Threats and Malware
Threats & Malware, Vulnerabilities
March 18, 2024
Via: Security WeekThe research focused on WebGPU, an API that enables web developers to use the underlying system’s GPU to carry out high-performance computations in a web browser. By leveraging this API, they have demonstrated an attack that works entirely from the […]
March 18, 2024
Via: Security WeekAccording to the company, it discovered that multiple work computers within its environment were infected with malware and disconnected them from the network. Furthermore, Fujitsu said in an incident notification written in Japanse, the investigation into the attack has revealed […]
March 15, 2024
Via: TechRadarA French government agency suffered a cyberattack which has apparently resulted in the country’s largest-ever data leak incident, affecting as many as 43 million victims. The agency is called France Travail, the country’s unemployment registry and assistance organization, which helps […]
Cyber-crime, Data loss, Malware, Threats & Malware
March 14, 2024
Via: Security AffairsNissan Oceania, the regional division of the multinational carmaker, announced in December 2023 that it had suffered a cyber attack and launched an investigation into the incident. Nissan immediately notified the Australian Cyber Security Centre and the New Zealand National […]
Threats & Malware, Vulnerabilities
March 14, 2024
Via: The Hacker NewsFortinet has warned of a critical security flaw impacting its FortiClientEMS software that could allow attackers to achieve code execution on affected systems. “An improper neutralization of special elements used in an SQL Command (‘SQL Injection’) vulnerability [CWE-89] in FortiClientEMS […]
Threats & Malware, Virus & Malware
March 13, 2024
Via: Help Net SecurityIn 2023, 50% of malware detections for SMBs were keyloggers, spyware and stealers, malware that attackers use to steal data and credentials, according to Sophos. Attackers subsequently use this stolen information to gain unauthorized remote access, extort victims, deploy ransomware, […]
March 12, 2024
Via: Security WeekOn January 24, the company announced that some of its systems were taken offline due to “a technical issue” and that services would be disrupted for several days. EquiLend, which confirmed the next day that the disruption was caused by […]
March 11, 2024
Via: SecureWorldIn a sobering update released March 8th, Microsoft has revealed that the Russian state-sponsored hacking group Midnight Blizzard, also tracked as Nobelium, has gained unauthorized access to some of the company’s source code repositories and internal systems. This follows an […]
Threats & Malware, Virus & Malware
March 8, 2024
Via: Security WeekIn an incident update on Thursday, the company revealed that it continues to work aggressively on restoring its systems and services and that key functionality is coming back online. “Electronic prescribing is now fully functional with claim submission and payment […]
Threats & Malware, Vulnerabilities
March 8, 2024
Via: The Hacker NewsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting JetBrains TeamCity On-Premises software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability, tracked as CVE-2024-27198 (CVSS score: […]
Cyber-crime, Data loss, Malware, Threats & Malware
March 6, 2024
Via: Security AffairsWhile embattled ransomware gang LockBit 3.0 fights for its survival following Operation Cronos, a coordinated takedown of the syndicate’s web infrastructure by global authorities, the availability of victim data leaked by the gang persists via peer-to-peer (P2P) torrent networks. The […]
Threats & Malware, Virus & Malware
March 4, 2024
Via: Security AffairsPalo Alto Networks Unit 42 researchers discovered a new Linux variant of Bifrost (aka Bifrose) RAT that uses a deceptive domain (download.vmfare[.]com) that mimics the legitimate VMware domain. The Bifrost RAT has been active since 2004, it allows its operators […]
Threats & Malware, Vulnerabilities
March 1, 2024
Via: The RegisterThe quantum threat might seem futuristic, more like something you’d encounter in a science fiction film. But it’s arguably already a danger to real cyber security defences. Strengthening those defences relies heavily on knowledge and preparation. Arqit can help you […]
February 28, 2024
Via: SecureWorldIn a coordinated international law enforcement operation on February 19, the notorious LockBit ransomware gang had its Dark Web infrastructure seized by authorities. LockBit is accused of extorting hundreds of companies and organizations globally by encrypting their data and demanding […]
Threats & Malware, Virus & Malware
February 27, 2024
Via: The RegisterChina’s Ministry of Industry and Information Technology has warned local netizens that fake wallet apps for the nation’s central bank digital currency (CBDC) are already circulating and being abused by scammers. The digital renminbi – aka the e-Yuan or e-CNY […]
February 22, 2024
Via: The RegisterA cache of stolen documents posted to GitHub appears to reveal how a Chinese infosec vendor named I-Soon offers rent-a-hacker services for Beijing. The trove appeared on GitHub last week and contains hundreds of documents documenting I-Soon’s activities. Analysis of […]
Threats & Malware, Virus & Malware
February 22, 2024
Via: Tech XploreMore information about the business operations of the LockBit ransomware gang have emerged, a day after the UK National Crime Agency (NCA) and partners were able to apparently disrupt the group and deface its leak site. According to The Register, […]
Threats & Malware, Vulnerabilities
February 22, 2024
Via: Security AffairsThe maintainers of the Joomla! Project released Joomla 5.0.3 and 4.4.3 versions that addressed the following vulnerabilities in the popular content management system (CMS): [20240201] –CVE-2024-21722 Core – Insufficient session expiration in MFA management views: The MFA management features did […]
February 21, 2024
Via: The RegisterThe latest revelation from law enforcement authorities in relation to this week’s LockBit leaks is that the ransomware group had registered nearly 200 “affiliates” over the past two years. Affiliates are those people who buy into the gang’s ransomware-as-a-service model, […]
February 20, 2024
Via: The RegisterSmart home security camera slinger Wyze is telling customers that a cybersecurity “incident” allowed thousands of users to see other people’s camera feeds. Thanks to a helpful Reg reader who sent a customer email over to us, we know that […]