Tag: Featured

February 13, 2024

Some smart folks have found a way to automatically unscramble documents encrypted by the Rhysida ransomware, and used that know-how to produce and release a handy recovery tool for victims. Rhysida is a newish ransomware gang that has been around […]

February 13, 2024

Meta has acknowledged that phone number reuse that allows takeovers of its accounts “is a concern,” but the ad biz insists the issue doesn’t qualify for its bug bounty program and is a matter for telecom companies to sort out. […]

February 12, 2024

More than 70,000 presumably legit websites have been hijacked and drafted into a network that crooks use to distribute malware, serve phishing pages, and share other dodgy stuff, according to researchers. This mesh of compromised sites is known as VexTrio, […]

February 12, 2024

Willis Lease Finance Corporation has admitted to US regulators that it fell prey to a “cybersecurity incident” after data purportedly stolen from the biz was posted to the Black Basta ransomware group’s leak blog. The form 8-K filed with the […]

February 12, 2024

The Caravan and Motorhome Club (CAMC) and the experts it drafted to help clean up the mess caused by a January cyberattack still can’t figure out whether members’ data was stolen. According to an update shared with members late last […]

February 12, 2024

Nearly half the citizens of France have had their data exposed in a massive security breach at two third-party healthcare payment servicers, the French data privacy watchdog disclosed last week. Payments outfits Viamedis and Almerys both experienced breaches of their […]

February 6, 2024

Global securities finance tech company EquiLend’s systems are now back online after announcing a disruptive ransomware attack nearly two weeks ago. EquiLend was founded in 2001 by some of Wall Street’s biggest players – its board of directors includes BlackRock, […]

February 6, 2024

Fortinet’s FortiSIEM product is vulnerable to two new maximum-severity security vulnerabilities that allow for remote code execution. Both CVE-2024-23108 and CVE-2024-23109 have been assigned provisional scores of 10 on the CVSS scale, suggesting exploits can be carried out remotely by […]

February 5, 2024

AnyDesk has copped to an IT security “incident” in which criminals broke into the remote-desktop software maker’s production systems. The biz has told customers to expect disruption as it attempts to lock down its infrastructure. The application developer, which is […]

February 5, 2024

The recent indictment of a massive SIM-swapping ring may mean convicted crypto conman Sam Bankman-Fried is innocent of at least one allegation still hanging over his head: The theft of more than $400 million in crypto hacked from wallets belonging […]

February 5, 2024

A United States federal judge has sentenced Joshua Adam Schulte, a former CIA employee, to 40 years in prison for one of the largest disclosures of classified information in U.S. history. Schulte worked as a software developer for the CIA’s […]

January 30, 2024

Juniper Networks has disclosed separate vulnerabilities it was previously accused of concealing, and apologized to customers for the error in communication. The update, which happened late last week, comes hot on the heels of reporting from El Reg that highlighted […]

January 30, 2024

Schneider Electric is a multinational company that specializes in energy management, industrial automation, and digital transformation. BleepingComputer first reported the attack that hit the Sustainability Business division of the company on January 17th. BleepingComputer contacted Schneider Electric which confirmed the […]

January 29, 2024

Trend Micro’s Zero Day Initiative (ZDI) held its first-ever automotive-focused Pwn2Own event in Tokyo last week, and awarded over $1.3 million to the discoverers of 49 vehicle-related zero day vulnerabilities. Researchers from French security outfit Synacktiv took home $450,000 after […]

January 29, 2024

A new report from Trustwave cybersecurity researchers SpiderLabs has claimed hackers are increasingly turning to the Greatness phishing kit due to its advanced features, simplicity in use, and relatively low cost. Greatness was developed by a threat actor going by […]

January 29, 2024

Ukraine’s security service, the SBU, announced that it has identified and detained an alleged member of the pro-Russia hacker group known as the Cyber Army of Russia. The news was first reported by The Record Media. The hacktivists group is […]

January 23, 2024

Southern Water confirmed this morning that criminals broke into its IT systems, making off with a “limited amount of data.” The Black Basta ransomware group claimed the attack while publishing a snippet of the data it allegedly stole, which included: […]

January 23, 2024

Australia’s government has used the “significant cyber incidents” sanctions regime it introduced in 2021 for the first time, against a Russian named Aleksandr Gennadievich Ermakov whom authorities have deemed responsible for the 2022 attack on health insurer Medibank Private. The […]

January 22, 2024

Ransomware is used by cybercriminals to steal and encrypt critical business data before demanding payment for its restoration. It represents one of, if not the most, serious cybersecurity threat currently facing governments, public/private sector organizations and enterprises around the world. […]

January 22, 2024

Conor Brian Fitzpatrick – aka “Pompourin,” a former administrator of notorious leak site BreachForums – has been sentenced to 20 years of supervised release. Fitzpatrick was arrested and charged in March 2023. Authorities accused him of running the site, which […]