) Group, a Chinese-speaking scammer group that operates online and is becoming more common these days, bypasses all the precautions that…

Read more →

The BlackCat ransomware group is experimenting with a new method of threatening victims into paying extortion building a fake website on the open internet that displays the personal information that was stolen from the victim.  ALPHV, commonly known as BlackCat ransomware, is…

Read more →

  Do you become frustrated when you can’t find the desired app on the official Google Play Store or App Store as a frequent smartphone user? For instance, if you wanted to check out TikTok while you were in India,…

Read more →

  It has been revealed by TRM Labs that a record $3.7 billion worth of crypto funds have been stolen the past year. Of this, 80% have been traced back to attacks against DeFi, as per the research report published…

Read more →

  Volvo revealed in a press release that some of its research and development assets were the target of a cyberattack. The ransomware organization Snatch reportedly released pictures of stolen Volvo papers into the darknet on November 30, according to…

Read more →

  A brand new malware campaign has been discovered which is using important data stolen from a Colombian bank as a lure in phishing emails to drop a remote access trojan called BitRAT.  As of now, it is being reported…

Read more →

Recently, WordPress websites are being attacked by a previously unidentified Linux malware strain that compromises vulnerable systems by taking advantage of vulnerabilities in over twenty plugins and themes.  In the attacks, a list of 19 different plugins and themes with…

Read more →

  Due to the increase in cybercrime, many businesses are infected by viruses and malware that are distributed to them by vendors and business partners.  There has not been a definite plan of action that addresses this as of yet.…

Read more →

CISOs can ensure BYOD and remote work without raising safety costs Remote and hybrid work models are the common trend in the current industry. The sudden shift to this new model of working also has some threats and security risks…

Read more →

  Cybercriminals create more complicated and diverse methods of obtaining sensitive data as we become more dependent on technology and entrust it with more of our personal information. There are many different types of harmful malware, including Trojan Horses. But…

Read more →

  There’s a new way to keep your Gmail safe from prying eyes, and experts say it’s well worth using. Google announced the addition of end-to-end encryption (E2EE) to Gmail on the web, which will allow enrolled Google Workspace users…

Read more →

POS malware- Your business might be at risk If you are a business owner that uses a POS system for receiving payments, you should be cautious about the dangers of point-of-sale malware and various threats associated with it.  Malware is…

Read more →

  Cryptocurrency trading platform 3Commas reported that they suffered a data breach in which API data were stolen. Following the incident, an FBI investigation has been called in.  However, the investigation comes after weeks of criticism from users of the…

Read more →

  Increasingly, organizations and business units are migrating mission-critical data and systems to the cloud.  Migration to and between all kinds of cloud services is indeed associated with security challenges; however, migration between public cloud services is the most challenging…

Read more →

  The latest report from Cyble Research and Intelligence Labs (CRIL) revealed that scammers are targeting Indian residents who submit complaints on social media accounts belonging to various local firms. Fraudsters keep an eye out on Twitter and other social…

Read more →

In a recent case of a Twitter data breach, the hacker named “Ryushi” demanded a ransom worth $200,000 to hand over the stolen data of 400 million users.  In regard to this, a probe has been launched by Ireland’s watchdog.…

Read more →