Category: CySecurity News – Latest Information Security and Hacking Incidents

  According to security researchers, the key fob is extremely hackable, and, in addition, it is convenient. In terms of digital security, the car key fob does not have the greatest reputation when it comes to safety. As of late,…

Read more →

  In a recent joint report by the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI), a new ransomware gang named Black Basta has been identified as breaching over 500 organisations globally between April 2022 and…

Read more →

We all are no strangers to artificial intelligence (AI) expanding over our lives, but Predictive AI stands out as uncharted waters. What exactly fuels its predictive prowess, and how does it operate? Let’s take a detailed exploration of Predictive AI,…

Read more →

  Cybersecurity discourse heavily emphasizes prevention, yet often neglects post-breach strategies. While we invest significant effort in establishing protocols to avert attacks, breaches remain an unavoidable reality. The “IBM Cyber Security Intelligence Index” report highlights human error as a leading…

Read more →

  According to Fortinet, cybercriminals have their sights on the increasing number of new vulnerabilities triggered by the expansion of online services and applications, as well as the rapid rise in the number and variety of connected devices. It’s only…

Read more →

In a recent incident, Europol’s Europol Platform for Experts (EPE) portal experienced a security breach. The breach occurred within a closed user group, raising concerns about data security and operational integrity. In this blog post, we delve into the details…

Read more →

  In our digitally interconnected world, cybercriminals continuously devise new methods to exploit technology for their malicious intents. Two prevalent schemes gaining traction are vishing and quishing scams. These fraudulent activities capitalize on telephone calls and QR codes to deceive…

Read more →

The threat actor responsible for the recent Dell data breach stated that he scraped information from 49 million customer records via a partner portal API that he accessed as a phony organization. Dell had begun sending alerts to customers informing…

Read more →

  Virtual private networks (VPNs) are crafted to safeguard online privacy through the encryption of internet traffic and concealment of IP addresses, thereby preventing the determination of user locations. This functionality becomes apparent when users attempt to access websites or…

Read more →

  In recent cybersecurity developments, hackers have been leveraging a critical vulnerability within the LiteSpeed Cache plugin for WordPress to exploit websites running outdated versions. LiteSpeed Cache, a popular caching plugin utilized by over five million WordPress sites, is designed…

Read more →

  In the last couple of weeks, there has been an increase in the number of people who have been duped into sharing their card details and other personal information with a network of fake online designer shops that are…

Read more →

  Invoke AI has added two novel features to its AI-based image generation platform. According to the company, two new features—the Model Trainer and Control Layers—provide some of the most refined controls in image generation. Both apps provide users granular…

Read more →

  Dell, the renowned computer manufacturer, has issued a cautionary notice to its customers regarding a disconcerting data breach. The breach, which affects an estimated 49 million customers, involves unauthorised access to an online portal containing sensitive customer information. Dell…

Read more →

  The healthcare sector is increasingly targeted by cybercriminals, as evidenced by recent high-profile attacks that disrupt services and highlight vulnerabilities in this critical industry. The recent cyber attack on Ascension, in particular, has raised concerns due to its significant…

Read more →

  Microsoft has introduced a cutting-edge artificial intelligence (AI) model tailored specifically for the US intelligence community, marking a leap forward in secure intelligence analysis. This state-of-the-art AI model operates entirely offline, mitigating the risks associated with internet connectivity and…

Read more →

  Cybersecurity experts have identified a new information stealer targeting Apple macOS computers that is intended to establish persistence on compromised hosts and function as spyware. Kandji’s malware, dubbed Cuckoo, is a universal Mach-O binary that can execute on both…

Read more →

An APT group that has been missing for over a decade has reappeared in a cyber-espionage campaign aimed at organizations in Latin America and Central Africa. The Mask’s history Origins: The Mask first appeared in 2007, operating with stealth and…

Read more →

  In a recent revelation that has sent shockwaves through the cybersecurity community, researchers have unearthed a significant vulnerability in virtual private networks (VPNs) dubbed TunnelVision. This flaw, described as deep and unpatchable, poses a substantial threat to data security,…

Read more →

  After a cyberattack this week, the largest healthcare system in the United States is diverting ambulances to “several” of its hospitals, the company said Thursday. In a statement released Thursday evening by Ascension Hospital, a nonprofit network based in…

Read more →

  In a cutting-edge study by XM Cyber and the Cyentia Institute, a comprehensive analysis has unveiled a startling reality: a staggering 80% of cybersecurity vulnerabilities within organisations stem from issues related to Active Directory. This might sound like tech…

Read more →

In the world of gaming, customization is king. Players love tweaking their favourite games to make them even more exciting. But while mods and customizations can enhance your gaming experience, they can also hide dangerous threats. A new version of…

Read more →

The Breach: Scope and impact  The University System of Georgia (USG) notified 800,000 people about data breaches during the 2023 Clop MOVEit attacks. USG is a state government body that oversees 26 public colleges and universities in Georgia, serving approximately…

Read more →

  It was founded in 2020 and is currently one of the top API security vendors in the world. After emerging from stealth in a year, Noname has reached unicorn status, as of 2021. As a result of the $220…

Read more →

  US officials have uncovered and indicted the ringleader of LockBit, a widespread ransomware operation that has extorted victims out of half a billion dollars. He is facing over two dozen criminal charges.  According to a 26-count indictment released on…

Read more →

  In a recent turn of events, DocGo, a prominent mobile medical care firm providing healthcare services across the United States and the United Kingdom, has fallen victim to a cyberattack. The breach, confirmed by the company in a filing…

Read more →

  Microsoft is undergoing organizational adjustments to enhance cybersecurity measures throughout its products and services, focusing on holding senior leadership directly responsible. Charlie Bell, Microsoft’s executive vice president of security, outlined these changes in a recent blog post aimed at…

Read more →

The Partnership Details OpenAI and Stack Overflow are collaborating through OverflowAPI access to provide OpenAI users and customers with the correct and validated data foundation that AI technologies require to swiftly solve an issue, allowing engineers to focus on critical…

Read more →

  The cryptocurrency sector is on the brink of a paradigm shift in cybersecurity as it gears up to launch Crypto ISAC (Information Sharing and Analysis Center), under the adept leadership of cybersecurity expert Justine Bone. Bone, acclaimed for her…

Read more →

  China-linked hackers used a variety of backdoors and Web shells to compromise the MITRE Corporation late last year.  Last month, it was revealed that MITRE, widely known for its Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) framework, had been…

Read more →

  MITRE recently provided further insight into the recent cyber intrusion, shedding light on the new malicious software employed and a timeline detailing the attacker’s actions. In April 2024, MITRE announced a breach in one of its research and prototyping…

Read more →

  The recent partnership between Te Tumu Paeroa (TTP), the office of the Māori Trustee, and Microsoft for the forthcoming data centres in Aotearoa New Zealand marks a groundbreaking development with potential global implications for indigenous data sovereignty. This agreement,…

Read more →

  Approximately a billion Android users have been threatened by a new malware infection. The latest security alert comes from Microsoft’s team who discovered a new vulnerability that may give hackers complete control of your smartphone. The latest security alert…

Read more →

  Over the weekend, an alarming incident unfolded as thousands of fake emails flooded in, purportedly from the US Department of Homeland Security. The messages, titled “Urgent: Threat actor in systems,” raised concerns about a cyber threat allegedly posed by…

Read more →

  In the ever-evolving landscape of artificial intelligence (AI), a notable shift in focus has emerged from the once lofty concerns about AI achieving sentience or triggering a hypothetical “singularity.” Instead, attention has pivoted towards a concept known as artificial…

Read more →

  The LockBit ransomware group has resurfaced, targeting Hooker Furniture, a significant player in the U.S. furniture industry. Alleging the theft of customer and business data, LockBit has set a deadline of May 08, 2024, for its publication. Meanwhile, BetterHelp,…

Read more →

  On Friday afternoon, the Los Angeles Police Department’s website went down due to an overload, officials said, despite claims on social media that an online group was responsible for the outage through their “cyber attack.” It is widely believed…

Read more →

  Surprisingly, one iOS user has successfully identified Apple’s iPhone Spyware Problem. Unfortunately, iPhone spyware attacks have extended to 92 nations. And it can be one of the most scary threats in the realm of technology.  The blog post below…

Read more →

  A new attack, dubbed TunnelVision, has materialised as a threat to the security of virtual private network (VPN) applications, potentially compromising their ability to protect user data. Researchers have detected vulnerabilities affecting nearly all VPN apps, which could allow…

Read more →

  In recent developments, the F Society ransomware group has once again made headlines by listing four additional victims on its leak site. The alleged targets include Bitfinex, Coinmoma, Rutgers University, and SBC Global Net. Bitfinex, a renowned cryptocurrency exchange…

Read more →

Scattered Spider threat actors primarily steal data for extortion using a variety of social engineering approaches, and they have recently used BlackCat/ALPHV ransomware in addition to their usual TTPs. According to a senior bureau official, the FBI must “evolve” to…

Read more →

  Recently, there has been a trend among nation-state espionage groups they are tapping into native Microsoft services for their command-and-control (C2) operations. Surprisingly, different groups, unrelated to each other, have reached the same conclusion that It is smarter to…

Read more →

  Microsoft recently made a troubling discovery regarding the security of numerous Android applications, including some of the most widely used ones, each boasting over 500 million installations. After uncovering a common security weakness, Microsoft promptly notified Google’s Android security…

Read more →

ATMs have become an integral part of our lives. They provide convenient access to cash and banking services. However, criminals are always finding new ways to exploit technology for their gain. One such deceptive scheme is the ATM card trap…

Read more →

  When businessman Mohammed Yousaf received an urgent plea for assistance from one of his oldest friends, he rushed to the rescue. The 56-year-old received a WhatsApp message from the account of a man he had been friends with for…

Read more →

  In recent years, the realm of computing has witnessed a remarkable transformation with the rise of AI-powered PCs. These cutting-edge machines are not just your ordinary computers; they are equipped with advanced artificial intelligence capabilities that are revolutionizing the…

Read more →

  There have been a series of major security breaches recently, and Microsoft is making changes to its security practices, organizational structure, and executive compensation to address the issue, as government leaders and big customers increasingly pressure the company to…

Read more →

  In an era where we should be gravely concerned about online privacy and security, Virtual Private Networks (VPNs) have come through as indispensable tools for safeguarding digital identities. However, amidst the buzz of VPN advertisements promising invincibility against cyber…

Read more →

  Several months ago, a Mullvad VPN user discovered that Android users have a serious privacy concern when using Mullvad VPN. Even with the Always-On VPN feature activated, which ensures that the VPN connection is always active, and with the…

Read more →

  Microsoft has introduced a new feature allowing Windows users to log into their Microsoft consumer accounts using a passkey, eliminating the need for traditional passwords. This passkey authentication method supports various password-less options such as Windows Hello, FIDO2 security…

Read more →

  Experts caution that users of running apps should heighten their privacy settings to thwart potential stalkers and other malicious actors from accessing sensitive information regarding their activities.  While platforms like Strava enable joggers and hikers to share route details…

Read more →

Crafting convincing personas APT42, an Iranian state-backed threat actor, uses social engineering attacks, including posing as journalists, to access corporate networks and cloud environments in Western and Middle Eastern targets. Mandiant initially discovered APT42 in September 2022, reporting that the…

Read more →

  Big Tech companies like Amazon, Microsoft, and Alphabet have showcased impressive earnings, with a substantial boost from their advancements in artificial intelligence (AI) technology. Amazon’s quarterly report revealed a 13% increase in net sales, primarily attributed to its AWS…

Read more →

  Monash Health, a Victorian public health agency, has announced that it had been impacted by the recent ZircoDATA hack.  Earlier this year in February, ZircoDATA, which provides safe document storage, data management, and digital conversion of 9,000 clients across…

Read more →

  In the ever-evolving landscape of cybersecurity threats, a new menace has emerged: Cuttlefish. This sophisticated malware targets enterprise-grade and small office/home office (SOHO) routers, posing a significant risk to both businesses and individual users alike.  Discovered by Lumen Technologies’…

Read more →

  Singaporean authorities, along with two banks and Hong Kong police, thwarted a scam targeting a 70-year-old victim, recovering over S$370,000. The Singapore Police Force (SPF) disclosed that DBS detected suspicious transactions amounting to about S$180,000, promptly blocking further transfers…

Read more →

  When hackers identify an unsecured router, they penetrate it by installing malware that provides them persistence, the ability to launch distributed denial of service (DDoS) assaults, hide malicious data, and more. But what happens when the hackers discover a…

Read more →

CISA and FBI urge companies to take patch actions  CISA and the FBI recommended software companies today to assess their products and fix route traversal security flaws before selling. Attackers can leverage path traversal vulnerabilities (also known as directory traversal)…

Read more →

  In a significant development, the Cybercrime Squad in New South Wales (NSW) has made a crucial breakthrough in a case involving a mass data breach affecting approximately one million individuals. The arrest of a 46-year-old man from Fairfield West…

Read more →

  The insect farming industry, previously thought of as an industry that was in desperate need of development, has rapidly gained popularity as a practical and sustainable solution to the severe worldwide challenges of food safety, environmental degradation, and aid…

Read more →

A significant privacy breach has shaken up the club scene in Australia, as a facial recognition system deployed across multiple nightlife venues became the target of a cyberattack. Outabox, the Australian firm responsible for the technology, is facing intense scrutiny…

Read more →

  DropBox has announced a breach in its DropBox Sign eSignature platform, formerly known as HelloSign. The breach, uncovered on April 24, has left customer data vulnerable, including authentication tokens, MFA keys, hashed passwords, and personal information. The breach was…

Read more →

  The Hôpital de Cannes – Simone Veil (CHC-SV) in France revealed that it has received a ransom demand from the Lockbit 3.0 ransomware gang and refused to pay the ransom.  On April 17, the 840-bed hospital announced a serious…

Read more →

  According to recent research by the Institution of Engineering and Technology (IET), conducted to mark World Password Day, only one in five people in the UK can correctly identify a secure password over a risky one. This alarming statistic…

Read more →

  A significant uptick in distributed denial of service (DDoS) attacks has plagued Sweden as the nation navigates its path towards joining NATO, reports network performance management provider Netscout. The onslaught commenced notably in May 2023, following a colossal 500…

Read more →

On Tuesday, Google unveiled a new line of artificial intelligence (AI) models geared toward the medical industry. Although the tech giant has issued a pre-print version of its research paper that illustrates the capabilities and methodology of these AI models,…

Read more →

  Artificial intelligence (AI) has surged into nearly every facet of our lives, from diagnosing diseases to deciphering ancient texts. Yet, for all its prowess, AI still falls short when compared to the complexity of the human mind. Scientists are…

Read more →

  The computer games industry has been a part of Andrew Maximov’s life for 12 years and despite all of this experience, he still marvels at how much money it costs to build some of the biggest games of all…

Read more →

  A significant privacy breach has shaken up the club scene in Australia, as a facial recognition system deployed across multiple nightlife venues became the target of a cyberattack. Outabox, the Australian firm responsible for the technology, is facing intense…

Read more →

The United Arab Emirates government was the target of a significant data breach attack that has the cybersecurity industry on edge. The attacker, who goes by the username “UAE,” has not been recognized. Unless a ransom of 150 bitcoins (about…

Read more →

In a recent legal case that has shaken Finland, cyber offender Julius Kivimäki, known online as Zeekill, has been sentenced to six years and three months behind bars for his involvement in a sophisticated cybercrime operation. The case revolves around…

Read more →

  In a surprising turn of events, the use of removable media, particularly USB devices, has resurged as a favoured tactic among industrial cyber attackers. Honeywell’s recently released “2024 USB Threat Report” sheds light on this concerning trend, emphasizing its…

Read more →

  Apple claims to be working rapidly to resolve an issue that resulted in some iPhone alarms not setting off, allowing its sleeping users to have an unexpected lie-in.  Many people rely on their phones as alarm clocks, and some…

Read more →

  A UnitedHealth spokesperson confirmed that the black cat ransomware gang had breached Change Healthcare’s network, using stolen credentials to get into the company’s Citrix remote access service, which was not set up to support multi-factor authentication. It was revealed…

Read more →

  In today’s digital age, where data breaches and cyberattacks are increasingly common, safeguarding against identity-based attacks has become paramount for organizations worldwide. Identity-based attacks, which involve the unauthorized access to sensitive information through compromised user credentials, pose significant risks…

Read more →

  As advancements in AI technology continue to unfold, the specter of cybercrime looms larger each day. Among the chorus of cautionary voices, Microsoft, the eminent IT behemoth, adds its warning to the fray. Microsoft’s Threat Intelligence researchers have issued…

Read more →

A new cyber scam, dubbed “Dev Popper,” is preying on software developers through fake job interviews. This elaborate ruse, masquerading as genuine employment opportunities, aims to infiltrate the victim’s computer with a harmful Python backdoor, posing serious cyber threats. How…

Read more →

According to Okta’s user warning, the availability of residential proxy services, stolen credentials, and scripting tools has led to an increase in credential-stuffing assaults that target online services. The Okta research team noticed a rise in credential-stuffing attempts against Okta…

Read more →

  In today’s interconnected digital landscape, the acquisition and dissemination of personal data have reached unprecedented levels, posing significant risks to individuals across various sectors, including reproductive health workers. At the forefront of this modern dilemma are entities known as…

Read more →

  It is believed that auto manufacturers are selling millions of pieces of data to the insurance industry about the driving behaviours of their customers. It is my responsibility to report the story about GM sharing driving data from connected…

Read more →

  You’ve employed ChatGPT to make your life easier when drafting an essay or doing research. Indeed, the chatbot’s ability to accept massive volumes of data, break down it in seconds, and answer in natural language is incredibly valuable. But…

Read more →

In today’s digital age, it is no secret that our phones are constantly tracking our whereabouts. GPS satellites and cell towers work together to pinpoint our locations, while apps on our devices frequently ping the cell network for updates on…

Read more →

  In our modern, highly connected world, where online transactions are everywhere, the looming presence of quantum computing casts a momentous shadow. Unlike classical computers, which rely on bits to process information, quantum computers leverage the peculiar properties of quantum…

Read more →

  A new cyber threat dubbed DEV#POPPER is currently underway, targeting software developers with deceitful npm packages disguised as job interview opportunities, aiming to dupe them into downloading a Python backdoor. Securonix, a cybersecurity firm, has been monitoring this activity…

Read more →

  There is a new report from the World Economic Forum that discusses how artificial intelligence can revolutionize education systems and help educators and students have a better experience. AI has a huge amount of potential, ranging from personalizing learning…

Read more →

  Thousands of companies have received alerts about a global ransomware attack from the Dutch cybersecurity agencies. The perpetrators, known as the Cactus Gang, hail from Eastern Europe and have been operating since the end of last year. The gang…

Read more →

  Les Miroirs St-Antoine Inc., a longstanding company in the St-Jérôme region, is grappling with the aftermath of an alleged ransomware attack orchestrated by the infamous Everest Group. Founded in 1956, Les Miroirs St-Antoine specializes in glazing and aluminum products…

Read more →

Ransomware assaults, such as the one on Change Healthcare, continue to create serious disruptions. However, they are not inevitable. Software developers can create products that are immune to the most frequent types of cyberattacks used by ransomware gangs. This blog…

Read more →

  Security experts are urgently warning about the vulnerability of thousands of Qlik Sense servers to potential ransomware attacks by the troubling Cactus group. Despite prior disclosures of vulnerabilities by Qlik, many organisations remain at risk due to unpatched systems.…

Read more →

  The cybersecurity landscape has shifted dramatically in recent years. Malware, phishing attempts, and data breaches have grown in frequency and scope, prompting organisations to invest more time and money into enhancing their cybersecurity strategies. Organisations should be aware of…

Read more →

  Japanese police has initiated a unique strategy involving the placement of counterfeit payment cards in convenience stores to safeguard elderly individuals from tech support scams and unpaid money fraud. These fake cards, labeled as “Virus Trojan Horse Removal Payment…

Read more →

Apple IDs serve as the gateway to our digital ecosystem. They unlock access to our beloved photos, messages, apps, and more. But what happens when that gateway suddenly slams shut, leaving us confused outside?  Recently, Apple users have been struggling…

Read more →

  A web browser on users’ Android phones may collect data, such as cookies and cache, that can be useful, but can also be unwanted and may pose a security risk to their privacy. It is recommended that users clear…

Read more →

  The Glendale Unified School District recently found itself at the center of a distressing situation when teachers, nurses, counsellors, and other faculty members received an unexpected notification from the IRS: their taxes had already been filed. What unfolded was…

Read more →

The digital society we live in has made it abundantly clear that being cautious about online activities goes beyond avoiding suspicious links. Recent findings by cybersecurity researchers have surfaced a new ransomware threat that exploits web browsers, potentially putting users’…

Read more →

  Many organizations remain dangerously vulnerable to the Cactus ransomware group, despite security researchers warning of the threat five months ago. The Cactus ransomware group exploits three vulnerabilities in QlikSense’s data analytics and business intelligence platform. Two vulnerabilities were released…

Read more →

  Researchers successfully seized control of a command and control (C2) server linked to a variant of the PlugX malware, effectively halting its malicious operations. Over the span of six months, more than 2.5 million connections were logged from diverse…

Read more →

  Elon Musk’s aerospace manufacturing and space transport services firm, SpaceX, is believed to have experienced a cybersecurity incident involving a data breach with Hunters International, an infamous hacker group that allegedly released samples of the SpaceX data breach. The…

Read more →

Cybersecurity is always evolving and demands ongoing awareness Every day, Microsoft analyzes over 78 trillion security signals to gain a deeper understanding of the current threat pathways and methodologies. Since last year, we’ve seen a shift in how threat actors…

Read more →

  Phishing attacks have long been a significant threat in the cybersecurity landscape, but as technology evolves, so do the tactics employed by cybercriminals. The latest insights from the Egress Phishing Threat Trends Report shed light on the sophistication and…

Read more →

  The North Korean hacker group Lazarus has once again made headlines, this time for exploiting LinkedIn in their cyber operations. According to a report by blockchain security analytics firm SlowMist, Lazarus hackers are leveraging the professional networking platform to…

Read more →