The Transportation Security Administration recently unveiled a proposed rule that would permanently codify cybersecurity reporting requirements in certain segments of U.S. transportation, including pipelines and railroads. This change is set to be permanent after the agency introduced temporary reporting requirements…
Tag: CySecurity News – Latest Information Security and Hacking Incidents
Chrome Extensions Continue to Pose a Threat, Even With Google’s Manifest V3
Users have always found browser extensions to be a useful tool for increasing productivity and streamlining tasks. They have, however, become a prime target for malicious actors attempting to exploit flaws, impacting both individual users and companies. Despite efforts…
Texas Oilfield Supplier Operations Impacted by Ransomware Incident
About two months before the Newpark Resources attack, oilfield services giant Halliburton had been afflicted with a cyberattack that it then disclosed in a regulatory filing, which occurred about two months earlier. Last week, Halliburton, the world’s largest energy…
WHO and Global Leaders Warn Against Rise of Ransomware Attacks Targeting Hospitals
On November 8, the World Health Organization (WHO) joined over 50 countries in issuing an urgent warning at the United Nations about the increase in ransomware attacks on healthcare systems worldwide. WHO Director-General Tedros Adhanom Ghebreyesus addressed the UN…
Critical Security Flaw in SEIKO EPSON Devices Allows Unauthorized Access
A recent security vulnerability identified as CVE-2024-47295 poses a serious risk for several SEIKO EPSON devices, potentially granting attackers administrative control. This vulnerability stems from a weak initial password setup within SEIKO EPSON’s Web Config software, which manages network…
North Korean Hackers Employ macOS Malware to Target Crypto Firms
BlueNoroff, a North Korean threat actor, has been attacking crypto firms with a new multistage malware for macOS systems. According to the researchers, the campaign is known as Hidden Risk, and it lures victims with emails that include fake…
Global Companies Targeted by “CopyR(ight)hadamantys” Phishing Scam Using Advanced Infostealer Malware
Hundreds of organizations worldwide have recently fallen victim to a sophisticated spear-phishing campaign, where emails falsely claiming copyright infringement are used to deliver an advanced infostealer malware. Since July, Check Point Research has tracked the distribution of these emails…
Supreme Court Weighs Shareholder Lawsuit Against Meta Over Data Disclosure
The U.S. Supreme Court is deliberating on a high-stakes shareholder lawsuit involving Meta (formerly Facebook), where investors claim the tech giant misled them by omitting crucial data breach information from its risk disclosures. The case, Facebook v. Amalgamated Bank,…
Browser Warning: Fake Websites Steal Millions from Users
Cyber scammers give new warnings as they do not stop scamming unsuspecting web shoppers through a new phishing campaign posing to be online stores. Many of these fake stores Google has removed from its search results, but links remain…
Veeam RCE Bug Now a Target for Frag Ransomware Operators
Recently, a critical VBR (Veeam Backup & Replication) security flaw was exploited by cyber thieves to distribute Frag ransomware along with the Akira and Fog ransomware attacks. Florian Hauser, a security researcher with Code White, has discovered that the…