Tag: CySecurity News – Latest Information Security and Hacking Incidents

  A Microsoft spokesperson stated in a statement that recent attacks that exploited two vulnerabilities in the PaperCut print management software are likely associated with an affiliate program for the Clop ransomware.  PaperCut Application Server was updated last month with…

Read more →

An advanced persistent threat (APT) group from China, known as Evasive Panda, has been discovered to be hijacking legitimate software update channels of Chinese-developed applications to deliver custom malware to individuals in China and Nigeria for cyber-espionage purposes. Researchers from…

Read more →

  The Department of Justice is requesting its prosecutors and investigators to focus less on prosecutions and more on disruption and protection when it comes to cyberattacks, according to US Deputy Attorney General Lisa Monaco, who spoke to attendees at…

Read more →

Google has taken down the infrastructure and distribution network linked to the Cryptbot info stealer, a malware that was being used to infect Google Chrome users and steal their data. The move comes after the tech giant filed a lawsuit…

Read more →

  The amount of people who want to exploit your private information is staggering, from social media platforms to email providers. It is imperative to remember not only online stores but personal services as well.  Many online businesses rely heavily…

Read more →

  Even though ChatGPT may be the AI that everyone is thinking about right now, chatbots aren’t the only AI tool that has emerged in recent times. DALL•E 2 and Runway Gen 2 are just two examples of AI picture…

Read more →

  The US government’s Cyber National Command Force (CNCF) is deploying professionals abroad in “hunt forward” operations to assist partner countries in tackling cybercrime and has undertaken 47 operations in 20 countries in the last three years. Though this could…

Read more →

  Businesses are particularly concerned about distributed denial-of-service (DDoS) attacks because they believe they will have the most impact on their operations. This was one of the key conclusions of AT&T’s “2023 Cybersecurity Insights Report,” which was based on a…

Read more →

  A brand-new Android malware has been discovered in the wild that is capable of evading antivirus apps, stealing a tonne of private and financial information, and even encrypting all of the contents on an infected smartphone by using ransomware. …

Read more →

  The Google Cloud Platform (GCP) has recently been patched against a zero-day vulnerability called GhostToken, which allowed attackers to infect the platform to create an invisible and irrecoverable backdoor. A malicious attacker could exploit this flaw and gain access…

Read more →

The capability to detect, manage, and mitigate bot-based requests has become of utmost importance as cyber attackers become more automated. Edgio, a company created by the merging of Limelight Networks, Yahoo Edgecast, and Layer0, has unveiled its own bot management…

Read more →

  Cyberattacks are actively guarded against by all responsible firms. However, one security concern that many firms ignore is industrial espionage. Industrial espionage and cyberattacks are frequently carried out for the same reason: to steal confidential information.  Industrial espionage, on…

Read more →

  Whether you’re booking a flight, opening a new bank account, or buying groceries, a select few well-known brands control the majority of the market. What this means for the nation’s goods—and prices—is examined in the Canadian Press series Competition…

Read more →

  As a result of an investigation under the Advanced Persistence Threat (APT) name Tomiris, the group has been discovered using tools such as KopiLuwak and TunnusSched that were previously linked to another APT group known as Turla.  Positive results…

Read more →

  The U.S. Treasury Department has recently identified three over-the-counter (OTC) cryptocurrency traders in China and Hong Kong, as well as a China-based banker, who is believed to have assisted North Korea’s Lazarus Group in converting stolen crypto into fiat…

Read more →

  The popularity of cloud storage is on the rise, both for personal and professional use. However, many people are concerned about the security of their data in the cloud. While some worry about the future-proofing of their cloud storage,…

Read more →

  A new cybersecurity threat has been discovered that could potentially put millions of people at risk. According to a report from Bleeping Computer, researchers have found a new malware toolkit called ‘Decoy Dog’ after analyzing 70 billion DNS queries.…

Read more →

  In the media, misinformation is regularly discussed, primarily in relation to politics and is often used interchangeably with fake news. Even though these are major problems, a greater and more direct threat is frequently disregarded: how cybercriminals utilise false…

Read more →

  A malware campaign has recently been detected that uses Google ads and SEO poisoning to spread malware. The malware that attacks corporate users is dubbed Bumblebee. It was discovered that Bumblebee, a malware targeted at enterprise users, is distributed…

Read more →

A multinational coalition of 17 law enforcement agencies has cracked down on the largest illicit dark web market in the world in an extensive operation dubbed Operation Cookie Monster. Thousands of stolen identities and online login passwords that were being…

Read more →

  Enterprise-level network equipment available on the black market conceals important information that hackers could use to infiltrate company networks or steal consumer data.  Researchers examined a number of used corporate-grade routers and discovered that the majority of them had…

Read more →

  Over the past 20 years, the number of cars stolen in the United States has been reduced by half. However, authorities are now seeing an increasing number of break-ins associated with high-tech techniques being used in these break-ins.  There…

Read more →

  Experts have discovered a hazardous new malware strain that is circulating the internet, stealing sensitive data from victims and, in some cases, installing ransomware as well. The malware, dubbed Evil Extractor, was found by Fortinet cybersecurity experts, who published…

Read more →

  Travelling is about more than just taking in new foods, cultures, and scenic views. It’s also about stepping outside of our normal comfort zones, whether this involves a protracted trip, a cramped bus ride, communication difficulties with the locals,…

Read more →

The rise of artificial intelligence and machine learning technologies has brought significant advancements in various fields. One such development is the creation of conversational AI systems like ChatGPT, which has the potential to revolutionize the way people communicate with computers.…

Read more →

  Starting this summer, the Internal Revenue Service (IRS) intends to dispatch four cybercrime investigators to Australia, Singapore, Colombia, and Germany. These four new jobs indicate a major boost in the IRS’s global efforts to combat cybercrime, such as cryptocurrency,…

Read more →

  There is a shred of growing evidence that North Korean actors were responsible for the 3CX software supply chain hack, as found by ESET researchers. The newly discovered piece of malware extends the evidence that a North Korean group…

Read more →

  If you’re worried about cybersecurity, you might question whether texting apps can follow you. Yes, but it’s not as big of a deal as you believe. Understanding how location monitoring works on major messaging applications, as well as the…

Read more →

The Chinese government has recently launched a crackdown on deepfakes, a type of synthetic media that involves manipulating images, videos, or audio to make them appear to be real. Despite these efforts, however, several Chinese apps that utilize deepfakes are…

Read more →

  Software as a service (SaaS) has undeniably reached the height of its popularity. Modern corporate operations and continuity depend today more than ever on software technologies. The right procurement procedures haven’t yet been adopted by enough businesses, despite this,…

Read more →

  This week, Infoblox Inc. announced the release of its threat report blog on a remote access Trojan (RAT) toolkit with DNS command and control, which is being used for remote access and data theft. Infoblox provides a cloud-enabled networking…

Read more →

  The Wall Street Journal reported that a consumer financial protection bureau (CFPB) employee sent records containing private information to a personal email address that included confidential supervisory information from 45 other financial institutions as well as personal information on…

Read more →

According to recent reports, March 2023 saw a record-breaking number of ransomware attacks globally, with a staggering 459 incidents reported. This highlights the increasing prevalence and sophistication of cyber-attacks and the need for robust cybersecurity measures. Ransomware attacks involve hackers…

Read more →

  Following a temporary ban in Italy and a spate of inquiries in other EU nations, OpenAI has just over a week to comply with European data protection regulations. If it fails, it may be fined, forced to destroy data,…

Read more →

  Despite being a powerful and innovative AI chatbot that has quickly drawn several people’s attention, ChatGPT has some serious pitfalls that seem to be hidden behind its impressive features.  For any question you ask it, it will be able…

Read more →

  Nearly a month after a cyberattack, the organisation in the UK responsible for managing criminal records is still experiencing difficulties.  The Acro Criminal Records Office prepares certificates for those looking to work with children or obtain emigration visas in…

Read more →

  Many business network environments probably experience the process of removing a defunct router from a rack and accommodating a shiny refurbished replacement now and then. The fate of the disposed router should be as significant, if not more so,…

Read more →

Hackers have targeted the Tucson Unified School District (TUSD) in Arizona, stealing the social security numbers of 16,000 teachers in a ransomware attack. This incident highlights the continued threat of cybercrime and the vulnerabilities that educational institutions face in terms…

Read more →

  Another genuine enterprise software platform is being misused by cybercriminals to deliver malware and ransomware to unwitting victims. The DFIR Report’s cybersecurity analysts identified many threat actors using Action1 RMM, an otherwise benign remote desktop monitoring and management tool.…

Read more →

  In the opinion of Alejandro Lopez-Lira, a finance professor at the University of Florida, huge language models could be effective for forecasting stock values. He utilized ChatGPT to interpret news headlines to determine if they were positive or negative…

Read more →

  In order to encrypt files on devices running Apple’s macOS operating system, the actors behind the LockBit ransomware campaign have created new artifacts.  It appears that the development marks the first time a large-scale ransomware group has produced a…

Read more →

  Members of the now-defunct Conti ransomware gang have been using a new strain of malware developed by threat actors likely affiliated with the FIN7 hacking group. This suggests that the two teams collaborated in the malware development, indicating a…

Read more →

Hackers have once again targeted a company, this time Commscope, and stolen sensitive employee data during a ransomware attack. According to reports, the hackers have published the stolen data online, including personal information, job titles, and email addresses of Commscope…

Read more →

  As artificial intelligence (AI) systems continue to advance, the need for responsible AI has become increasingly important. The latest iteration of the GPT series, GPT-4, is expected to be even more powerful than its predecessor, GPT-3, and this has…

Read more →

  With ChatGPT and other businesses developing artificial intelligence (AI) technology for their customers, artificial intelligence (AI) has gained traction. The three major technology companies, Google, Microsoft, and Meta appear to be investing heavily and concentrating their efforts on artificial…

Read more →

  The development of ChatGPT (Generative Pre-trained Transformer) technology marks the beginning of a new age in communication. This ground-breaking technology provides incredibly personalised interactions that can produce responses in natural language that are adapted to the user’s particular context…

Read more →

  The next phase of artificial intelligence is here, and it is already causing havoc in the technology sector. The release of Auto-GPT last week, an artificial intelligence program capable of operating autonomously and developing itself over time, has encouraged…

Read more →

  Have you recently noticed anything strange about your browser? Possibly Google used to be the default homepage; but, these days, when you click the home button, a strange page, a white screen, or an error page is loaded instead.…

Read more →

  Remote Monitoring and Management (RMM) tools are an essential part of IT management, allowing businesses to remotely monitor and manage their IT systems. However, recent reports indicate that hackers increasingly target RMM tools to launch ransomware attacks against businesses.…

Read more →

  In an attempt to verify if the breach of Latitude Financial data was impacting Coles, the supermarket giant has confirmed it has. As part of the report, the company alleges that a cybercriminal gang has stolen the information used…

Read more →

  NCR is experiencing an outage on its Aloha POS platform as a result of a ransomware attack claimed by the BlackCat/ALPHV gang. NCR is a software and technology consulting firm based in the United States that offers digital banking,…

Read more →

  Researchers in cybersecurity have detailed the techniques of a “rising” cybercriminal group known as “Read The Manual” (RTM) Locker, which operates as a private ransomware-as-a-service (RaaS) provider and conducts opportunistic attacks to make illegal profit. “The ‘Read The Manual’…

Read more →

  A bill introduced in Montana would prevent apps like TikTok from being listed for download on app stores such as Google Play and Apple’s App Store. The bill is forwarded to Republican Governor Gianforte for signature.  TikTok, owned by…

Read more →

  Mass layoffs have become increasingly common in recent years as companies look to cut costs and remain competitive. While these layoffs can provide short-term financial benefits, they can also create new risks for corporate security. One of the key…

Read more →

  Due to the prevalence of fraudulent activity since its inception, the bitcoin market has become well-known. Scammers employ a number of techniques to trick bitcoin consumers and take their hard-earned money.  How do crypto phishing scams work? The well-known…

Read more →

  In accordance with the Polish CERT and Military Counterintelligence Service, an ongoing cyberespionage effort linked to a Russian nation-state entity is targeting European government agencies and diplomats in order to collect Western government intelligence on the Ukraine war. According…

Read more →

  A member of the Massachusetts Air National Guard, Jack Teixeira, 21, has been arrested in the breach of dozens of highly classified documents, including the extent to which the United States can spy on Russia, by the Federal Bureau…

Read more →

  Russian intelligence has once more employed hacker outfit Nobelium/APT29 as part of its ongoing invasion of Ukraine, this time to spy on foreign ministries and diplomats from NATO-member states as well as additional targets in the European Union and…

Read more →

The European Union’s privacy watchdog, known as the European Data Protection Supervisor (EDPS), has recently announced the formation of a task force to examine the potential privacy and data protection issues related to the ChatGPT language model. ChatGPT is a…

Read more →

  RapperBot, a new Mirai variant, is the latest example of malware spreading through relatively uncommon or previously undiscovered infection channels. RapperBot originally appeared last year as Internet of Things (IoT) malware that contained big amounts of Mirai source code…

Read more →

The Lazarus Group, a well-known cybercriminal organization, has pivoted to the defense sector with its Deathnote cluster. The group has previously been linked to cryptocurrency attacks and other malicious activities. However, its latest move into the defense industry marks a…

Read more →

  A Telegram user who claimed to have left bombs in places like high schools by using a digitally synthesised voice has been linked to a series of swatting calls that have occurred over several months across the United States. …

Read more →

Data protection is a critical component of any business, whether it’s a bank, password manager, merchant, telecom provider, or another corporation. A top engineer’s personal computer has been compromised by hackers, the latest blow to LastPass, which recently fell, victim.…

Read more →

Ever since the introduction of ChatGPT last year, it has created a buzz among tech enthusiasts all around the world with its ability to create articles, poems, movie scripts, and much more. The AI can even generate functional code if…

Read more →

  Researchers spotted malware peddlers openly selling an info-stealer on the Python Package Index (PyPI) — the official, public repository for the Python programming language — with only the thinnest concealment. The attackers, who Sonatype researchers linked to the SylexSquad…

Read more →

  Attackers are increasing the number of backdoor attacks they use to spread malware and ransomware, showing that organisations cannot put any trust in anyone to protect their endpoints and identities.  According to IBM’s Security X-force Threat Intelligence Index 2023,…

Read more →

A campaign that utilizes several WordPress plug-ins and theme vulnerabilities to inject malicious code into websites, including a sizable number of zero-days, has infected at least 1 million WordPress-sponsored websites.  According to a study conducted by Sucuri, the campaign, which…

Read more →

  Aside from gaming hardware manufacturers, modern corporations face constant attacks from malicious hackers and other digital no-goodniks. Corporations are not the only ones attacked by malicious hackers. MSI confirmed to its customers it had been attacked.  MSI has enumerated…

Read more →

Cambodia has deported 19 Japanese nationals for allegedly running online scams. According to reports, these individuals were involved in a cybercrime operation that used telephone calls to deceive people and steal their money. This incident highlights the need for improved…

Read more →

  In an announcement by Chang Liu and Lidia Gaymond, Google Play product managers announced that an upcoming auto-archive feature would be introduced later this month. This feature has been added to make device storage management easier for Android users.…

Read more →

  Twitter launched Circle in August 2022, allowing you to limit your tweets to a chosen group of users without making your account private. While the function was designed to limit the visibility of your tweets to a group smaller…

Read more →

Public USB ports are now available almost anywhere. One can plug his smartphone, tablet, or other electronic devices to charge his batteries. Although this may seem like a blessing to some, the FBI says it’s otherwise.  The FBI has just…

Read more →

A Windows zero-day vulnerability has been exploited in a recent string of ransomware attacks. The attacks involve a new strain of ransomware called Nokoyawa, which leverages the vulnerability to infect and encrypt files on Windows systems. According to reports, the…

Read more →

  Alibaba, a global leader in technology, has revealed a new artificial intelligence product that will soon be incorporated into all of the company’s apps and is similar to ChatGPT.  Earlier this year, Alibaba revealed it was developing a ChatGPT…

Read more →

Cyber threat actors have lately been targeting the official Google Play app store’s security by developing trojan malwares for existing Android apps, selling the malwares for up to $20,000 a piece on darknet markets.  In a blog post published on…

Read more →

  As per a 2022 Thales Cloud Security research, 88% of companies keep a considerable amount (at least 21% of sensitive data) in the cloud. That comes as no surprise. According to the same survey, 45% of organisations have had…

Read more →

  The Chief Information Security Officer (CISO) position is currently undergoing transition, especially as risks alter and as more rules and compliance mandates are implemented. The assumptions around this formerly specialist position need to be reevaluated because it is now…

Read more →

Sushiswap, a popular decentralized cryptocurrency exchange, recently fell victim to a smart contract hack that resulted in a loss of $3.3 million. The hack highlights the need for stronger cybersecurity measures in the cryptocurrency industry and the importance of taking…

Read more →

  There have been reports of several water monitors malfunctioning on Sunday due to a cyberattack targeting monitoring systems that monitor irrigation systems and wastewater treatment systems.  It has been found that specific water controllers used to irrigate fields in…

Read more →

  More frightening is having your phone hacked if you are connected to the internet, just like any other device. It is a well-known fact that smartphones are a particularly tempting target for hackers, as they are any device with…

Read more →

Car theft has been an ongoing problem for decades, but now, thieves have found a new way to bypass modern car security systems using hacking tools disguised as JBL portable speakers. This emerging trend highlights the importance of cybersecurity in…

Read more →

For many folks, spring clean has become a yearly ritual, but what about decluttering your digital space?  According to experts, maintaining a clean virtual environment can be just as beneficial to your mental well-being and level of productivity. It can…

Read more →

  The Flipper Zero portable multi-tool for pen testers is no longer available for purchase on Amazon as the company has designated it as a card-skimming device, prohibiting its sale on the platform.  According to Pavel Zhovner, CEO of Flipper…

Read more →

  Due to fresh Kaspersky research, fraudulent use of the InterPlanetary File System appears to have surged recently. Since 2022, fraudsters have leveraged IPFS for email phishing attacks. IPFS is a peer-to-peer network protocol that allows for the creation of…

Read more →

  Given how widespread malware has become, new “families” of each type are being developed. Qbot, a family of malware that is used to steal data, falls under this category.  Qbot’s history  As is sometimes the case with malware, Qbot…

Read more →

  The Tasmanian Department of Education, Children, and Young People experienced a cyber attack where hackers targeted and breached the third-party file transfer service GoAnywhere MFT. The breach took place last month and the state government confirmed on March 31…

Read more →

  There was a national cyber-security strategy published by the White House on March 2. It contains a list of threats to U.S. networks terrestrially and in space related to Russian and Chinese hackers.  “Evolving intelligence” suggests many options could…

Read more →

Trustwave SpiderLabs security researchers have recently discovered a new malicious browser extension, named Rilide, targeting Chromium-based browsers like Google Chrome, Brave, Opera, and Microsoft Edge.  The malicious activities include monitoring browsing history, taking screenshots and stealing cryptocurrency through scripts injected…

Read more →

  Along with the benefits of emerging generative AI services come new hazards. PassGAN, a sophisticated solution to password cracking, has just emerged. Using the most recent AI, it was able to hack 51% of passwords in under a minute…

Read more →

Smart home devices have become increasingly popular in recent years, promising convenience, efficiency, and security. However, recent cyber security vulnerabilities in the Nexx Garage Door Opener have highlighted the risks of relying too heavily on technology without considering the potential…

Read more →

  MSI (short for Micro-Star International), a Taiwanese PC vendor, revealed today that its network had been compromised in a cyberattack in response to claims of a ransomware attack.  The Money Message ransomware group earlier this week claimed to have…

Read more →

  Malicious code was injected into eFile.com’s server, an online service that assists people with filing tax returns. This resulted in malware being delivered to users’ computers.  It was discovered that the software service, which is authorized by the Internal…

Read more →

APT43, also known as Kimsuky or Thallium, recently exposed by the Mandiant researchers, is a cyberespionage threat group supporting the objectives of the North Korean regime. By conducting credential harvesting attacks and successfully compromising its targets using social engineering, ATP43…

Read more →

As cyber threats continue to evolve, traditional security models are becoming less effective in protecting against them. That’s why many organizations are turning to a zero-trust security model to secure their networks, data, and applications. ‘ Zero trust is a…

Read more →

  A number of cybersecurity businesses, including Microsoft, launched a full-scale legal crackdown on one of the primary hacking tools used by malware criminal groups in their operations. Microsoft, Fortra, and the Health Information Sharing and Analysis Center (H-ISAC) announced…

Read more →

A recent survey conducted by cybersecurity firm Bitdefender highlights the ongoing struggle of organizations to handle data breaches and cybersecurity challenges. The survey revealed that a third of organizations have admitted to covering up data breaches, while 42% of IT…

Read more →

Critical infrastructure refers to physical and digital assets that are crucial for national security, economy, public health, or safety. It can be government or privately owned and includes not only power plants or electricity but also monetary systems.  Cyber attacks…

Read more →

Law enforcement agencies worldwide have dealt a blow to the criminal underworld with the takedown of Genesis Market, a notorious website used to buy and sell stolen data, hacking tools, and other illicit goods and services. The investigation involved coordinated…

Read more →

The developers of ThingsBoard, an open-source platform used for managing IoT devices for various industry sectors have recently patched a flaw that could apparently enable attackers to acquire administrative access to a server and send requests.  The vulnerability, identified as…

Read more →

  A mayor from Australia claimed he would file a lawsuit because of the misleading information advanced chatbot ChatGPT presented.  Mayor of Hepburn Shire Council Brian Hood claims a tool owned by OpenAI falsely claimed he was jailed for bribery…

Read more →