March 28, 2024
Via: The RegisterNHS Scotland says it managed to contain a ransomware group’s malware to a regional branch, preventing the spread of infection across the entire institution. The INC Ransom group this week claimed responsibility for the assault on ‘NHS Scotland’, saying it […]
Threats & Malware, Vulnerabilities
March 18, 2024
Via: Security WeekThe research focused on WebGPU, an API that enables web developers to use the underlying system’s GPU to carry out high-performance computations in a web browser. By leveraging this API, they have demonstrated an attack that works entirely from the […]
Threats & Malware, Virus & Malware
February 16, 2023
Via: The Hacker NewsMore than 500 hosts have been newly compromised en masse by the ESXiArgs ransomware strain, most of which are located in France, Germany, the Netherlands, the U.K., and Ukraine. The findings come from attack surface management firm Censys, which discovered […]
Threats & Malware, Vulnerabilities
February 3, 2023
Via: The Hacker NewsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on February 2 added two security flaws to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active exploitation. The first of the two vulnerabilities is CVE-2022-21587 (CVSS score: 9.8), a critical […]
Threats & Malware, Virus & Malware
January 19, 2023
Via: SecureWorldIn a digital age when ships navigating the seas are as dependent on technology as they are on winds and tides, a cyberattack on a key software supplier can cripple a significant portion of the shipping industry. DNV, a Norwegian […]
December 20, 2022
Via: The Hacker NewsThe Russia-linked Gamaredon group attempted to unsuccessfully break into a large petroleum refining company within a NATO member state earlier this year amid the ongoing Russo-Ukrainian war. The attack, which took place on August 30, 2022, is just one of […]
Threats & Malware, Vulnerabilities
September 22, 2022
Via: The Hacker NewsResearchers have disclosed a new severe Oracle Cloud Infrastructure (OCI) vulnerability that could be exploited by users to access the virtual disks of other Oracle customers. “Each virtual disk in Oracle’s cloud has a unique identifier called OCID,” Shir Tamari, […]
September 21, 2022
Via: Security AffairsThe company made the headlines after that threat actors have stolen around $160 million worth of digital assets. The company confirmed the disruption of its services in the coming days, but it pointed out that it is “solvent with twice […]
September 19, 2022
Via: Help Net SecurityOrca Security released the 2022 State of the Public Cloud Security Report, which provides important insights into the current state of public cloud security and where the most critical security gaps are found. One of the report’s key findings is […]
Threats & Malware, Vulnerabilities
September 9, 2022
Via: CSO OnlineA vulnerability found in an interaction between a Wi-Fi-enabled battery system and an infusion pump for the delivery of medication could provide bad actors with a method for stealing access to Wi-Fi networks used by healthcare organizations, according to Boston-based […]
September 7, 2022
Via: The Hacker NewsThe prolific North Korean nation-state actor known as the Lazarus Group has been linked to a new remote access trojan called MagicRAT. The previously unknown piece of malware is said to have been deployed in victim networks that had been […]
Threats & Malware, Virus & Malware
September 7, 2022
Via: Dark ReadingA Linux-focused malware dubbed Shikitega has emerged to target endpoints and Internet of Things (IoT) devices with a unique, multistage infection chain that results in full device takeover and a cryptominer. Researchers at AT&T Alien Labs who spotted the bad […]
August 30, 2022
Via: TechRadar2FA firm Authy is the latest company revealed to have been impacted by the Twilio data breach. A company update(opens in new tab) spotted by TechCrunch outlined how the app, which is owned by Twilio, had seen details of 93 […]
July 6, 2022
Via: MalwarebytesResearchers discovered evidence of a widespread software supply chain attack involving malicious Javascript packages offered via the npm package manager. The threat actors behind the IconBurst campaign used typosquatting to mislead developers looking for very popular packages. npm npm is […]
Threats & Malware, Vulnerabilities
May 31, 2022
Via: Help Net SecurityA newly numbered Windows zero-day vulnerability (CVE-2022-30190) is being exploited in the wild via specially crafted Office documents (without macros), security researchers are warning. After initially dismissing the vulnerability as “not a security related issue”, Microsoft has now issued a […]
August 26, 2021
Via: Help Net SecurityWhen it comes to business communication, email is still king. Cybercriminals are aware of this fact, and they’re constantly perfecting their attacks to successfully evade the built-in security defenses of Microsoft 365 and Google Workspace. In this interview with Help […]
Threats & Malware, Virus & Malware
January 6, 2021
Via: CSO OnlineIf you use the recently compromised SolarWinds Orion monitoring products, you are already reviewing your infrastructure and possibly blocking network access to the servers in your domain. For those of you who do not use the SolarWinds software, this is […]
November 24, 2020
Via: Security AffairsSecurity experts from vpnMentor have uncovered a possible credential stuffing operation that affected some Spotify accounts. Threat actors behind the campaign are using a database containing over 380 million records, including login credentials and other data for Spotify accounts, likely […]
October 27, 2020
Via: Security AffairsA hacker has stolen approximately $24 million worth of cryptocurrency assets from decentralized finance service Harvest Finance, a web portal that lets users finding the farming opportunities that will maximize their yield(APY) returns. The hack took place earlier today and […]
Threats & Malware, Vulnerabilities
October 7, 2020
Via: Threat PostA security flaw allowing attackers to remotely snoop in on victims’ private conversations was found to stem from an unexpected device – their TV remotes. The flaw stems from Comcast’s XR11, a popular voice-activated remote control for cable TV, which […]