As part of its commitment to protecting users’ privacy, Google has announced that by the end of 2025, all Google Cloud accounts will have to implement multi-factor authentication (MFA), also called two-step verification. Considering the sensitive nature of cloud…
Tag: CySecurity News – Latest Information Security and Hacking Incidents
Fake Invoices Spread Through DocuSign’s API in New Scam
Cyber thieves are making use of DocuSign’s Envelopes API to send fake invoices in good faith, complete with names that are giveaways of well-known brands such as Norton and PayPal. Because these messages are sent from a verified domain…
FBI Cautioned Gmail Users Regarding Cookie Theft
The FBI has warned users of popular email providers such as Gmail, Outlook, Yahoo, and AOL regarding a surge in online criminal activity that compromises email accounts, including those secured by multifactor authentication (MFA). Online criminals lure people into…
Cisco Fixes Critical CVE-2024-20418 Vulnerability in Industrial Wireless Access Points
Cisco recently disclosed a critical security vulnerability, tracked as CVE-2024-20418, that affects specific Ultra-Reliable Wireless Backhaul (URWB) access points used in industrial settings. These URWB access points are essential for maintaining robust wireless networks in environments like manufacturing plants,…
How OpenAI’s New AI Agents Are Shaping the Future of Coding
OpenAI is taking the challenge of bringing into existence the very first powerful AI agents designed specifically to revolutionise the future of software development. It became so advanced that it could interpret in plain language instructions and generate complex…
Big Tech’s Data-Driven AI: Transparency, Consent, and Your Privacy
In the evolving world of AI, data transparency and user privacy are gaining significant attention as companies rely on massive amounts of information to fuel their AI models. While Big Tech giants need enormous datasets to train their AI systems,…
Check Point Uncover Pakistan-Linked APT36’s New Malware Targeting Indian Systems
Pakistan’s APT36 threat outfit has been deploying a new and upgraded version of its core ElizaRAT custom implant in what looks to be an increasing number of successful assaults on Indian government agencies, military entities, and diplomatic missions over…
Why Small Businesses Are Major Targets for Cyberattacks and How to Defend Against Them
Recent research by NordPass and NordStellar, backed by NordVPN, has shed light on small private businesses being prime targets for cybercriminals. After analyzing around 2,000 global data breaches over two years, they found that retail and technology sectors, particularly…
Operation Synergia II: A Global Effort to Dismantle Cybercrime Networks
In an unprecedented move, Operation Synergia II has significantly strengthened global cybersecurity efforts. Led by INTERPOL, this extensive operation focused on dismantling malicious networks and thwarting cyber threats across 95 countries. Spanning from April to August 2024, the initiative marks…
UIUC Researchers Expose Security Risks in OpenAI’s Voice-Enabled ChatGPT-4o API, Revealing Potential for Financial Scams
Researchers recently revealed that OpenAI’s ChatGPT-4o voice API could be exploited by cybercriminals for financial scams, showing some success despite moderate limitations. This discovery has raised concerns about the misuse potential of this advanced language model. ChatGPT-4o, OpenAI’s latest…
Columbus Data Breach Affects 500,000 in Recent Cyberattack
In July, a ransomware attack on Columbus, Ohio, compromised the personal information of an estimated 500,000 residents, marking one of the largest cyber incidents to affect a city in the United States in recent years. There has been great…
Digital Arrest: How Even The Educated Become Victims
One of the most alarming trends in recent times is the surge in digital arrest scams, particularly in India. These scams involve cybercriminals impersonating law enforcement officials to extort money from unsuspecting victims. Cybersecurity threats are rapidly escalating in India,…
JPCERT Explains How to Identify Ransomware Attacks from Windows Event Logs
Japan Computer Emergency Response Team (JPCERT/CC) has published guidance on early identification of ransomware attacks in the system using Windows Event Logs. Probably by reviewing these logs, firms would identify some signs or clues of an existing ransomware attack…
UK Watchdog Urges Data Privacy Overhaul as Smart Devices Collect “Excessive” User Data
A new study by consumer group Which? has revealed that popular smart devices are gathering excessive amounts of personal data from users, often beyond what’s required for functionality. The study examined smart TVs, air fryers, speakers, and wearables, rating…
The Growing Concern Regarding Privacy in Connected Cars
Data collection and use raise serious privacy concerns, even though they can improve driving safety, efficiency, and the whole experience. The automotive industry’s ability to collect, analyse, and exchange such data outpaces the legislative frameworks intended to protect individuals.…
NCSC Unveils “Pigmy Goat” Malware Targeting Sophos Firewalls in Advanced Chinese Cyberattack
The National Cyber Security Centre (NCSC) recently disclosed the presence of a Linux malware, “Pigmy Goat,” specifically designed to breach Sophos XG firewall devices. This malware, allegedly developed by Chinese cyber actors, represents a significant evolution in network infiltration…
Gmail Under Attack: Secure a Backup Account
Having access to a Gmail account in the present world is rather dangerous because hackers create new ways of penetrating the account, even if it at times employs a 2FA security feature. While methods like passkey sign-ins and secure…
Researchers Develop Blockchain-Based Federated Learning Model to Boost IoT Security
In a groundbreaking development for Internet of Things (IoT) security, a team of researchers led by Wei Wang has introduced a novel distributed federated intrusion detection system. The study, published in Frontiers of Computer Science and co-published by Higher…
Crypto Bull Market Targeted: The Lottie-Player Security Breach
In an alarming development for the tech community, especially for those immersed in the Web3 ecosystem, a supply chain attack has targeted the popular animation library, Lottie-Player. If users fall for this prompt, it could enable attackers to drain cryptocurrency…
Facebook, Nvidia Push SCOTUS to Limit Investor Lawsuits
The US Supreme Court is set to take two landmark cases over Facebook and Nvidia that may rewrite the way investors sue the tech sector after scandals. Two firms urge the Court to narrow legal options available for investment…
New Flaws in Fortinet, SonicWall, and Grafana Pose Significant Threats
Cyble Research and Intelligence Labs (CRIL) has discovered new IT vulnerabilities that affect Fortinet, SonicWall, Grafana Labs, and CyberPanel, among others. The report for the week of October 23-29 identifies seven security flaws that require immediate attention from security…
How to Protect Yourself Against Phishing Extortion Scams Involving Personal Data
Imagine receiving an email with a photo of your house, address, and a threatening message that seems ripped from a horror movie. Unfortunately, this is the reality of modern phishing scams, where attackers use personal information to intimidate victims…
LightSpy Update Expands Surveillance on iOS Devices
It has been discovered that a newer version of LightSpy spyware, commonly used to target iOS devices, has been enhanced with the capability to compromise the security and stability of the device. LightSpy for macOS was first discovered by…
Scammers Impersonate Thunder Bay RCMP in New Phone Spoofing Scheme
Phone number of the RCMP used in scams across Thunder Bay. The local Royal Canadian Mounted Police detachment is warning residents of Thunder Bay about a phone scam. Scammers are spoofing the official RCMP number, 807-623-2791, which will have…
Rising Bank Fraud: Steps You Can Take to Safeguard Your Money
Bank fraud is becoming an increasingly serious issue, with cybercriminals devising new tactics to access people’s bank accounts. In 2023, global losses from bank fraud reached nearly $500 billion, according to the 2024 NASDAQ Global Financial Crimes Report. As…
Tech Expert Warns AI Could Surpass Humans in Cyber Attacks by 2030
Jacob Steinhardt, an assistant professor at the University of California, Berkeley, shared insights at a recent event in Toronto, Canada, hosted by the Global Risk Institute. During his keynote, Steinhardt, an expert in electrical engineering, computer science, and statistics,…
Advanced Persistent Teenagers: A Rising Security Threat
If you ask some of the field’s top cybersecurity executives what their biggest concerns are, you might not expect bored teenagers to come up. However, in recent years, this totally new generation of money-motivated hackers has carried out some…
Balancing Act: Russia’s New Data Decree and the Privacy Dilemma
Data Privacy and State Access Russia’s Ministry of Digital Development, Communications, and Mass Media has introduced a draft decree specifying the conditions under which authorities can access staff and customer data from businesses operating in Russia, according to Forbes. The…
Securing Generative AI: Tackling Unique Risks and Challenges
Generative AI has introduced a new wave of technological innovation, but it also brings a set of unique challenges and risks. According to Phil Venables, Chief Information Security Officer of Google Cloud, addressing these risks requires expanding traditional cybersecurity…
Bitdefender’s Perspective on Weaponized AI and Its Impact on Cybersecurity
Taking cybersecurity seriously is one of the biggest things users can do to protect their company from cyberattacks. While discussing with Bogdan “Bob” Botezatu, Director of Threat Research at Bitdefender, to get a deeper understanding of what is happening…
Cambodia-Based Cybercriminals Exploit Digital Arrest Scam on Indian Victims
Human traffickers, according to a report by India Today, are luring Indian citizens to Cambodia, offering them job opportunities, and then coercing them into committing thousands of dollars worth of online financial fraud and cyber crimes. A growing number…
Meta Struggles to Curb Misleading Ads on Hacked Facebook Pages
Meta, the parent company of Facebook, has come under fire for its failure to adequately prevent misleading political ads from being run on hacked Facebook pages. A recent investigation by ProPublica and the Tow Center for Digital Journalism uncovered…
Behind the Search Bar: How Google Algorithm Shapes Our Perspectives
Search engines like Google have become the gateway to information. We rely on them for everything from trivial facts to critical news updates. However, what if these seemingly neutral tools were subtly shaping the way we perceive the world? According…
Microsoft Warns of Russian Spear-Phishing Campaign Targeting Multiple Organizations
Microsoft Threat Intelligence has discovered a new attack campaign by Russian hacker group Midnight Blizzard, targeted at thousands of users from over 100 organisations. The attack uses spear-phishing emails that contain RDP configuration files, allowing perpetrators to connect to…
Cybersecurity and AI Challenges: How Companies Must Evolve to Stay Secure and Competitive
Cybersecurity remains a big concern, with a recent study from DataDome showing that 91% of websites are at risk from bot attacks. The study looked at over 14,000 sites in industries like healthcare, luxury goods, and e-commerce, revealing that…
Redline And Meta Infostealers Targeted in Operation Magnus
The Dutch National Police claimed on Monday that they had secured “full access” to all servers employed by the Redline and Meta infostealers, two of the most common cybercrime tools on the internet. Infostealer malware is a major cybersecurity…
Strava’s Privacy Flaws: Exposing Sensitive Locations of Leaders and Users Alike
Strava, a popular app for runners and cyclists, is once again in the spotlight due to privacy concerns. Known for its extensive mapping tools, Strava’s heatmap feature can inadvertently expose sensitive locations, as recently highlighted by a report from…
Cybersecurity Beyond Phishing: Six Underrated Threats
Cybercriminals are continually developing new methods to exploit vulnerabilities, and even the most tech-savvy individuals and organizations can find themselves at risk. While some cyberattacks like phishing and malware are well-known, several lesser-known but equally dangerous threats require attention. This…
FBI Warns of Cybercriminals Stealing Cookies to Bypass Security
Cybercriminals are now targeting cookies, specifically the “remember-me” type, to gain unauthorized access to email accounts. These small files store login information for ease of access, helping users bypass multi-factor authentication (MFA). However, when a hacker obtains these cookies,…
Windows Recall Release Pushed Back, Microsoft Sets December Date
Once again, Microsoft has delayed the rollout of its controversial Recall feature for Copilot Plus PCs, which had been planned for December. It had been planned that the software giant would begin testing Recall with Windows Insiders in October,…
Critical Security Vulnerability Found in LiteSpeed Cache Plugin: Urgent Update Advised for WordPress Users
A significant security flaw has been uncovered in the LiteSpeed Cache plugin, used by over 6 million WordPress sites, which could allow unauthorized visitors to gain administrator-level access. The vulnerability stems from a weakness in the plugin’s role simulation…
Chenlun’s New Phishing Schemes Target Big-Name Brands
A new phishing campaign unveiled by researchers from DomainTools is a phishing campaign on the go, deceiving users via fake text messages. The messages masquerade as trusted brands like Amazon to get the targets to give away sensitive data.…
Hacking Contest: How QNAP Overcame Critical Zero-Day Flaws
One recent event that highlights the relentless pace of this digital arms race is QNAP’s swift action to patch a second zero-day vulnerability. QNAP has addressed a second zero-day vulnerability that was exploited by security researchers during the recent Pwn2Own hacking…
Malvertising Campaign Hijacks Facebook Accounts to Propagate SYS01stealer
A new malvertising effort is using Meta’s advertising network to disseminate the SYS01 infostealer, a cybersecurity issue known to Meta and specifically Facebook users for collecting personal information. What distinguishes this attack is that it targets millions of people…
Business Email Compromise Soars in Q3 2024 as Cybercriminals Refine Tactics: VIPRE Report
Global cybersecurity provider VIPRE Security Group has published its Q3 2024 Email Threat Trends Report, revealing an alarming rise in business email compromise (BEC) and highlighting the evolving techniques cyber criminals are using to deceive employees and breach corporate…
ARPANET to Internet The First Connection That Changed the World
There have been sixty-four years since two men sent the first packet-switched data across a telephone line, and this was the birth of the Internet. To exchange information with each other, Charley Kline and Bill Duvall came up with the…
CrossBarking Exploit in Opera Browser Exposes Users to Extensive Risks
A new browser vulnerability called CrossBarking has been identified, affecting Opera users through “private” APIs that were meant only for select trusted sites. Browser APIs bridge websites with functionalities like storage, performance, and geolocation to enhance user experience. Most…
How Incogni Helps Protect Your Digital Privacy and Reduces Spam
Managing unwanted spam messages, calls, and emails has become a necessary part of online life today. Beyond annoyance, these can lead to identity theft, financial fraud, and other issues. Much of this activity is driven by advertisers and marketing…
India Cracks Down on Cybercrime with Warning Against Illegal Payment Gateways
In a sweeping move to combat organized cybercrime, India’s Ministry of Home Affairs (MHA), through the Indian Cybercrime Coordination Center (I4C), has issued a stark warning about illegal payment gateways reportedly run by transnational cyber criminals. These illicit gateways—PeacePay,…
Meta Infostealer Malware Network Taken Down by Authorities
In the course of Operation Magnus, the FBI has partnered with various international law enforcement agencies to seize the servers, software, and source code of the RedLine and Meta thieves as part of an investigation into these two cyber-crime…
New Tool Circumvents Google Chrome’s New Cookie Encryption System
A researcher has developed a tool that bypasses Google’s new App-Bound encryption cookie-theft defences and extracts saved passwords from the Chrome browser. Alexander Hagenah, a cybersecurity researcher, published the tool, ‘Chrome-App-Bound-Encryption-Decryption,’ after noticing that others had previously identified equivalent…
Why Ignoring Data Breaches Can Be Costly
Data breaches are now more rampant than ever, exposing passwords and payment details to hackers. You could be getting breach alerts that pop up every so often, warning you that your data has been exposed. It’s a wake-up call on…
Evasive Panda Unfurls Cloud Services Under Siege
Using stolen Web session cookies, Evasive Panda, a China-sponsored hacking team, has unveiled CloudScout, a sleek and professional toolset created to recover data from compromised cloud services. ESET researchers have discovered CloudScout through an investigation into a couple of…
India Faces Rising Ransomware Threat Amid Digital Growth
India, with rapid digital growth and reliance on technology, is in the hit list of cybercriminals. As one of the world’s biggest economies, the country poses a distinct digital threat that cyber-crooks might exploit due to security holes in…
Scammers Use Fake Centrelink Promises to Target Australians Online
Australians have been cautioned about a recent wave of scam websites falsely advertising significant Centrelink payments. These sites promise financial boosts, sometimes hundreds or thousands of dollars, to low-income residents and seniors, exploiting people facing financial challenges. Fraudsters create…
Unofficial Patches Published for New Windows Themes Zero-Day Exploit
Free unofficial fixes are now available for a new zero-day flaw in Windows Themes that allows hackers to remotely harvest a target’s NTLM credentials. NTLM has been extensively exploited in NTLM relay attacks, in which threat actors force susceptible…
Zero-Trust Log Intelligence: Safeguarding Data with Secure Access
Over the years, zero trust has become a popular model adopted by organisations due to a growing need to ensure confidential information is kept safe, an aspect that organisations view as paramount in cybersecurity. Zero-trust is a vital security…
Avoiding Social Media Scams When Recovering a Locked Gmail Account
Losing access to your Gmail account can be a frightening experience, especially given that Gmail is deeply integrated into the online lives of more than 2.5 billion users globally. Unfortunately, the popularity of Gmail has also attracted scammers who…
When and Why to Consider a Data Removal Service
With the risk of data misuse and breaches increasing daily, individuals will be driven to seek reliable methods for securing their online privacy in 2024 to manage these risks. A growing number of privacy solutions are available online now,…
Webflow Sites Employed to Trick Users Into Sharing Login Details
Security experts have warned of an upsurge in phishing pages built with Webflow, a website builder tool, as attackers continue to use legitimate services such as Microsoft Sway and Cloudflare. The malicious campaign targets login credentials for multiple corporate…
Amazon Identified Internet domains Exploited by Russian APT29
The leading advanced persistent threat group in Russia has been phishing thousands of targets in businesses, government agencies, and military institutions. APT29 (also known as Midnight Blizzard, Nobelium, and Cozy Bear) is one of the world’s most prominent threat…
Prometei Botnet: The Persistent Threat Targeting Global Systems
The Prometei botnet, active since at least 2016, continues to pose a persistent threat worldwide by exploiting unpatched software vulnerabilities. First identified in 2020, Prometei has since infected over 10,000 systems across diverse regions, including Brazil, Indonesia, Turkey, and…
India’s New SMS Traceability Rules to Combat Fraud Begin November 1, 2024
Beginning November 1, 2024, Indian telecom providers Airtel, Jio, and Vi will follow a new set of SMS traceability and monitoring guidelines mandated by the Telecom Regulatory Authority of India (TRAI). Aimed at combating cybercrime, these measures seek to…
The Evolution of Phishing Emails: From Simple Scams to Sophisticated Cyber Threats
Phishing emails have undergone significant changes over the past few decades. Once simple and easy to detect, these scams have now evolved into a sophisticated cyber threat, targeting even the most tech-savvy individuals and organizations. Understanding the development of…
NEW Qilin Ransomware Variant Emerges with Improved Evasion Techniques
A much more potent version of the Qilin ransomware has been found, according to cybersecurity experts, showing a new and revamped kind that is ready to attack core systems using advanced encryption along with improved stealth techniques. A Rebranding…
Embargo Ransomware Uses Custom Rust-Based Tools for Advanced Defense Evasion
Researchers at ESET claim that Embargo ransomware is using custom Rust-based tools to overcome cybersecurity defences built by vendors such as Microsoft and IBM. An instance of this new toolkit was observed during a ransomware incident targeting US companies…
UnitedHealth Claims Data of 100 Million Siphoned in Change Healthcare Breach
UnitedHealth has acknowledged for the first time that over 100 million people’s personal details and healthcare data were stolen during the Change Healthcare ransomware assault, making it the largest healthcare data breach in recent years. During a congressional hearing…
Energy Sector Faces Heightened Supply Chain Risks Amid Growing Dependence on IT and Software Vendors
The energy industry is experiencing a sharp increase in supply chain risks, largely driven by its growing reliance on external vendors. According to a recent report, two-thirds of security breaches in this sector now originate from software and IT…
UnitedHealth Confirms 100M Affected in Record-Breaking Change Healthcare Hack
Several hundred million people’s personal information was compromised in a hack of UnitedHealth’s (UNH.N) tech unit Change in February, according to data published by the U.S. health department on its website. That makes it the largest healthcare data breach…
Microsoft: Healthcare Sector Sees 300% Surge in Ransomware Assaults
A Microsoft investigation published earlier this week revealed that ransomware attacks on the healthcare sector are rising and threatening lives. The report, which uses both internal corporate data and external data, shows a 300% spike in ransomware attacks on…
Think You’re Safe? Cyberattackers Are Exploiting Flaws in Record Time
There has been unprecedented exploitation by attackers of vulnerabilities in the software, Mandiant announced. According to the newly released report of the Mandiant cybersecurity firm, after an analysis of 138 exploits published in 2023, on average, in five days…
Massive Data Breach in Mexican Health Care Sector Exposes 5.3 Million Users’ Data
In a significant data breach, Cybernews researchers discovered a 500GB unprotected database from a Mexican health care company on August 26, 2024, exposing sensitive details of approximately 5.3 million people. Information in the leak included names, CURP identification numbers,…
Security Defenses Crippled by Embargo Ransomware
There is a new gang known as Embargo ransomware that specializes in ransomware-as-a-service (RaaS). According to a study by ESET researchers published Wednesday, the Embargo ransomware group is a relatively young and undeveloped ransomware gang. It uses a custom…
CISA Proposes New Security Measures to Protect U.S. Personal and Government Data
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has proposed a series of stringent security requirements to safeguard American personal data and sensitive government information from potential adversarial states. The initiative aims to prevent foreign entities from exploiting data…
Lazarus Group Exploits Chrome Zero-Day Flaw Via Fake NFT Game
The notorious North Korean hacking outfit dubbed Lazarus has launched a sophisticated attack campaign targeting cryptocurrency investors. This campaign, discovered by Kaspersky researchers, consists of a multi-layered assault chain that includes social engineering, a fake game website, and a…
Microsoft and Salesforce Clash Over AI Autonomy as Competition Intensifies
The generative AI landscape is witnessing fierce competition, with tech giants Microsoft and Salesforce clashing over the best approach to AI-powered business tools. Microsoft, a significant player in AI due to its collaboration with OpenAI, recently unveiled “Copilot Studio”…
WhatsApp Moves Toward Usernames, Phasing Out Phone Numbers
WhatsApp has announced enhancements to its contact management features, allowing users to add and manage contacts from any device. Previously, contact management was limited to mobile devices, requiring users to input phone numbers or scan QR codes. The update…
Data Breach Exposes 93,000 Transak Users Due to Employee’s Device Misuse
Transak is an operation that enables users to buy cryptocurrencies using the Metamask, Binance, and Trust Wallet platforms. The company has just announced a data breach that exposed the names and identity documents of approximately 93,000 users. According to…
The Growing Role of AI in Ethical Hacking: Insights from Bugcrowd’s 2024 Report
Bugcrowd’s annual “Inside the Mind of a Hacker” report for 2024 reveals new trends shaping the ethical hacking landscape, with an emphasis on AI’s role in transforming hacking tactics. Compiled from feedback from over 1,300 ethical hackers, the report explores…
AI-Driven Deepfake Scams Cost Americans Billions in Losses
As artificial intelligence (AI) technology advances, cybercriminals are now capable of creating sophisticated “deepfake” scams, which result in significant financial losses for the companies that are targeted. On a video call with her chief financial officer, in which other…
Security Risks Discovered in Popular End-to-End Encrypted Cloud Storage Platforms
Recent cryptographic analysis by researchers at ETH Zurich has uncovered significant security vulnerabilities in five major end-to-end encrypted (E2EE) cloud storage platforms: Sync, pCloud, Icedrive, Seafile, and Tresorit. These platforms are collectively used by over 22 million people and…
Lounge Scam at Bengaluru Airport Costs Woman ₹ 87,000
Bhargavi Mani, 28, had her life turned upside down when she fell victim to a sophisticated scam that took place at Kempegowda International Airport in Bengaluru. While trying to gain access to the airport lounge before her flight, Bhargavi…
Infostealer-Injecting Plugins infect Thousands of WordPress Sites
Hackers are using WordPress sites to install malicious plugins that propagate malware that steals information by displaying fake updates and errors. Infostealing malware has become a global nuisance for security defenders in recent years, as compromised credentials are used…
How Ignoring These Wi-Fi Settings Can Leave You Vulnerable to Hackers
In today’s plugged-in world, most of us rely on the Internet for nearly everything from shopping and banking to communicating with family members. Whereas increasing reliance on the internet has exposed opportunities for doing just about anything remotely, it…
Critical Flaw in Open Policy Agent Exposed NTLM Credentials, Patch Released
A now-resolved security vulnerability in Styra’s Open Policy Agent (OPA) could have exposed New Technology LAN Manager (NTLM) hashes, potentially leading to credential leakage. If exploited, the flaw allowed attackers to capture the NTLM credentials of the OPA server’s…
WeChat’s Updated Encryption System Prone to Threats for its Users
More than a billion people send messages over WeChat and as per a new study recently, it discovered some security flaws in terms of the encryption system. While some applications use end-to-end encryption to prevent secret conversations from being…
The Impact of Google’s Manifest V3 on Chrome Extensions
Google’s Manifest V3 rules have generated a lot of discussion, primarily because users fear it will make ad blockers, such as Ublock Origin, obsolete. This concern stems from the fact that Ublock Origin is heavily used and has been…
Old Redbox Kiosks Hacked to Expose Customers’ Private Details
DVD Rental Service Redbox may be a thing of the past, but the data privacy issues it created for users may persist for some time. Redbox allows users to rent DVDs from its 24,000 autonomous kiosks throughout the United…
The Impact of Google’s Manifest V3 on Chrome Extensions
Google’s Manifest V3 rules have generated a lot of discussion, primarily because users fear it will make ad blockers, such as Ublock Origin, obsolete. This concern stems from the fact that Ublock Origin is heavily used and has been…
Old Redbox Kiosks Hacked to Expose Customers’ Private Details
DVD Rental Service Redbox may be a thing of the past, but the data privacy issues it created for users may persist for some time. Redbox allows users to rent DVDs from its 24,000 autonomous kiosks throughout the United…
Western Digital Fined Over $310 Million for Patent Infringement
In a landmark case, data storage major Western Digital has been asked to pay the highest fine of $315.7 million for violating patents associated with data encryption technology. SPEX Technologies owns these patents, having acquired them from Spyrus that…
AI Data Breach Reveals Trust Issues with Personal Information
Insight AI technology is being explored by businesses as a tool for balancing the benefits it brings with the risks that are associated. Amidst this backdrop, NetSkope Threat Labs has recently released the latest edition of its Cloud and…
Nidec Corporation Ransomware Attack: Data Leak on Dark Web
In a recent disclosure, Nidec Corporation, a global leader in precision motors and automotive components, confirmed a significant data breach from a ransomware attack that occurred earlier this year. Hackers, after failing to extort the company, leaked stolen data…
Security Experts Downplay the Significance of the Chinese Quantum “Hack”
Security experts have recommended caution following a series of doom-laden reports in recent days claiming that Chinese researchers have cracked military-grade encryption via quantum computing technology. The reports, which first appeared in the South China Morning Post last week,…
HM Surf Bug in macOS Raises Data Privacy Concerns
Several vulnerabilities in the Safari web browser for macOS may have left users open to being spied on, having their data stolen, and acquiring other types of malware thanks to this security weakness. Specifically, the vulnerability arises from the…
Vietnamese Hackers Target Digital Marketers in Malware Attack
Cyble Research and Intelligence Lab recently unearthed an elaborate, multi-stage malware attack targeting not only job seekers but also digital marketing professionals. The hackers are a Vietnamese threat actor who was utilising different sophisticated attacks on systems by making…
North Korean Hackers Develop Linux Variant of FASTCash Malware Targeting Financial Systems
A new Linux variant of FASTCash malware has surfaced, targeting the payment switch systems of financial institutions. North Korean hackers, linked to the Hidden Cobra group, have expanded their cyber arsenal to now include Ubuntu 22.04 LTS distributions. Previously,…
Microsoft Builds Fictitious Azure Tenants to Lure Phishers to Honeypots
Microsoft employs deceptive tactics against phishing actors, creating realistic-looking honeypot tenants with Azure access and luring attackers in to gather intelligence on them. Tech giant can use the acquired data to map malicious infrastructure, gain a better understanding of…
Cyber Threats by Nation-States Surge Beyond Control
In recent years, state-sponsored hacker groups have increased their attacks on critical infrastructure, causing great concern across the globe. It has become increasingly evident that these coordinated and sophisticated cyber threats and attacks are posing serious risks to the…
Brazil’s Federal Police Arrests ‘USDoD,’ Hacker in FBI Infragard Breach
Brazil’s Polícia Federal arrested USDoD, an infamous hacker linked to the National Public Data and InfraGard breaches, as part of “Operation Data Breach”. USDoD, dubbed EquationCorp, has a long history of high-profile data breaches in which he stole data…