Tag: CySecurity News – Latest Information Security and Hacking Incidents

  In a proposal posted on Friday in the Federal Register, the Office for Civil Rights of the US Department of Health and Human Services (HHS) outlined several new requirements that could improve the cybersecurity practices of healthcare organizations. The…

Read more →

  Palo Alto Networks has issued a warning about the active exploitation of the CVE-2024-3393 denial of service (DoS) vulnerability, which attackers are using to compromise firewall defenses by triggering device reboots. Repeated exploitation of this vulnerability forces the firewall…

Read more →

  Ransomware is a type of malicious software designed to block access to files until a ransom is paid. Over the past 35 years, it has evolved from simple attacks into a global billion-dollar industry. In 2023 alone, ransomware victims…

Read more →

  < p style=”text-align: justify;”>In October 2024, General Dynamics (GD), a prominent name in aerospace and defense, confirmed a data breach impacting employee benefits accounts. The breach, detected on October 10, affected 37 individuals, including two residents of Maine. Attackers…

Read more →

  < p style=”text-align: justify;”>For tech enthusiasts and environmentalists in the European Union (EU), December 28, 2024, marked a major turning point as USB-C officially became the required standard for electronic gadgets. The new policy mandates that phones, tablets, cameras,…

Read more →

Hackers compromised Cyberhaven’s Chrome extension in a suspected supply-chain attack, publishing a malicious update capable of stealing customer passwords and session tokens. The attack raised serious concerns about the security of widely-used browser extensions. Cyberhaven, a data-loss prevention startup, confirmed…

Read more →

  < p style=”text-align: justify;”>In September 2024, American Addiction Centers (AAC) experienced a significant cyberattack that exposed the personal and health-related information of 422,424 individuals. The breach involved sensitive data such as Social Security numbers and health insurance details, prompting…

Read more →

  Hackers associated with North Korea have taken cyber theft to a record-breaking level in 2024, stealing $1.8 billion in cryptocurrency. According to a detailed report by blockchain analytics firm Chainalysis, this highlights the growing sophistication of these attackers and…

Read more →

  < p style=”text-align: justify;”>According to VulnCheck, a critical vulnerability identified as CVE-2024-12856 has been discovered in Four-Faith industrial routers, specifically affecting the F3x24 and F3x36 models, as well as users’ machines. Evidence suggests active exploitation of this vulnerability in…

Read more →

< p style=”text-align: justify;”>Cybersecurity researchers are raising alarms over the misuse of large language models (LLMs) by cybercriminals to create new variants of malicious JavaScript at scale. A report from Palo Alto Networks Unit 42 highlights how LLMs, while not…

Read more →

  A novel two-step phishing strategy is targeting Microsoft Visio files (.vsdx) and SharePoint, signaling a new trend in cyber deception, according to experts. Researchers at Perception Point have noted a significant rise in attacks leveraging these previously uncommon .vsdx…

Read more →

  Cybercriminals on the dark web have developed new ways to exploit identity verification systems. Rather than hacking or stealing personal information, they are purchasing it directly from individuals, as revealed by security researchers at iProov. This approach allows them…

Read more →

  South Korea has announced sanctions against 15 North Korean nationals and the Chosun Geumjeong Economic Information Technology Exchange Corporation for orchestrating schemes that finance North Korea’s nuclear weapons and missile programs. These measures target a global network involved in…

Read more →

  The North Korean hackers behind the ongoing Contagious Interview campaign have been observed launching a new JavaScript malware named OtterCookie.  The campaign includes social engineering techniques, with the hacker team frequently posing as recruiters to trick job seekers into…

Read more →

  A malware attack on the European Space Agency’s official web shop revealed that the application was hacked by loading a JavaScript script that generated a fake Stripe payment page at checkout. With an annual budget of more than 10…

Read more →

  Zelle has become a popular choice for online money transfers due to its simplicity, zero fees, and support from over 1,700 banks. However, since its launch in June 2017, the peer-to-peer payment service has been plagued by fraud. On…

Read more →

  The Q3 2024 Threat Report from Gen unveils a concerning rise in the sophistication of cyber threats, shedding light on how artificial intelligence (AI) is both a tool for attackers and defenders.  As cybercriminals evolve their tactics, the line…

Read more →

  A distributed denial-of-service (DDoS) attack targets a VoIP server by overwhelming it with phony user requests. This excessive traffic can exceed the network’s capacity, causing service disruptions and making genuine user requests unprocessable. Online criminals exploit these attacks to…

Read more →

  In October 2024, Interlock claimed to have attacked several organizations, including Wayne County, Michigan, which is known for its cyberattacks. Ransomware is characterized by the fact that the encrypted data is encrypted by an encryptor specifically designed for the…

Read more →

  A huge data security breach has come to light, with the data platform Builder.ai. It’s a service that lets organizations build their own proprietary, custom software applications, which don’t need heavy programming. According to a blog post by a…

Read more →