Top

Category: Threats & Malware

Threats and Malware


Threats & Malware, Vulnerabilities

New Attack Shows Risks of Browsers Giving Websites Access to GPU 

March 18, 2024

Via: Security Week

The research focused on WebGPU, an API that enables web developers to use the underlying system’s GPU to carry out high-performance computations in a web browser. By leveraging this API, they have demonstrated an attack that works entirely from the […]


Data loss, Threats & Malware

Fujitsu Data Breach Impacts Personal, Customer Information

March 18, 2024

Via: Security Week

According to the company, it discovered that multiple work computers within its environment were infected with malware and disconnected them from the network. Furthermore, Fujitsu said in an incident notification written in Japanse, the investigation into the attack has revealed […]


Data loss, Threats & Malware

Millions of users may have had data leaked in new French government agency security breach

March 15, 2024

Via: TechRadar

A French government agency suffered a cyberattack which has apparently resulted in the country’s largest-ever data leak incident, affecting as many as 43 million victims. The agency is called France Travail, the country’s unemployment registry and assistance organization, which helps […]


Cyber-crime, Data loss, Malware, Threats & Malware

Nissan Oceania data breach impacted roughly 100,000 people

March 14, 2024

Via: Security Affairs

Nissan Oceania, the regional division of the multinational carmaker, announced in December 2023 that it had suffered a cyber attack and launched an investigation into the incident. Nissan immediately notified the Australian Cyber Security Centre and the New Zealand National […]


Threats & Malware, Vulnerabilities

Fortinet Warns of Severe SQLi Vulnerability in FortiClientEMS Software

March 14, 2024

Via: The Hacker News

Fortinet has warned of a critical security flaw impacting its FortiClientEMS software that could allow attackers to achieve code execution on affected systems. “An improper neutralization of special elements used in an SQL Command (‘SQL Injection’) vulnerability [CWE-89] in FortiClientEMS […]


Threats & Malware, Virus & Malware

Keyloggers, spyware, and stealers dominate SMB malware detections

March 13, 2024

Via: Help Net Security

In 2023, 50% of malware detections for SMBs were keyloggers, spyware and stealers, malware that attackers use to steal data and credentials, according to Sophos. Attackers subsequently use this stolen information to gain unauthorized remote access, extort victims, deploy ransomware, […]


Data loss, Threats & Malware

EquiLend Ransomware Attack Leads to Data Breach 

March 12, 2024

Via: Security Week

On January 24, the company announced that some of its systems were taken offline due to “a technical issue” and that services would be disrupted for several days. EquiLend, which confirmed the next day that the disruption was caused by […]


Hacker, Threats & Malware

Russian Hackers Gained Access to Microsoft Source Code, Customer Secrets

March 11, 2024

Via: SecureWorld

In a sobering update released March 8th, Microsoft has revealed that the Russian state-sponsored hacking group Midnight Blizzard, also tracked as Nobelium, has gained unauthorized access to some of the company’s source code repositories and internal systems. This follows an […]


Threats & Malware, Virus & Malware

Change Healthcare Restores Pharmacy Services Disrupted by Ransomware

March 8, 2024

Via: Security Week

In an incident update on Thursday, the company revealed that it continues to work aggressively on restoring its systems and services and that key functionality is coming back online. “Electronic prescribing is now fully functional with claim submission and payment […]


Threats & Malware, Vulnerabilities

CISA Warns of Actively Exploited JetBrains TeamCity Vulnerability

March 8, 2024

Via: The Hacker News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting JetBrains TeamCity On-Premises software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability, tracked as CVE-2024-27198 (CVSS score: […]


Cyber-crime, Data loss, Malware, Threats & Malware

LockBit 3.0’s Bungled Comeback Highlights the Undying Risk of Torrent-Based (P2P) Data Leakage

March 6, 2024

Via: Security Affairs

While embattled ransomware gang LockBit 3.0 fights for its survival following Operation Cronos, a coordinated takedown of the syndicate’s web infrastructure by global authorities, the availability of victim data leaked by the gang persists via peer-to-peer (P2P) torrent networks. The […]


Threats & Malware, Virus & Malware

New Linux variant of BIFROSE RAT uses deceptive domain strategies

March 4, 2024

Via: Security Affairs

Palo Alto Networks Unit 42 researchers discovered a new Linux variant of Bifrost (aka Bifrose) RAT that uses a deceptive domain (download.vmfare[.]com) that mimics the legitimate VMware domain. The Bifrost RAT has been active since 2004, it allows its operators […]


Threats & Malware, Vulnerabilities

In the vanguard of 21st century cyber threats

March 1, 2024

Via: The Register

The quantum threat might seem futuristic, more like something you’d encounter in a science fiction film. But it’s arguably already a danger to real cyber security defences. Strengthening those defences relies heavily on knowledge and preparation. Arqit can help you […]


Hacker, Threats & Malware

LockBit Bounces Back Shortly After Takedown and Police Trolling

February 28, 2024

Via: SecureWorld

In a coordinated international law enforcement operation on February 19, the notorious LockBit ransomware gang had its Dark Web infrastructure seized by authorities. LockBit is accused of extorting hundreds of companies and organizations globally by encrypting their data and demanding […]


Threats & Malware, Virus & Malware

China warns of fake digital currency wallets fleecing netizens

February 27, 2024

Via: The Register

China’s Ministry of Industry and Information Technology has warned local netizens that fake wallet apps for the nation’s central bank digital currency (CBDC) are already circulating and being abused by scammers. The digital renminbi – aka the e-Yuan or e-CNY […]


Data loss, Threats & Malware

Giant leak reveals Chinese infosec vendor I-Soon is one of Beijing’s cyber-attackers for hire

February 22, 2024

Via: The Register

A cache of stolen documents posted to GitHub appears to reveal how a Chinese infosec vendor named I-Soon offers rent-a-hacker services for Beijing. The trove appeared on GitHub last week and contains hundreds of documents documenting I-Soon’s activities. Analysis of […]


Threats & Malware, Virus & Malware

LockBit registered nearly 200 “affiliates” over the past two years

February 22, 2024

Via: Tech Xplore

More information about the business operations of the LockBit ransomware gang have emerged, a day after the UK National Crime Agency (NCA) and partners were able to apparently disrupt the group and deface its leak site. According to The Register, […]


Threats & Malware, Vulnerabilities

Multiple XSS flaws in Joomla can lead to remote code execution

February 22, 2024

Via: Security Affairs

The maintainers of the Joomla! Project released Joomla 5.0.3 and 4.4.3 versions that addressed the following vulnerabilities in the popular content management system (CMS): [20240201] –CVE-2024-21722 Core – Insufficient session expiration in MFA management views: The MFA management features did […]


Data loss, Threats & Malware

LockBit leaks expose nearly 200 affiliates and bespoke data-stealing malware

February 21, 2024

Via: The Register

The latest revelation from law enforcement authorities in relation to this week’s LockBit leaks is that the ransomware group had registered nearly 200 “affiliates” over the past two years. Affiliates are those people who buy into the gang’s ransomware-as-a-service model, […]


Data loss, Threats & Malware

Wyze admits 13,000 users could have viewed strangers’ camera feeds

February 20, 2024

Via: The Register

Smart home security camera slinger Wyze is telling customers that a cybersecurity “incident” allowed thousands of users to see other people’s camera feeds. Thanks to a helpful Reg reader who sent a customer email over to us, we know that […]