Ticketmaster and other organisations’ Snowflake accounts were said to have been accessed by a ShinyHunters hacker via a breach of software engineering firm EPAM Systems, validating a Mandiant report attributing some of the intrusions to third-party contractor hacks, Wired…
Category: CySecurity News – Latest Information Security and Hacking Incidents
Could Brain-Like Computers Be a Game Changer in the Tech Industry?
Modern computing’s demand for electricity is growing at an alarming pace. By 2026, energy consumption by data centers, artificial intelligence (AI), and cryptocurrency could potentially double compared to 2022 levels, according to a report from the International Energy Agency…
When Legit Downloads Go Rogue: The Oyster Backdoor Story
Researchers from Rapid7 recently uncovered a sophisticated malvertising campaign that exploits unsuspecting users searching for popular software downloads. This campaign specifically targets users seeking legitimate applications like Google Chrome and Microsoft Teams, leveraging fake software installers to distribute the Oyster…
Hill Briefing on Encryption Canceled Suddenly by FBI
Based on emails reviewed by POLITICO, the FBI abruptly cancelled two large Hill briefings scheduled for this week about encryption, without telling staffers who were invited. A two-day virtual briefing on “warrant-proof encryption” was scheduled for congressional staff last…
Inside the Velvet Ant’s Web: F5 BIG-IP Vulnerabilities Exposed
Cybersecurity threats have evolved beyond traditional attack vectors. One such sophisticated campaign involves the exploitation of F5 BIG-IP appliances by a group known as ‘Velvet Ant.’ In this blog post, we delve into the details of this stealthy data theft…
AI Technique Combines Programming and Language
Researchers from MIT and several other institutions have introduced an innovative technique that enhances the problem-solving capabilities of large language models by integrating programming and natural language. This new method, termed natural language embedded programs (NLEPs), significantly improves the…
China-Linked Hackers Breach East Asian Firm for 3 Years via F5 Devices
The suspected China-based cyber espionage actor has been attributed with a prolonged cyber espionage attack that lasted approximately three years against an unnamed organization based in East Asia, in which the adversary allegedly established persistence using legacy F5 BIG-IP…
New ARM ‘TIKTAG’ Attack Affects Google Chrome and Linux Systems
A newly identified speculative execution attack named “TIKTAG” exploits ARM’s Memory Tagging Extension (MTE) to leak data with a success rate exceeding 95%, allowing hackers to circumvent this security feature. This discovery was detailed in a paper by researchers…
Notorious Cyber Gang UNC3944 Shifts Focus to SaaS Apps vSphere and Azure
The notorious cyber gang UNC3944, which is suspected of involvement in the recent attacks on Snowflake and MGM Entertainment, among other things, has modified its methods and is now targeting SaaS apps. According to Google Cloud’s Mandiant threat intelligence…
Securing Sensitive Data: Lessons from Keytronic’s Recent Breach
Keytronic, a prominent printed circuit board assembly (PCBA) manufacturer, recently confirmed a significant data breach. The breach occurred after the Black Basta ransomware gang leaked over 500GB of the company’s stolen data. In this blog post, we delve into the…