Updated on 2022-10-03 Attack spree on the critical sector touches new heights with a couple of cybercrime activities of late. For instance, a hacker group rattled government agencies in Latin America after it successfully harvested 6TB of sensitive data. Meanwhile, the BlackCat ransomware group mysteriously listed and then delisted its attack claims on an IT …
National Cyber Awareness System Drupal Releases Security Update Microsoft Releases Guidance on Zero-Day Vulnerabilities in Microsoft Exchange Server Cisco Releases Security Updates for Multiple Products Mozilla Releases Security Update for Thunderbird Hurricane-Related Scams CISA Adds Three Known Exploited Vulnerabilities to Catalog VMWare Releases Guidance for VirtualPITA, VirtualPIE, and VirtualGATE Malware Targeting vSphere CISA Releases Six Industrial …
Updated on 2022-09-29: FastCompany hacked News media outlet FastCompany said that a threat actor hacked its CMS on Tuesday and sent out obscene and racist push notifications to its customers through its Apple News account, which was connected to the CMS backend. Fast Company’s Apple News account was hacked on Tuesday evening. Two obscene and …
Live streaming service Twitch dealt with a major bot attack this week and was forced to block logins from exotic browsers to prevent a threat actor from mass-creating new accounts to be used in future hate raids. According to a developer who creates Twitch-centered software, more than 4 million new accounts were created over the …
Updated on 2022-09-30 Cisco Talos discovered a malicious campaign in August 2022 that delivered Cobalt Strike payloads by using a phishing email with a malicious Microsoft Word attachment as the initial attack vector. They either impersonated a U.S. government organization or a trade union in New Zealand. Read more: New campaign uses government, union-themed lures …
Updated on 2022-09-29 A new, highly-targeted campaign has been targeting several military contractors related to weapon manufacturing, which includes an F-35 Lightning II fighter aircraft components supplier. Overview Securonix researchers said they identified a new covert campaign targeting multiple military and weapons contractors, including a strategic supplier to the F-35 Lightning II fighter aircraft. Securonix …
Updated on 2022-09-28 A U.S. subsidiary of Elbit Systems confirmed suffering a ransomware attack, months after the Black Basta ransomware group listed it on its leak site as one of its victims. The data compromised included employee names, addresses, SSNs, dates of birth, direct deposit information, and ethnicity. However, documents shared by the attackers as …
Updated on 2022-09-28: Healthcare services organization spills data West Virginia-based Physician’s Business Office notified 196,573 individuals about a breach that exposed their personal data and Protected Health Information (PHI). Hackers could have accessed patient names, SSNs, driver’s licenses, treatments, diagnoses, contact details, disability codes, prescription information, and health insurance account details. Overview West Virginia-based Physician’s …
Ukraine’s Main Directorate of Intelligence of the Ministry of Defense warns that Russia is planning to escalate cyberattacks against Ukrainian and Ukrainian allies’ critical infrastructure. The Directorate says it expects the first attacks to target the energy sector. They also warn that Russia is likely to escalate distributed denial-of-service (DDoS) attacks against critical infrastructure in …
Updated on 2022-09-23: CISA Adds Critical Zoho Flaw to Known Exploited Vulnerabilities Catalog The US Cybersecurity and Infrastructure Security Agency (CISA) has added a Java deserialization vulnerability in Zoho ManageEngine products to its Known Exploited Vulnerabilities (KEV) catalog. The critical flaw affects ManageEngine PAM360, Password Manager Pro, and Access Manager Plus. CISA has given federal …
A report from the University of Georgetown’s Center for Security and Emerging Technology goes deep into China’s “cyber ranges,” facilities built by the Chinese government where cybersecurity experts from academia and the private sector can test new tools, practice attack and defense, and evaluate the cybersecurity of a particular product or service. This report found: …
Suffolk County, New York, which encompasses the eastern part of Long Island, has asked the New York Police Department (NYPD) for help after its government systems, including 911 emergency services, were taken down following a September 8 ransomware attack. The incident is also disrupting real estate deals, as the title reporting system is affected. Note …
Updated on 2022-09-23: Hackers Lurked in Albanian Government Network for More Than a Year The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have published a national cyber awareness alert about Iranian state-sponsored hackers’ attacks against the Albanian government’s network. The report provides details about the length of time after initial access that …
Updated on 2022-09-30: More News About Optus Breach Australian authorities have asked the US Federal Bureau of Investigation (FBI) for help identifying the culprits responsible for the Optus breach. The incident has reportedly compromised driver’s license information, passport numbers, and email addresses of more than 10 million customers. Optus has taken a hit to its …
Update on 2022-10-03 The Vice Society ransomware group leaked the data it stole from Los Angeles Unified School District (LAUSD) after it denied a ransom. The group compromised the network last month. Read more: Ransomware gang leaks data stolen from LAUSD school system Update on 2022-09-22 In a new update, the hackers who attacked the …
