Tag: CySecurity News – Latest Information Security and Hacking Incidents

A Singaporean cybersecurity company discovered that over the last few year, login credentials of more than 100,000 online users using chatbot like ChatGPT has been leaked and traded in the Dark Web. According to the security researchers, infostealers illicitly acquire…

Read more →

  Nowadays, nearly everything we depend on has the ability to collect information about us, including our smartphones, computers, cars, and even household appliances. Whether we like it or not, this data often ends up in the hands of marketing…

Read more →

  Using non-fungible tokens (NFTs), the German Federal Intelligence Service Bundesnachrichtendienst (BND) has begun attracting cyber and blockchain talent. To help recruit qualified employees, the BND has posted nearly 1,000 NFTs with a dog motif on the Ethereum blockchain alongside…

Read more →

  Staying ahead of threat actors is a game of cat and mouse, with hackers frequently having the upper hand. LockBit was the most widely used ransomware strain in 2023. In the previous year, LockBit was recognised to be the…

Read more →

  There has been a severe scandal going on at the accounting firm PwC over the past few weeks involving a tax scam and the company was dealt another blow as Russian hackers have just managed to steal sensitive information. …

Read more →

One of the consequences of the pandemic in the many B2B2C manufacturers was the changes in interactions with their clients. Numerous manufacturing brands in consumer packaged goods (CPG), fashion, equipment, etc. understood the advantages of implementing a direct-to-consumer approach even…

Read more →

  WordPress, the popular content management system (CMS), is no stranger to security vulnerabilities. In recent news, critical vulnerabilities have been discovered in certain WordPress plugins, putting thousands of websites at risk. These vulnerabilities have the potential to allow unauthorized…

Read more →

  The global rate of cybercrime is rising. Cybercriminals exhibit no indications of slowing down, as evidenced by the recent rise in harmful web extensions (especially in the US) and the persistence of risky phishing and malware attacks—in part because…

Read more →

  Over 100,000 user accounts on the well-known ChatGPT platform have reportedly been hacked by attackers using sophisticated information-stealing malware in a startling occurrence. The disclosure has shocked the AI community and sparked worries about the privacy and security of…

Read more →

  In a noteworthy development, the European Union (EU) is making strides to reintroduce a long-lost and highly sought-after element that has gradually vanished from the smartphone market. An upcoming regulation is currently being advocated, aiming to reinstate user-replaceable batteries…

Read more →

⁶ Proof-of-concept (PoC) exploit code has been released for a significant vulnerability found in Cisco Secure Client Software for Windows, previously known as AnyConnect Secure Mobility Client. This flaw allows attackers to elevate their privileges to the SYSTEM level. Cisco…

Read more →

  Several federal agencies, including the Department of Energy and several others, have been hacked by a Russian cyber-extortion gang. However, Homeland Security officials warned Thursday that the impact would not be very significant. The hack of a popular file-transfer…

Read more →

In a joint operation, Delhi Police, the Federal Bureau of Investigation (FBI), and Interpol have exposed an international syndicate involved in cybercrime, arresting four individuals involved in the cybercrime gang. The four members, including the kingpin, were detained for allegedly…

Read more →

  Being wary of journalists can be a good thing at times. Take the case of Orbiter Finance. A claimed journalist from a crypto news website contacted one of its Discord moderators last month and requested that they complete out…

Read more →

  AI technology is booming, and industries are in a rush to adopt it as quickly as they can. OpenAI’s ChatGPT has seen an unprecedented surge in user adoption, quickly becoming one of the most widely used AI platforms. This…

Read more →

  A new wave of cybersecurity threats looms over Reddit as hackers, known as BlackCat, have recently surfaced with a dire warning. The group claims to have obtained confidential data during a breach that occurred back in February. Reddit, the…

Read more →

  Microsoft faced significant service disruptions in early June, affecting their flagship office suite, including Outlook email and OneDrive file-sharing apps, as well as their cloud computing platform. A hacktivist group called Anonymous Sudan claimed responsibility for these disruptions, conducting…

Read more →

  An independent cybersecurity expert and CNN reviewed a post from the BlackCat ransomware gang, also known as ALPHV. The post said the group had stolen 80 gigabytes of confidential data from Reddit during a February breach and claimed to…

Read more →

  Customers of MOVEit are being urged by Progress Software to update their software in less than a month to address a third severe vulnerability.  According to the most recent vulnerability, identified as CVE-2023-35708, an unauthenticated attacker may be able…

Read more →

  According to reports from The Intercept, the Army’s surveillance unit has been scanning social media platforms for posts that criticize or demean generals and other military leaders. The unit is said to be specifically targeting tweets and comments that…

Read more →

Earlier this June, some periodic but significant disruptions could be seen in Microsoft’s flagship office suite. That cyberattack disrupted services of Microsoft affiliated apps like Outlook email and OneDrive file sharing app along with cloud computing platform. After the attack…

Read more →

  Blockchain, a revolutionary technology that has gained significant attention globally, operates as a decentralized digital ledger spread across multiple nodes. It enables the recording, storage, and verification of transactions among various parties through this ledger. The unique characteristics of…

Read more →

  A significant data breach that took place last month has raised concerns about the potential vulnerability of individuals from Louisiana and Oregon, particularly in relation to identity theft and various cyberattacks. Americans residing in these states may face an…

Read more →

CIOp ransomware group has revealed names of more than two dozen organizations that are apparently attacked in their campaign via a zero-day vulnerability in the MOVEit managed file transfer (MFT) software. The ransomware group utilized the MOVEit transfer vulnerability, CVE-2023-34362,…

Read more →

  Threat researchers at Cybersixgill published their annual report, The State of the Cybercrime Underground, earlier this year. The study is based on an analysis of data that Cybersixgill gathered from the deep, dark, and clear web in 2022. The…

Read more →

  The spokesperson for the US Department of Energy (DOE) revealed that the Russia-linked extortion group Cl0p sent ransom requests to both the nuclear waste facility and scientific education facility of the DOE, which were recently targeted in a global…

Read more →

  A zero-day vulnerability in MOVEit software has been exploited by the Clop ransomware attack that targets Oil and Gas giant Shell and has been used to mount the attack. Threat actors have been actively exploiting the vulnerability, identified as…

Read more →

  The recent MOVEit data theft attacks have taken a concerning turn as the Clop ransomware gang has started a new extortion strategy against affected companies. They have begun listing the names of targeted companies on a data leak site,…

Read more →

  According to a recent analysis by the blockchain forensic company Chainalysis, the use of cryptocurrency mining as a technique to improve money laundering skills extends beyond nation state actors and has particular appeal to regular criminals.  As per reports,…

Read more →

In recent times, the Google Play Store has become a breeding ground for fraudulent applications that pose a significant risk to Android users. One alarming trend that has come to light involves the proliferation of fake ChatGPT apps. These malicious…

Read more →

This year, the constant surge of data breaches and ransomware attacks are apparently impacting the supply chains and the manufacturers who are replying on them. VentureBeat has discovered in their research that supply chain-directed ransomware attacks have broken all previous…

Read more →

  A MIT-based AI apps startup is advancing to new heights in the cybersecurity field by developing innovative technologies to prevent supply chain attacks through artificial intelligence. Cybercriminals are becoming increasingly interested in targeting supply chains. To prevent damage to…

Read more →

  jThe U.S. government has acknowledged that several federal agencies have been targeted in cyberattacks that exploit a security vulnerability found in a popular file transfer tool. The Cybersecurity and Infrastructure Security Agency (CISA) confirmed the intrusions in a statement…

Read more →

On Wednesday, a group of seven countries, including the United States, Canada, Britain, France, Germany, Australia, and New Zealand, collectively identified the primary ransomware threat worldwide as the criminal organization known as “LockBit.” This digital extortion gang operates under the…

Read more →

  In recent days, BreachForums, one of the most well-known dark web hacking forums on the dark web, was reported to be shut down after one of its top administrators was arrested by United States federal authorities, including the Federal…

Read more →

ESET researchers have recently discovered a new Android malware campaign, apparently infecting devices with an updated version of GravityRAT, distributed via messaging apps BingeChat and Chitaco. The campaign has been active since August 2022. According to ESET researcher Lukas Stenfanko…

Read more →

  Internal strife is common among ransomware gangs. They argue, they fight, and they establish allies only to rapidly break them. Take, for instance, the leak of malware code from Babuk, which was compromised in 2021 by hackers enraged at…

Read more →

The rise of deepfake technology has ushered in a new era of concern and vulnerability for individuals and organizations alike. Recently, the Federal Bureau of Investigation (FBI) issued a warning regarding the increasing threat of deepfake crimes, urging people to…

Read more →

  Trend Micro has issued a warning about the effectiveness of a tool called BatCloak, which is designed to conceal batch files and has enabled malicious BAT files to evade detection by antivirus engines with an impressive success rate of…

Read more →

  The mortgage lending sector is experiencing a significant revolution driven by advanced technologies like artificial intelligence (AI) and machine learning. These cutting-edge technologies hold immense potential to revolutionize the lending process.  However, alongside the benefits, there are also valid…

Read more →

  After protesters used various mobile file-sharing services such as AirDrops and Bluetooth to evade censorship, spread protest messages, and impose more restrictions on their use, China is restricting the use of these services to impose more restrictions and expand…

Read more →

A critical vulnerability has recently been discovered in the WooCommerce Gateway plugin for WordPress. Apparently, it has compromised sensitive customer information related to their orders to unauthorized data. On WordPress e-commerce sites, the plugin supported payment processing for over 900,000…

Read more →

  Self replication, once the stuff of science fiction, is now a reality thanks to artificial intelligence, and the recently unveiled AI twin product Doppl is changing the game in terms of our digital selves.  Doppl will create AI twins—very…

Read more →

  According to a report from The Identity Defined Security Alliance (IDSA), organizations are still struggling with incidents related to identity, with a concerning 90% of them reporting such incidents within the past year. This marks a 6% increase compared…

Read more →

  During Oracle’s recent earnings call, company founder Larry Ellison made an exciting announcement, confirming the launch of a new generation AI service in collaboration with Cohere. This partnership aims to deliver powerful generative AI services for businesses, opening up…

Read more →

Today, Salesforce unveiled AI Cloud, an enterprise AI solution designed to enhance productivity throughout its suite of applications. This innovative platform integrates multiple Salesforce technologies, including Einstein, Data Cloud, Tableau, Flow, and MuleSoft, to deliver real-time generative AI capabilities that…

Read more →

  A new data breach has been reported by Have I Been Pwned, revealing that Zacks, a prominent financial research and analysis firm, has suffered a massive security incident that has impacted approximately 8 million users. The breach highlights the…

Read more →

  A company’s SharePoint Online environment has been successfully targeted by the Omega ransomware group to extort money from it. This is instead of using compromised endpoints, the most common method of launching such attacks. The threat group appears to…

Read more →

  The FBI is alerting email users regarding a potentially harmful fraud. Victims may get into major legal difficulties with their employers or experience bank account theft.  This fraud, known as the “Business Email Compromise,” allows thieves to steal hundreds…

Read more →

  Vietnamese public companies are facing an ongoing targeted campaign involving the SPECTRALVIPER backdoor. This backdoor, previously undisclosed and in the x64 variant, offers a range of capabilities such as manipulating files, impersonating tokens, and loading PE files. Elastic Security…

Read more →

According to an American Enterprise Institute (AEI) study, threat actors have been targeting high profile companies, that are exceptionally profitable, hold high value and have generous spending on advertisings, since year 1999. FBI confirmed that the potential losses from cybercrime…

Read more →

A mother, in America, heard a voice in her phone that seemed chillingly real – it was her daughter apparently sobbing, following which a man’s voice took over that demanded a ransom amount. However, the girl in the phone was…

Read more →

  ESET’s cybersecurity researchers have recently uncovered a relatively new hacker outfit that has had great success targeting organisations all around the world.  The researchers are still unsure of the group’s eventual goal, which goes by the name of Asylum…

Read more →

  Artificial intelligence (AI) is a subject that sparks divergent opinions among experts, who generally fall into one of two camps: those who believe it will significantly enhance our lives and those who fear it may lead to our demise. …

Read more →

  Extreme Networks has revealed that it has fallen victim to the rapidly evolving MOVEit cyber attack. As a consequence, customers who rely on the network hardware and services provided by Extreme Networks may face the potential threat of having…

Read more →

  Amidst concerns over a potential data breach in India’s CoWIN app, the Union Minister, Rajeev Chandrasekhar, has stated that the app or its database does not appear to have been directly breached. The CoWIN app has been widely used…

Read more →

    The Health Sector Cybersecurity Coordination Center (HC3) has issued a warning to healthcare providers in its new analyst note regarding the MedusaLocker ransomware, the latest variant used to encrypt healthcare systems.  Interestingly, while the Medusa operation was launched…

Read more →

  Internet of Things (IOT) devices are increasingly emerging as the preferred targets of attackers due to their lack of built-in security and persistent default password usage. It should come as no surprise that hackers choose to target IoT devices…

Read more →

  Nvidia, a leading technology company known for its advancements in artificial intelligence (AI) and graphics processing units (GPUs), has recently come under scrutiny for potential security vulnerabilities in its AI software. The concerns revolve around the potential exposure of…

Read more →

Two weeks following a cyberattack on May 29, Idoha Falls’ Mountain View Hospital is apparently still running in order to resolve their issue. Even while it has been difficult for staff to deal with the situation and for people to…

Read more →

  Phishing is the most common and dangerous type of online threat. It involves hackers pretending to be trustworthy companies to trick people into sharing their account information or downloading harmful files. That’s why it’s crucial to learn how to…

Read more →

  In one of the earliest, biggest, and most widely publicized bitcoin robberies in the world, in the case of the collapsed cryptocurrency exchange Mt. Gox, the United States charged two Russian nationals.  A criminal complaint was filed by the…

Read more →

  There is talk that Meta, the Mark Zuckerberg company, is working on developing a rival for Twitter shortly since it has been announced that it wants public figures to join it, including the Dalai Lama and Oprah Winfrey, who…

Read more →

Fortinet’s FortiGuard Labs, in their recent reports, discovered that ransomware threats are still at the top of the list in terms of cyber threat, with the cases only growing on a global level. Likewise, Fortinet discovered that in 2022, 84%…

Read more →

  A suspected Belarusian hacking group has targeted Ukraine; ‘Unusual’ crime cross-over. According to security researchers, a hacker gang aligned with Belarusian government interests appears to be combining cybercrime with cyberespionage. The group, known as Asylum Ambuscade, since 2020 has…

Read more →

  A trial is happening at Aberdeen Royal Infirmary to test if artificial intelligence (AI) can help radiologists review many mammograms each year. In the trial, AI helped detect early-stage breast cancer in June, who is a healthcare assistant and…

Read more →

  Srikanth Nadhamuni, who formerly held the position of chief technology officer (CTO) of Aadhar between 2009 and 2012, believes that the tremendous improvement we are seeing in the field of artificial intelligence, particularly generative AI, poses a clear and…

Read more →

  In a show of protest against Reddit’s new pricing policy, thousands of subreddits are planning to go private for 48 hours starting on Monday. This move aims to bring attention to concerns about the platform’s recent changes and their…

Read more →

Think of a drastic surge in advanced persistent threats (APTs), malware attacks, and organizational data breaches. An investigation on the case scenario revealed that these attacks are actually developed by threat actors who have access to generative AI. However, it…

Read more →

The annual Verizon Data Breach Investigations Report (DBIR) has revealed a significant increase in social engineering breaches, which have resulted in a surge in ransomware costs. The report highlights the growing threat landscape and the urgent need for organizations to…

Read more →

  In a recent report by TechCrunch, it was revealed that a technology vendor experienced a significant cyber incident that led to the theft of approximately 500,000 personal health records. This breach, which occurred earlier this year, has raised serious…

Read more →

  Security experts have uncovered shocking evidence that the notorious Clop ransomware group has been spending extensive amounts of time testing zero-day vulnerabilities on the popular MOVEit platform since 2021, according to recent reports. This study has raised a lot…

Read more →

A new encryptor named BlackSuit is currently being tested by the notorious Royal ransomware gang. This encryptor bears striking resemblances to their customary encryption tool, suggesting it may be an evolved version or a closely related variant.  In January 2023,…

Read more →

  Security professionals are alerting users regarding a vulnerability in the Microsoft Visual Studio installer that enables hackers to distribute harmful extensions to application developers while posing as a trusted software vendor. From there, they may sneak into development environments…

Read more →

  For a Windows local privilege escalation vulnerability that was patched as part of the May 2023 Patch Tuesday, researchers have published a proof-of-concept (PoC) exploit.  The Win32k subsystem (Win32k.sys kernel driver) controls the operating system’s window manager and handles…

Read more →

  According to a recent blog post by Elliptic, a blockchain intelligence firm, users of Atomic Wallet may have been targeted by Lazarus, the notorious hacking group from North Korea. The post highlights that Atomic Wallet users could have potentially…

Read more →

A recent study by the data watchdogs describes how organizations in future may as well use employee or potential employees’ brain-monitoring technology. However, the Information Commissioner’s Office warns that if “neurotech” is not created and applied correctly, there is a…

Read more →

  British consumers who purchase crypto assets from October 1st will be entitled to a mandatory 24-hour “cooling-off” period, to strengthen consumer protections. As a consequence, consumers will have a better chance of avoiding cryptocurrency scams.  Reuters reports that the…

Read more →

  A cybercriminal group, known as Clop ransomware, claims to have erased the sensitive personal data of up to 100,000 Nova Scotians that was in their possession. However, cybersecurity experts advise the province to be skeptical of this assertion.  According…

Read more →

In today’s interconnected world, the Internet has become an indispensable resource, particularly for the younger generation. Gone are the days of flipping through encyclopedias or visiting travel agencies to book flights or hotels. The Internet has revolutionized the way we…

Read more →

  In the last few days, several distributed denial-of-service (DDoS) attacks have been launched against Microsoft Outlook, one of the world’s leading email providers. Anonymous Sudan, a hackers’ collective, has launched DDoS attacks against Microsoft Outlook. The attacks, which aim…

Read more →

  Google stated last month that Gmail users would start noticing blue tick marks next to brand logos for senders taking part in the program’s Brand Indicators for Message Identification. BIMI and its blue tick mark were intended to take…

Read more →

In today’s digital age, preserving privacy and security while verifying information is an ongoing challenge. Fortunately, zero-knowledge proofs (ZKPs) have emerged as a promising solution.  ZKPs enable the verification of sensitive information without revealing any underlying data, ensuring a higher…

Read more →

  According to a recent study conducted by Salesforce, marketing professionals are optimistic about the potential impact of generative AI. However, they are still in the process of investigating and learning about the most effective ways to use this technology…

Read more →

Over 60,000 adware apps disguised as cracked versions of popular apps have been discovered, posing a significant threat to Android device users. These malicious apps have been circulating for the past six months, secretly installing adware and compromising user privacy.…

Read more →

Zellis Cyberattacks Exploiting MOVEit British Airways (BA), Boots, and BBC have recently been investigating an alleged cyber incident. The attack, apparently carried out by a Russia-based criminal gang, included the theft of the personal data of the companies’ employees. BA…

Read more →

  As a result of a continuing major attack, more than 100,000 people have been alerted that their personal information is in the hands of cybercriminals. Among the firms whose employees have been affected by the MoveIt data leak are…

Read more →

  During this year’s WWDC, Apple announced its latest privacy and security innovations. This reaffirms the company’s commitment to respecting individual privacy as one of mankind’s foundational rights. As part of these updates, Safari Private Browsing has been significantly improved.…

Read more →

  A rising number of organisations, including the BBC, British Airways, Boots, and Aer Lingus, are being impacted by a widespread attack. Staff members have received warnings that personal information, including social security numbers and, in some circumstances, bank information,…

Read more →

In March, 3CX disclosed a supply chain attack that surprised researchers investigating it. They discovered that the attack had an unusual and alarming origin: another company’s supply chain attack. This revelation in the “Inception” attack has caused concern among information…

Read more →

A recent software breach in Nova Scotia has raised concerns as the extent of the attack remains unknown. Microsoft has identified the ransomware gang known as Clop as the primary culprit behind the breach, highlighting the ever-growing threat of cybercriminals…

Read more →

  Coinbase, a prominent cryptocurrency exchange, acknowledges the profound potential of artificial intelligence (AI) in the realm of digital currencies. Being at the forefront of the industry, Coinbase recognizes the considerable influence AI can wield in transforming the utilization, comprehension,…

Read more →

   As a result of a global data breach, some Nova Scotians’ personal information has been taken. Colton LeBlanc, Minister of Cyber Security and Digital Solutions, made the alarming announcement during a last-minute video news briefing on Sunday afternoon. “The…

Read more →

  In a recent Magecart credit card theft campaign, legitimate websites are taken over and used as “makeshift” command and control (C2) servers to inject and conceal skimmers on selected eCommerce sites. An online store breached by hackers to insert…

Read more →

In recent times, Facebook scams and fraud have been on the rise, with scammers finding new ways to exploit the platform for their malicious activities. The latest attention-grabbing scam to hit Facebook is the “Look who died” scam, which targets…

Read more →

  Security consultants say hackers can steal information from Google Drive accounts through a method known as password mining. It is all done to conceal the fact that they have taken away a lot of information without leaving any trace…

Read more →

Google has recently issued a warning to its 1.8 billion Gmail users following a security flaw that was discovered in one of its latest security functions. The feature, Gmail checkmark system was introduced to assist users distinguish between certified businesses…

Read more →

The rapid advancement of artificial intelligence (AI) technology has opened up a world of exciting possibilities, but it also brings to light important concerns regarding privacy and security. One such emerging issue is the creation of AI clones based on…

Read more →

Disabling Read Receipts: Taking Control of Your Email Privacy In today’s fast-paced tech-dominated world, the pressure to respond to emails and messages immediately can be overwhelming. But what if you want to reclaim your time and manage it on your…

Read more →

Online sellers have become the latest targets of a new information-stealing malware campaign that aims to compromise their sensitive data. Security researchers have discovered a strain of malware called Vidar being deployed in this campaign, with attackers using various methods…

Read more →