Tag: CySecurity News – Latest Information Security and Hacking Incidents

Amazon Employee Data Leaked in MOVEit Attack Fallout

  Amazon has confirmed that some employee data was accessed last year, presumably as part of the huge MOVEit hacking campaign. A hacker recently revealed on the BreachForums cybercrime forum that they had stolen Amazon employee information, such as names,…

Reimagining Healthcare with Synthetic Data

  It has been espoused in the generative AI phenomenon that the technology’s key uses would include providing personalized shopping experiences for customers and creating content. Nonetheless, generative AI can also be seen to be having a very real impact…

New TSA Rules to Boost Cybersecurity in Transport

The Transportation Security Administration recently unveiled a proposed rule that would permanently codify cybersecurity reporting requirements in certain segments of U.S. transportation, including pipelines and railroads. This change is set to be permanent after the agency introduced temporary reporting requirements…

Veeam RCE Bug Now a Target for Frag Ransomware Operators

  Recently, a critical VBR (Veeam Backup & Replication) security flaw was exploited by cyber thieves to distribute Frag ransomware along with the Akira and Fog ransomware attacks. Florian Hauser, a security researcher with Code White, has discovered that the…

Hacker Claims to Publish Nokia Source Code

  The Finnish telecoms equipment firm Nokia is looking into the suspected release of source code material on a criminal hacking site. See also: Gartner Market Guide for DFIR Retainer Services. An attacker going by the handle “IntelBroker,” who is…

FBI Cautioned Gmail Users Regarding Cookie Theft

  The FBI has warned users of popular email providers such as Gmail, Outlook, Yahoo, and AOL regarding a surge in online criminal activity that compromises email accounts, including those secured by multifactor authentication (MFA).  Online criminals lure people into…

Digital Arrest: How Even The Educated Become Victims

One of the most alarming trends in recent times is the surge in digital arrest scams, particularly in India. These scams involve cybercriminals impersonating law enforcement officials to extort money from unsuspecting victims.  Cybersecurity threats are rapidly escalating in India,…

The Growing Concern Regarding Privacy in Connected Cars

  Data collection and use raise serious privacy concerns, even though they can improve driving safety, efficiency, and the whole experience. The automotive industry’s ability to collect, analyse, and exchange such data outpaces the legislative frameworks intended to protect individuals.…

Gmail Under Attack: Secure a Backup Account

  Having access to a Gmail account in the present world is rather dangerous because hackers create new ways of penetrating the account, even if it at times employs a 2FA security feature. While methods like passkey sign-ins and secure…

LightSpy Update Expands Surveillance on iOS Devices

  It has been discovered that a newer version of LightSpy spyware, commonly used to target iOS devices, has been enhanced with the capability to compromise the security and stability of the device. LightSpy for macOS was first discovered by…

Advanced Persistent Teenagers: A Rising Security Threat

  If you ask some of the field’s top cybersecurity executives what their biggest concerns are, you might not expect bored teenagers to come up. However, in recent years, this totally new generation of money-motivated hackers has carried out some…

Securing Generative AI: Tackling Unique Risks and Challenges

  Generative AI has introduced a new wave of technological innovation, but it also brings a set of unique challenges and risks. According to Phil Venables, Chief Information Security Officer of Google Cloud, addressing these risks requires expanding traditional cybersecurity…

Cybersecurity Beyond Phishing: Six Underrated Threats

Cybercriminals are continually developing new methods to exploit vulnerabilities, and even the most tech-savvy individuals and organizations can find themselves at risk. While some cyberattacks like phishing and malware are well-known, several lesser-known but equally dangerous threats require attention. This…

FBI Warns of Cybercriminals Stealing Cookies to Bypass Security

  Cybercriminals are now targeting cookies, specifically the “remember-me” type, to gain unauthorized access to email accounts. These small files store login information for ease of access, helping users bypass multi-factor authentication (MFA). However, when a hacker obtains these cookies,…

Hacking Contest: How QNAP Overcame Critical Zero-Day Flaws

One recent event that highlights the relentless pace of this digital arms race is QNAP’s swift action to patch a second zero-day vulnerability. QNAP has addressed a second zero-day vulnerability that was exploited by security researchers during the recent Pwn2Own hacking…

New Tool Circumvents Google Chrome’s New Cookie Encryption System

  A researcher has developed a tool that bypasses Google’s new App-Bound encryption cookie-theft defences and extracts saved passwords from the Chrome browser.  Alexander Hagenah, a cybersecurity researcher, published the tool, ‘Chrome-App-Bound-Encryption-Decryption,’ after noticing that others had previously identified equivalent…

Why Ignoring Data Breaches Can Be Costly

Data breaches are now more rampant than ever, exposing passwords and payment details to hackers. You could be getting breach alerts that pop up every so often, warning you that your data has been exposed. It’s a wake-up call on…

Evasive Panda Unfurls Cloud Services Under Siege

  Using stolen Web session cookies, Evasive Panda, a China-sponsored hacking team, has unveiled CloudScout, a sleek and professional toolset created to recover data from compromised cloud services. ESET researchers have discovered CloudScout through an investigation into a couple of…

Scammers Use Fake Centrelink Promises to Target Australians Online

  Australians have been cautioned about a recent wave of scam websites falsely advertising significant Centrelink payments. These sites promise financial boosts, sometimes hundreds or thousands of dollars, to low-income residents and seniors, exploiting people facing financial challenges. Fraudsters create…

When and Why to Consider a Data Removal Service

  With the risk of data misuse and breaches increasing daily, individuals will be driven to seek reliable methods for securing their online privacy in 2024 to manage these risks. A growing number of privacy solutions are available online now,…

Amazon Identified Internet domains Exploited by Russian APT29

  The leading advanced persistent threat group in Russia has been phishing thousands of targets in businesses, government agencies, and military institutions.  APT29 (also known as Midnight Blizzard, Nobelium, and Cozy Bear) is one of the world’s most prominent threat…

Prometei Botnet: The Persistent Threat Targeting Global Systems

  The Prometei botnet, active since at least 2016, continues to pose a persistent threat worldwide by exploiting unpatched software vulnerabilities. First identified in 2020, Prometei has since infected over 10,000 systems across diverse regions, including Brazil, Indonesia, Turkey, and…

Security Defenses Crippled by Embargo Ransomware

  There is a new gang known as Embargo ransomware that specializes in ransomware-as-a-service (RaaS). According to a study by ESET researchers published Wednesday, the Embargo ransomware group is a relatively young and undeveloped ransomware gang. It uses a custom…