January 29, 2024
Via: Tech XploreA new report from Trustwave cybersecurity researchers SpiderLabs has claimed hackers are increasingly turning to the Greatness phishing kit due to its advanced features, simplicity in use, and relatively low cost. Greatness was developed by a threat actor going by […]
January 29, 2024
Via: Security AffairsUkraine’s security service, the SBU, announced that it has identified and detained an alleged member of the pro-Russia hacker group known as the Cyber Army of Russia. The news was first reported by The Record Media. The hacktivists group is […]
January 23, 2024
Via: The RegisterSouthern Water confirmed this morning that criminals broke into its IT systems, making off with a “limited amount of data.” The Black Basta ransomware group claimed the attack while publishing a snippet of the data it allegedly stole, which included: […]
January 23, 2024
Via: The RegisterAustralia’s government has used the “significant cyber incidents” sanctions regime it introduced in 2021 for the first time, against a Russian named Aleksandr Gennadievich Ermakov whom authorities have deemed responsible for the 2022 attack on health insurer Medibank Private. The […]
Threats & Malware, Virus & Malware
January 22, 2024
Via: The RegisterRansomware is used by cybercriminals to steal and encrypt critical business data before demanding payment for its restoration. It represents one of, if not the most, serious cybersecurity threat currently facing governments, public/private sector organizations and enterprises around the world. […]
January 22, 2024
Via: The RegisterConor Brian Fitzpatrick – aka “Pompourin,” a former administrator of notorious leak site BreachForums – has been sentenced to 20 years of supervised release. Fitzpatrick was arrested and charged in March 2023. Authorities accused him of running the site, which […]
January 22, 2024
Via: The RegisterThe LockBit ransomware gang is claiming an attack on submarine sandwich slinger Subway, alleging it has made off with a platter of data. LockBit’s post to its leak blog, published on January 21, suggests one of its affiliates breached Subway’s […]
January 18, 2024
Via: The RegisterReports suggest that forward-looking organisations are ditching legacy point-based cloud security offerings and replacing them with more efficient integrated platforms which slash management overheads while significantly improving the app security. Cybersecurity Insiders notes that, in the past, companies have typically […]
January 17, 2024
Via: The RegisterA vendor establishing a business unit dedicated to government sales is not new or unusual. But Finnish telecommunications giant Nokia’s decision to do so in the USA this week tells a bigger story about Washington’s paranoia regarding the security of […]
Threats & Malware, Virus & Malware
January 17, 2024
Via: The RegisterCrooks are exploiting years-old vulnerabilities to deploy Androxgh0st malware and build a cloud-credential stealing botnet, according to the FBI and the Cybersecurity and Infrastructure Security Agency (CISA). In a joint warning issued on Tuesday, the US government agencies said the […]
Threats & Malware, Vulnerabilities
January 16, 2024
Via: The RegisterGitLab admins should apply the latest batch of security patches pronto given the new critical account-bypass vulnerability just disclosed. Tracked as CVE-2023-7028, the maximum-severity bug exploits a change introduced in version 16.1.0 back in May 2023 that allowed users to […]
Threats & Malware, Vulnerabilities
January 16, 2024
Via: The RegisterVMware and Atlassian today disclosed critical vulnerabilities and, while neither appear to have been exploited by miscreants yet, admins should patch now to avoid disappointment. First off, a pair of issues from Atlassian. Most serious is CVE-2023-22527, a template injection […]
Threats & Malware, Virus & Malware
January 9, 2024
Via: The RegisterSecurity researchers have put out an updated decryptor for the Babuk ransomware family, providing a free solution for victims of the Tortilla variant. A collaboration between Cisco Talos, Avast, and the Netherlands police led to the development of the new […]
Threats & Malware, Vulnerabilities
January 9, 2024
Via: The RegisterMicrosoft rang in the New Year with a relatively calm Patch Tuesday: Just 49 Windows security updates including fixes for two critical-rated bugs, plus four high-severity Chrome flaws in Microsoft Edge. None of the January CVEs are under active exploit, […]
January 8, 2024
Via: The RegisterThe British Library is denying reports suggesting the recovery costs for its 2023 ransomware attack may reach highs of nearly $9 million as work to restore services remains ongoing. The institution said in a statement today that the final costs […]
Application security, Security
January 8, 2024
Via: The RegisterWe gather everyone’s still easing themselves into the New Year. Deleting screens of unread emails, putting on a brave face in meetings, and slowly getting up to speed. While you’re recovering from the Christmas break, Meta has been busy introducing […]
Application security, Security
January 8, 2024
Via: SecureWorldIn a bold move that promises to redefine the way users interact with their computers, Microsoft has announced the integration of a dedicated Copilot button on the keyboards of its Windows PCs. This innovative step signifies a major leap forward […]
January 3, 2024
Via: The RegisterFrench IT services provider Atos has entered talks with Airbus to sell its tech security division in an effort to ease its financial burdens. In a market update this morning, Atos Group said it received two letters indicating non-binding interest […]
January 3, 2024
Via: The RegisterOne of America’s biggest private freight shippers, Estes Express Lines, has told more than 20,000 customers that criminals stole their personal information. “As you may be aware, on October 1, 2023, Estes discovered that an unauthorized threat actor had gained […]
January 2, 2024
Via: The RegisterThe court system of Victoria, Australia, was subject to a suspected ransomware attack in which audiovisual recordings of court hearings may have been accessed. Louise Anderson, CEO at Court Services Victoria (CSV), confirmed this week that a “cybersecurity incident” was […]