On-demand moving and delivery platform Dolly.com allegedly paid a ransom but crooks found an excuse not to hold their end of the bargain. Cybercriminals are hardly a trustworthy bunch. Case in point: Dolly.com. The Cybernews research team believes that the…
Tag: Security Affairs
DDoS attack leads to significant disruption in ChatGPT services
OpenAI confirmed that the outage suffered by ChatGPT and its API on Wednesday was caused by a distributed denial-of-service (DDoS) attack. OpenAI confirmed earlier today that the outage suffered by ChatGPT and its API on Wednesday was caused by a distributed…
Russian Sandworm disrupts power in Ukraine with a new OT attack
Mandiant reported that Russia-linked Sandworm APT used a novel OT attack to cause power outages during mass missile strikes on Ukraine. Mandiant researchers reported that Russia-linked APT group Sandworm employed new operational technology (OT) attacks that caused power outages while…
CISA adds SLP flaw to its Known Exploited Vulnerabilities catalog
US CISA added the vulnerability CVE-2023-29552 in the Service Location Protocol (SLP) to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability CVE-2023-29552 (CVSS score: 7.5) in the Service Location Protocol (SLP) to its Known Exploited Vulnerabilities catalog.…
The largest Russian bank Sberbank hit by a massive DDoS attack
The largest and oldest bank in Russia Sberbank faced the record-breaking DDoS attack that reached 1 million RPS. Sberbank , the Russian banking and financial services giant, announced that it was recently hit by a record-breaking distributed denial of service…
Sumo Logic discloses security breach and recommends customers rotate credentials
Security firm Sumo Logic disclosed a security breach after discovering the compromise of its AWS account compromised last week. Sumo Logic is a cybersecurity company that specializes in cloud-based log management and analytics. The company disclosed a security breach after…
FBI: Ransomware actors abuse third parties and legitimate system tools for initial access
The FBI published a PIN alert warning of ransomware operators compromising third-party vendors and services for initial access to target environments. The Federal Bureau of Investigation (FBI) published a Private Industry Notification (PIN) to warn of ransomware initial access trends…
Five Canadian Hospitals impacted by a ransomware attack on TransForm provider
Five Canadian hospitals were victims of a ransomware attack, threat actors claim to have stolen data from them and leaked them. Five Canadian hospitals revealed they were victims of ransomware attacks after threat actors leaked alleged stolen data. The impacted…
Royal Mail jeopardizes users with open redirect flaw
Royal Mail has left an open redirect vulnerability on one of its sites, exposing its customers to phishing attacks and malware infections. The centuries-old Royal Mail is the largest courier company in the UK, boasting twice the market share of…
North Korea-linked APT BlueNoroff used new macOS malware ObjCShellz
The North Korea-linked APT BlueNoroff used a new strain of macOS malware strain dubbed ObjCShellz, Jamf Threat Labs reported. Researchers from Jamf Threat Labs discovered a new macOS malware strain dubbed ObjCShellz and attributed it to North Korea-linked APT BlueNoroff. The experts…