Category: CySecurity News – Latest Information Security and Hacking Incidents

Positive trend: AI and vulnerability management We are in a fast-paced industry, and with the rise of technological developments each day, the chances of cyber attacks always arise. Hence, defense against such attacks and cybersecurity becomes paramount.  The latest research into…

Read more →

  A recent zero-day vulnerability in Telegram for Android, dubbed ‘EvilVideo,’ has been exploited by attackers to send malicious Android APK payloads disguised as video files. This significant security flaw was first brought to light when a threat actor named…

Read more →

  In a surprising announcement, Google confirmed that it will not be eliminating tracking cookies in Chrome, impacting the browsing experience of 3 billion users. The decision came as a shock as the company struggled to find a balance between…

Read more →

  Last Friday, a glitch in the tech firm led to a global disruption impacting cross-sector activities. Hospitals, health clinics, and banks were impacted; airlines grounded their planes; broadcasting firms were unable to broadcast (Sky News went off the air);…

Read more →

  A leading Enterprise Resource Planning (ERP) company based in Mexico inadvertently left an unsecured database online, exposing sensitive information on hundreds of thousands of users. This was discovered by cybersecurity researcher Jeremiah Fowler, who reported his findings to Website…

Read more →

  It has been reported that the computer system at the largest trial court in this country has been infected by ransomware, causing the system to crash. Superior Court officials said they were investigating the incident. As soon as the court…

Read more →

  As artificial intelligence (AI) advances, it accelerates code development at a pace that cybersecurity teams struggle to match. A recent survey by Seemplicity, which included 300 US cybersecurity professionals, highlights this growing concern. The survey delves into key topics…

Read more →

  Two vulnerabilities have been identified by Palo Alto Networks researchers (CVE-2023-46229 and CVE-2023-44467) that exist in LangChain, an open-source computing framework for generative artificial intelligence that is available on GitHub. The vulnerabilities that affect various products are CVE-2023-46229. It…

Read more →

  Play ransomware is the latest ransomware gang to launch a specific Linux locker for encrypting VMware ESXi virtual machines. Trend Micro, whose analysts discovered the new ransomware variation, claims the locker is designed to verify whether it is operating…

Read more →

  With India advancing in the digital landscape, the country is also witnessing a concerning rise in online scams. In recent months, thousands of individuals have lost substantial sums to these cyber criminals, either hoping to earn more money or…

Read more →

  A recent incident involving a faulty software update has underscored the significant risks associated with system updates and the potential vulnerabilities in critical infrastructure. This incident, which caused a widespread shutdown of essential services, serves as a stark reminder…

Read more →

Google no longer intends to remove support for third-party cookies, which are used by the advertising industry to follow users and target them with ads based on their online activity. Google’s Plan to Drop Third-Party Cookies in Chrome Crumbles In…

Read more →

  The Superior Court of Los Angeles County experienced a notable disruption early on July 19 when a ransomware attack forced the court to disable its network systems. This prompt action was taken to prevent any additional damage from occurring.…

Read more →

According to a Symantec investigation, the prolific Chinese espionage outfit Daggerfly (also known as Evasive Panda and Bronze Highland) has considerably modified its malware toolset, enhancing its ability to target the majority of key operating systems. The most recent advancements…

Read more →

  Canada’s oil and gas sector, a vital part of its economy, contributes approximately $120 billion, or about 5% of the country’s Gross Domestic Product (GDP). This industry not only drives economic growth but also supports essential services such as…

Read more →

  French authorities’ plans to employ artificial intelligence to scan the thousands of athletes, coaches and spectators descending on Paris for the Olympics is a form of creeping surveillance, rights groups said.  In recent months, authorities have tested artificial intelligence…

Read more →

  In cybersecurity, SMS phishing is intercepting a user’s text message through a mobile device. Phishing refers to a scam whereby victims are tricked into providing sensitive information to an attacker disguised as someone they trust. To carry out SMS…

Read more →

  In a significant move to combat rising cyber threats, the U.S. government has intensified its use of sanctions against cybercriminals. This escalation comes in response to an increasing number of ransomware attacks and other cybercrimes targeting American infrastructure, businesses,…

Read more →

  The Internal Revenue Service (IRS) has issued an urgent warning to car dealers and sellers across the United States, highlighting a surge in sophisticated phishing and smishing scams targeting the automotive industry. These cyber threats pose a significant risk…

Read more →

  Italy’s competition and consumer watchdog has launched an investigation into Google’s methods for obtaining user consent to link activity across its various services for ad profiling, suspecting the tech giant of “unfair commercial practices.” The focus is on how…

Read more →

  Insikt Group’s research reveals that OilAlpha, a suspected pro-Houthi entity, continues to target humanitarian and human rights organisations in Yemen. They deploy malicious Android applications to steal credentials and gather intelligence, with the ability to control aid distribution.  Notable…

Read more →

  In an unprecedented event, a single update from anti-virus company CrowdStrike caused global havoc, affecting millions of Windows computers. This incident, described as the largest outage ever, disrupted numerous services and companies worldwide. As reports of the “Blue Screen…

Read more →

  One data breach has led to the exposure of several personal and medical data about 12.9 million people who have become victims of cybercrime. Several customers of MediSecure, one of Australia’s leading healthcare providers, have been affected by the…

Read more →

China’s New Law Expands State Surveillance, Raises Global Concerns China has enacted new restrictions under its Counter-espionage Law, shocking the international world and raising severe concerns about privacy and human rights. These guidelines, which went into effect on July 1,…

Read more →

  The cause of the recent flight cancellations by Finnair planes flying into Estonia did not have anything to do with mechanical failures or bad weather the cause was the GPS signal not being received by the aircraft. To prevent…

Read more →

  In a shocking revelation, MediSecure, an eprescription provider, has confirmed that approximately 12.9 million Australians have been affected by a cyberattack that occurred in April. This incident has surpassed previous notable breaches, including the Optus and Medibank data breaches…

Read more →

  In the wake of a significant cyberattack, WazirX, one of India’s foremost cryptocurrency exchanges, has taken drastic measures to mitigate the damage. The exchange announced a halt in trading and introduced a bounty program aimed at recovering stolen assets.…

Read more →

  The healthcare industry faces challenges in keeping up with the rapidly evolving healthcare cybersecurity landscape. This is due in part to CISOs failing to take use of dark web intelligence, which leaves the industry with a weaker cyber posture…

Read more →

According to a new analysis from cybersecurity firm Sophos, ransomware attacks are hitting the energy and oil and gas sectors harder, costing utilities more in recovery time and money as victims appear to be more inclined to pay ransom demands.…

Read more →

  A major IT outage has affected a wide array of global institutions, including hospitals, major banks, media outlets, and airlines. The disruption has hindered their ability to offer services, causing widespread inconvenience and operational challenges. International airports across India,…

Read more →

  The possibility of cyber attacks is a major issue, with the global average cost of a data breach expected to reach $4.45 million in 2023, a 15% increase over the previous three years, according to an IBM analysis. This…

Read more →

  Several telemarketing entities, notably V-Con Intelligent Security and OneXtel Media, have been suspended by the Department of Telecommunications (DoT) for disseminating malicious messages through their services. According to a report by the Economic Times (ET), these two telemarketers alone…

Read more →

  A recent update from the anti-virus firm Crowdstrike has led to a global outage affecting millions of Windows users. The incident is being termed one of the most extensive outages ever, impacting numerous services and companies worldwide. Crowdstrike, a…

Read more →

  Only a few times in history has a single piece of code instantly wreaked havoc on computer systems globally. Examples include the Slammer worm of 2003, Russia’s NotPetya cyberattack targeting Ukraine, and North Korea’s WannaCry ransomware. However, the recent…

Read more →

  Cambodian payments company received crypto worth over US$150,000 from a digital wallet employed by North Korean hacking group Lazarus, blockchain data shows, a glimpse of how the criminal outfit has laundered funds in Southeast Asia.  Huione Pay, based in…

Read more →

A $2.3 Billion Lesson The recent ransomware attack on UnitedHealth Group serves as a stark reminder of the vulnerabilities that even the largest corporations face. The attack, which has resulted in costs soaring to at least $2.3 billion, underscores the…

Read more →

  Passwords have been a fundamental aspect of digital security for years, but they come with significant drawbacks. They are not only a hassle to remember but also vulnerable to various hacking techniques. Passkeys have emerged as a robust alternative,…

Read more →

  The notorious FIN7 hacking group has been identified selling a custom tool called “AvNeutralizer,” designed to bypass detection by disabling enterprise endpoint protection software on corporate networks. Believed to be a Russian hacking group active since 2013, FIN7 initially…

Read more →

  During the next five years, Germany will phase out components made by Chinese companies Huawei and ZTE from its 5G wireless network. This will likely worsen its already strained ties with the second-largest economy in the world, which may…

Read more →

  In a major development, the HUMAN Satori Threat Intelligence and Research Team has successfully dismantled a vast mobile advertising fraud operation known as “Konfety.” This scheme, which generated billions of fake ad requests each day, was designed to deceive…

Read more →

Pinterest, the popular image-sharing platform with over 518 million monthly active users, faces a potential data leak that could affect millions of users. A hacker known as “Tchao1337” has allegedly leaked a database containing 60 million rows of Pinterest user…

Read more →

  SEXi ransomware group and its affiliates, which have been involved in a series of cyber-attacks that began in February of this year against several organizations, have been operating under the name “APT Inc.” since June of this year. To…

Read more →

  SentinelOne researchers warn that the financially motivated group FIN7 is utilising various pseudonyms to promote a security evasion tool on several criminal underground forums. FIN7 created a tool called AvNeutralizer (also known as AuKill) that can circumvent safety measures.…

Read more →

  A highly technical Android malware campaign orchestrated by Vietnamese hackers is currently targeting Indian users via fake traffic e-challan messages on WhatsApp. Researchers from CloudSEK, a cybersecurity firm, have identified this malware as part of the Wromba family. So…

Read more →

  In a recent cybersecurity incident, Ascension, a major health system, has disclosed that cybercriminals stole files potentially containing personal information. This comes about a month after Ascension initially reported falling victim to a ransomware attack. Ascension revealed that the…

Read more →

The Rising Cost of Ransomware Attacks on Critical Infrastructure The costs of ransomware attacks on critical national infrastructure (CNI) firms have soared over the last year. According to Sophos‘ newest numbers, which were revealed today, the typical ransom payment increased…

Read more →

  A recent cyberattack has compromised sensitive patient data in Leicestershire, affecting several healthcare practices across the region. The breach, which targeted electronic patient records, has led to significant concerns over privacy and the potential misuse of personal information. Those…

Read more →

  We’ve all been there: stranded in a coffee shop with a dropping phone battery and no connector, only to find a free USB charging station nearby. Relieved, you plug in your device and go about your business, unaware that…

Read more →

  Cyber-security breaches are becoming more and more prevalent and this is causing a lot of concerns amongst the public. The report by Semafor claims that some 10 billion (1,000 crore) passwords have been leaked from a hacking forum online…

Read more →

  An activist hacking group has alleged that it leaked a substantial amount of Disney’s internal communications, including details about unreleased projects, raw images, computer code, and some login credentials. The group, known as Nullbulge, has claimed responsibility for the…

Read more →

Imagine if someone told you in the early 2000s that entire industries would run almost by themselves, thanks to a network of connected devices. Today, this is no longer science fiction but our reality, thanks to the Internet of Things…

Read more →

  Hackers are increasingly targeting individuals to steal cryptocurrency, access bank accounts, or engage in stalking. Although these attacks are relatively rare, it’s crucial to know how to protect yourself if you suspect someone has accessed your email or social…

Read more →

  Marking its 75th anniversary at a summit in Washington DC this week, the North Atlantic Treaty Organization (NATO) focused on Ukraine while emphasizing the importance of new technologies and start-ups to adapt to modern security threats. In its Washington…

Read more →

  The big large Indian wedding is all about making memories that will last a lifetime. Weddings of a significant size can budget anywhere between Rs 15 lakh and Rs 50 lakh specifically for photographs and videos that capture every…

Read more →

  It has been shown that threat actors are swift in weaponizing available proof-of-concept (PoC) exploits in real attacks, often within 22 minutes of publicly releasing these exploits. In that regard, Cloudflare has published its annual Application Security report for…

Read more →

  A disturbing new hacker subscription service has emerged, offering access to 600,000 stolen bank card details for a fee of just £120. This service, identified by cybersecurity researchers from Flare, is named “Breaking Security” and allows its subscribers to…

Read more →

The Battlefield: Cloud Computing Cloud computing has become an integral part of modern military operations. The IDF relies heavily on cloud-based systems from troop management to logistics, communication, and intelligence gathering. These systems allow for flexibility, scalability, and efficient resource…

Read more →

In our increasingly digital world, cybersecurity is a growing concern for everyone— from businesses and governments to everyday individuals. As technology advances, it opens up exciting possibilities and creates new, sophisticated cyber threats. Recent high-profile attacks, like those on Ascension…

Read more →

  AT&T reportedly paid a hacker more than $370,000 to remove stolen customer data. In an extraordinary turn of events, the ransom may not have gone to those responsible for the breach. Last Friday, AT&T disclosed that an April data…

Read more →

  Telecom giant AT&T recently disclosed a massive data breach affecting nearly all of its approximately 110 million customers. If you were a customer between May 2022 and January 2023, there is a high chance your data, including call and…

Read more →

  It is a widespread practice among subscription sites to manipulate customers’ behaviour around subscriptions and personal data to influence their decisions, according to a new report by two international consumer protection organizations. It is defined as the practice of…

Read more →

  When it comes to cybercrime, getting into a system is only half the battle; the real challenge is extracting the stolen data without being detected. Companies often focus on preventing unauthorised access, but they must also ensure that data…

Read more →

  In a recent statement, a member of the RBI’s board of governors has urged banks to step up efforts against mule accounts. According to Piyush Shukla, money mules in India do much more than move money. A MULE ACCOUNT…

Read more →

  Scientists at the Raman Research Institute have achieved a significant breakthrough in cybersecurity by developing a novel method for generating truly unpredictable random numbers. This development is essential for strengthening encryption in quantum communications, addressing one of the most…

Read more →

Many customers are captivated by Gen AI, employing new technologies for a variety of personal and corporate purposes.  However, many people ignore the serious privacy implications. Is Generative AI all sunshine and rainbows? Consumer AI products, such as OpenAI’s ChatGPT,…

Read more →

  Phishing campaigns have always been a threat, but a new toolkit called FishXProxy is making it alarmingly easy for even inexperienced cybercriminals to carry out sophisticated scams.  SlashNext Email Security researchers have disclosed exclusive details about FishXProxy, a new…

Read more →

  Microsoft recently began notifying some customers via email about a potential data breach that might have compromised their personal information. However, the company’s approach has faced heavy criticism, with many saying the emails resembled spam or phishing attempts. Cybersecurity…

Read more →

  A data breach at the phone surveillance operation mSpy has compromised the personal information of millions of customers who purchased access to the phone spyware app over the past decade, as well as the Ukrainian company behind it. In…

Read more →

Virtual Private Networks (VPNs) are important tools for online privacy, but they’re often misunderstood. Here, we clear up the top five myths to help you understand what VPNs can and can’t do for your digital security. Myth 1: All VPNs…

Read more →

  On July 10, two individuals in India received alarming notifications from Apple, Inc. on their iPhones, indicating they were targeted by a “mercenary” attack. This type of spyware allows attackers to infiltrate personal devices, granting access to messages, photos,…

Read more →

Threat actors wielding the Akira ransomware demonstrated unprecedented efficiency in a recent cyber attack that sent shockwaves through the cybersecurity community.  Their lightning-fast data exfiltration took just over two hours, representing a dramatic shift in the average time it takes…

Read more →

  Hackers accessed AT&T’s data storage platform in April, stealing metadata from “nearly all” call records and messages sent by users over a six-month period in 2022. AT&T filed paperwork with the Securities and Exchange Commission (SEC) on Friday, stating…

Read more →

  An Arkansas-based financial services organization confirmed the incident on July 1 shortly after the ransomware gang published data it claimed had been stolen during the attack and published it on its website. According to the company, there was no…

Read more →

  Researchers have found new advancements in the ViperSoftX info-stealing malware, which was first discovered in 2020. This malware has become more sophisticated, using advanced techniques to avoid detection. One of its new methods is using the Common Language Runtime…

Read more →

  One of the key findings of a Chinese expert on information security is the authenticity of recent documents that leaked information on the F-35 fighter jet and sensitive US weapons. According to the expert, the documents appear authentic. Ivan…

Read more →

  Dubai Customs has recently unveiled a new blockchain platform aimed at streamlining commercial activities in the region, reinforcing its status as a technology-forward market. This initiative seeks to address and overcome obstacles hindering entrepreneurship in Dubai by leveraging blockchain…

Read more →

Since 2019, surveillance equipment deployed by a Yemeni Shia Islamist organization’s partners has been used to target troops throughout the Middle East, according to a new study. Surveillanceware Targeting Middle Eastern Militaries A Houthi-aligned threat actor utilized GuardZoo malware to…

Read more →

  Nowadays, everyone is talking about artificial intelligence (AI). Governments view AI as both an opportunity and a challenge. Industries are excited about AI’s potential to boost productivity, while academia is actively incorporating AI into teaching and research. However, the…

Read more →

  England football fans have been urged to be wary of a ‘quishing’ scam as they gather in pubs to watch the Euro 2024 final against Spain. The duping phenomenon has the potential to be devastating for victims, and it…

Read more →

  At a recent EU meeting in Luxembourg, Poland supported a European Commission proposal to shorten the time new drugs are protected by data exclusivity rules. Health Minister Izabela Leszczyna said Poland prefers one year of market protection over longer…

Read more →

  It has been around two decades since Singapore started issuing one-time passwords (OTPs) to users to aid them in logging into bank accounts. However, the city-state is planning to ditch this method of authentication shortly. Over the next three…

Read more →

  A joint government advisory claims that APT40, a Chinese state-sponsored actor, is focusing on recently discovered software vulnerabilities in an attempt to exploit them in a matter of hours. The advisory, authored by the Cybersecurity and Infrastructure Security Agency,…

Read more →

DoNex Ransomware Encryption: Flaw in Cryptographic Schema Experts uncovered a critical flaw in the encryption schema of the DoNex ransomware, including all variations and predecessors. Since March 2024, they’ve worked with law enforcement to give a decryptor to affected DoNex…

Read more →

  Over the last year, a steady decline in premium rates has made cyber-insurance coverage more accessible and affordable for organizations of all sizes. The primary driver behind this decrease is the increasingly competitive marketplace, with more insurance companies offering…

Read more →

  The recent cyberattack on Ivanti’s VPN software has prompted swift action from the Cybersecurity and Infrastructure Security Agency (CISA). This incident not only highlights the need for stronger cybersecurity measures but also raises important questions about exploit techniques, organizational…

Read more →

  Midnight Blizzard, a Russian nation-state hacker gang, breached Microsoft’s security last year, gaining access to the emails of multiple customers. In late June, Microsoft revealed that more organisations were affected than previously assumed. However, the company’s attempts to notify…

Read more →

  A ransomware attack on Bay-area Patelco Credit Union has disrupted banking services for nearly half a million members, and the outage could persist for weeks. The credit union announced the attack on June 29 via Twitter. The affected services…

Read more →

  According to researchers at MIT, a Yemeni hacking group has been eavesdropping on the phone calls of military personnel in the Middle East, the latest example of mobile surveillance becoming prevalent in conflicts around the world as a result…

Read more →

The OpenAI Data Breach: A Wake-Up Call for Seed VCs Security breaches are common in the current industry of artificial intelligence (AI) and machine learning (ML). However, when a prominent player like OpenAI falls victim to such an incident, it…

Read more →

  A significant security warning has emerged for WhatsApp and Signal users this week, urging them to consider deleting their apps, particularly on MacOS. The issue, primarily affecting Apple users leveraging multi-device functionality, highlights severe vulnerabilities in the MacOS versions…

Read more →

  A newly identified ransomware group named Volcano Demon is using aggressive tactics to compel victims to pay ransoms. Halycon, an anti-ransomware firm, recently reported that this group has targeted several organisations in the past weeks with a new encryption…

Read more →

  A leading cybersecurity expert has warned that the NHS remains at risk of further cyber-attacks unless it updates its computer systems. This stark warning follows a significant ransomware attack that severely disrupted healthcare services across London.  Prof Ciaran Martin,…

Read more →

  Fraudsters seem to be perpetually ahead of the curve. Early in 2022, research indicated that one in four online accounts was fraudulent, a figure that has only escalated since. In the auto lending sector alone, losses amounted to $7.9…

Read more →

  Europol has proposed solutions to address some of the challenges posed by privacy-enhancing technologies found in Home Routing, which pose a challenge for law enforcement agencies in intercepting communications during criminal investigations as a result of these technologies. There…

Read more →

  Cybersecurity agencies from Australia, Canada, Germany, Japan, New Zealand, South Korea, the United Kingdom, and the United States have issued a joint advisory about APT40, a China-linked cyber espionage group, warning regarding its ability to co-opt exploits for newly…

Read more →

  In the face of emerging quantum computing threats, traditional encryption methods are becoming increasingly vulnerable. This has spurred the development of quantum key distribution (QKD), a technology that uses the principles of quantum mechanics to secure data transmission. While…

Read more →

In recent months, cybersecurity researchers have detected a surge in the exploitation of a critical vulnerability known as CVE-2024-21412. This vulnerability specifically targets Microsoft SmartScreen, a security feature designed to protect users from malicious websites and downloads.  In this blog…

Read more →

The ACCC (Australian Competition and Consumer Commission) has cautioned that scammers are approaching victims with false offers to assist them in recovering from scams.  Scammers and Fake Recovery Offers The National Anti-Scam Centre warns Australians who have had their money…

Read more →

  A ransomware attack on Patelco Credit Union in the Bay Area has disrupted banking services for nearly half a million members, with the outage potentially lasting for weeks. The credit union announced the attack on June 29 through Twitter.…

Read more →

  As of July 1, Oregonians have gained significant new consumer privacy rights under the Oregon Consumer Privacy Act (OCPA). This law, enacted in July 2023 but now in effect, results from four years of work by the Attorney General’s…

Read more →