The latest phishing attacks involve users being victimised in private information scams through the use of Microsoft Visio files. According to a security firm called Perception Point, the trick mainly involves using the .vsdx file extension, used for business…
Category: CySecurity News – Latest Information Security and Hacking Incidents
Hot Topic Data Breach Exposes Private Data of 57 Million Users
Have I Been Pwned warns that an alleged data breach compromised the private data of 56,904,909 Hot Topic, Box Lunch, and Torrid users. Hot Topic is an American retail franchise that specialises in counterculture-themed clothes, accessories, and licensed music…
Addressing AI Risks: Best Practices for Proactive Crisis Management
An essential element of effective crisis management is preparing for both visible and hidden risks. A recent report by Riskonnect, a risk management software provider, warns that companies often overlook the potential threats associated with AI. Although AI offers…
Volt Typhoon rebuilds malware botnet following FBI disruption
There has recently been a rise in the botnet activity created by the Chinese threat group Volt Typhoon, which leverages similar techniques and infrastructure as those previously created by the group. SecurityScorecard reports that the botnet has recently made…
New TSA Rules to Boost Cybersecurity in Transport
The Transportation Security Administration recently unveiled a proposed rule that would permanently codify cybersecurity reporting requirements in certain segments of U.S. transportation, including pipelines and railroads. This change is set to be permanent after the agency introduced temporary reporting requirements…
Chrome Extensions Continue to Pose a Threat, Even With Google’s Manifest V3
Users have always found browser extensions to be a useful tool for increasing productivity and streamlining tasks. They have, however, become a prime target for malicious actors attempting to exploit flaws, impacting both individual users and companies. Despite efforts…
Texas Oilfield Supplier Operations Impacted by Ransomware Incident
About two months before the Newpark Resources attack, oilfield services giant Halliburton had been afflicted with a cyberattack that it then disclosed in a regulatory filing, which occurred about two months earlier. Last week, Halliburton, the world’s largest energy…
WHO and Global Leaders Warn Against Rise of Ransomware Attacks Targeting Hospitals
On November 8, the World Health Organization (WHO) joined over 50 countries in issuing an urgent warning at the United Nations about the increase in ransomware attacks on healthcare systems worldwide. WHO Director-General Tedros Adhanom Ghebreyesus addressed the UN…
Critical Security Flaw in SEIKO EPSON Devices Allows Unauthorized Access
A recent security vulnerability identified as CVE-2024-47295 poses a serious risk for several SEIKO EPSON devices, potentially granting attackers administrative control. This vulnerability stems from a weak initial password setup within SEIKO EPSON’s Web Config software, which manages network…
North Korean Hackers Employ macOS Malware to Target Crypto Firms
BlueNoroff, a North Korean threat actor, has been attacking crypto firms with a new multistage malware for macOS systems. According to the researchers, the campaign is known as Hidden Risk, and it lures victims with emails that include fake…