Top

Tag: Featured


Cyber warfare, Cyber-crime

Ukraine’s SBU arrested a member of Pro-Russia hackers group ‘Cyber Army of Russia’

January 29, 2024

Via: Security Affairs

Ukraine’s security service, the SBU, announced that it has identified and detained an alleged member of the pro-Russia hacker group known as the Cyber Army of Russia. The news was first reported by The Record Media. The hacktivists group is […]


Cyber-crime, Malware

UK water giant admits attackers broke into system as gang holds it to ransom

January 23, 2024

Via: The Register

Southern Water confirmed this morning that criminals broke into its IT systems, making off with a “limited amount of data.” The Black Basta ransomware group claimed the attack while publishing a snippet of the data it allegedly stole, which included: […]


Data loss, Threats & Malware

Australia imposes cyber sanctions on Russian it says ransomwared health insurer

January 23, 2024

Via: The Register

Australia’s government has used the “significant cyber incidents” sanctions regime it introduced in 2021 for the first time, against a Russian named Aleksandr Gennadievich Ermakov whom authorities have deemed responsible for the 2022 attack on health insurer Medibank Private. The […]


Threats & Malware, Virus & Malware

Safeguarding against the global ransomware threat

January 22, 2024

Via: The Register

Ransomware is used by cybercriminals to steal and encrypt critical business data before demanding payment for its restoration. It represents one of, if not the most, serious cybersecurity threat currently facing governments, public/private sector organizations and enterprises around the world. […]


Hacker, Threats & Malware

BreachForums admin ‘Pompourin’ sentenced to 20 years of supervised release

January 22, 2024

Via: The Register

Conor Brian Fitzpatrick – aka “Pompourin,” a former administrator of notorious leak site BreachForums – has been sentenced to 20 years of supervised release. Fitzpatrick was arrested and charged in March 2023. Authorities accused him of running the site, which […]


Cyber-crime, Malware

Subway’s data torpedoed by LockBit, ransomware gang claims

January 22, 2024

Via: The Register

The LockBit ransomware gang is claiming an attack on submarine sandwich slinger Subway, alleging it has made off with a platter of data. LockBit’s post to its leak blog, published on January 21, suggests one of its affiliates breached Subway’s […]


Cloud security, Security

Enter the era of platform-based cloud security

January 18, 2024

Via: The Register

Reports suggest that forward-looking organisations are ditching legacy point-based cloud security offerings and replacing them with more efficient integrated platforms which slash management overheads while significantly improving the app security. Cybersecurity Insiders notes that, in the past, companies have typically […]


Network security, Security

Nokia walks the walk about its RAN to play on Uncle Sam’s China fears

January 17, 2024

Via: The Register

A vendor establishing a business unit dedicated to government sales is not new or unusual. But Finnish telecommunications giant Nokia’s decision to do so in the USA this week tells a bigger story about Washington’s paranoia regarding the security of […]


Threats & Malware, Virus & Malware

FBI: Beware of thieves building Androxgh0st botnets using stolen creds

January 17, 2024

Via: The Register

Crooks are exploiting years-old vulnerabilities to deploy Androxgh0st malware and build a cloud-credential stealing botnet, according to the FBI and the Cybersecurity and Infrastructure Security Agency (CISA). In a joint warning issued on Tuesday, the US government agencies said the […]


Threats & Malware, Vulnerabilities

Patch time: Critical GitLab vulnerability exposes 2FA-less users to account takeovers

January 16, 2024

Via: The Register

GitLab admins should apply the latest batch of security patches pronto given the new critical account-bypass vulnerability just disclosed. Tracked as CVE-2023-7028, the maximum-severity bug exploits a change introduced in version 16.1.0 back in May 2023 that allowed users to […]


Threats & Malware, Vulnerabilities

Patch now: Critical VMware, Atlassian flaws found

January 16, 2024

Via: The Register

VMware and Atlassian today disclosed critical vulnerabilities and, while neither appear to have been exploited by miscreants yet, admins should patch now to avoid disappointment. First off, a pair of issues from Atlassian. Most serious is CVE-2023-22527, a template injection […]


Threats & Malware, Virus & Malware

And that’s a wrap for Babuk Tortilla ransomware as free decryptor released

January 9, 2024

Via: The Register

Security researchers have put out an updated decryptor for the Babuk ransomware family, providing a free solution for victims of the Tortilla variant. A collaboration between Cisco Talos, Avast, and the Netherlands police led to the development of the new […]


Threats & Malware, Vulnerabilities

New year, new updates for security holes in Windows, Adobe, Android and more

January 9, 2024

Via: The Register

Microsoft rang in the New Year with a relatively calm Patch Tuesday: Just 49 Windows security updates including fixes for two critical-rated bugs, plus four high-severity Chrome flaws in Microsoft Edge. None of the January CVEs are under active exploit, […]


Cyber-crime, Malware

British Library: Finances remain healthy as ransomware recovery continues

January 8, 2024

Via: The Register

The British Library is denying reports suggesting the recovery costs for its 2023 ransomware attack may reach highs of nearly $9 million as work to restore services remains ongoing. The institution said in a statement today that the final costs […]


Application security, Security

Facebook, Instagram now mine web links you visit to fuel targeted ads

January 8, 2024

Via: The Register

We gather everyone’s still easing themselves into the New Year. Deleting screens of unread emails, putting on a brave face in meetings, and slowly getting up to speed. While you’re recovering from the Christmas break, Meta has been busy introducing […]


Application security, Security

Microsoft to Add Dedicated AI Copilot Button on Windows PCs

January 8, 2024

Via: SecureWorld

In a bold move that promises to redefine the way users interact with their computers, Microsoft has announced the integration of a dedicated Copilot button on the keyboards of its Windows PCs. This innovative step signifies a major leap forward […]


Network security, Security

Atos confirms talks with Airbus over cybersecurity wing sale

January 3, 2024

Via: The Register

French IT services provider Atos has entered talks with Airbus to sell its tech security division in an effort to ease its financial burdens. In a market update this morning, Atos Group said it received two letters indicating non-binding interest […]


Data loss, Threats & Malware

Freight giant Estes refuses to deliver ransom, says personal data opened and stolen

January 3, 2024

Via: The Register

One of America’s biggest private freight shippers, Estes Express Lines, has told more than 20,000 customers that criminals stole their personal information. “As you may be aware, on October 1, 2023, Estes discovered that an unauthorized threat actor had gained […]


Data loss, Threats & Malware

Court hearings become ransomware concern after justice system breach

January 2, 2024

Via: The Register

The court system of Victoria, Australia, was subject to a suspected ransomware attack in which audiovisual recordings of court hearings may have been accessed. Louise Anderson, CEO at Court Services Victoria (CSV), confirmed this week that a “cybersecurity incident” was […]


Cyber-crime, Malware

Google password resets not enough to stop these info-stealing malware strains

January 2, 2024

Via: The Register

Security researchers say info-stealing malware can still access victims’ compromised Google accounts even after passwords have been changed. A zero-day exploit of Google account security was first teased by a cybercriminal known as “PRISMA” in October 2023, boasting that the […]