Clik here to view.
Former IT employee accessed data of over 1 million US patients
Geisinger, a prominent healthcare system in Pennsylvania, has announced a data breach involving a former employee of Nuance, an IT services provider contracted by the organization. Geisinger is a...
View ArticleClik here to view.
BlackSuit ransomware gang claims attack on KADOKAWA corporation
Image: Midjourney The BlackSuit ransomware gang claimed a recent cyberattack on KADOKAWA corporation and is now threatening to publish stolen data if a ransom is not paid. KADOKAWA is a Japanese media...
View ArticleClik here to view.
Polyfill.io, BootCDN, Bootcss, Staticfile attack traced to 1 operator
The recent large scale supply chain attack conducted via multiple CDNs, namely Polyfill.io, BootCDN, Bootcss, and Staticfile that affected anywhere from 100,000 to tens of millions of websites has...
View ArticleClik here to view.
TeamViewer links corporate cyberattack to Russian state hackers
RMM software developer TeamViewer says a Russian state-sponsored hacking group known as Midnight Blizzard is believed to be behind a breach of their corporate network this week. Yesterday, reported...
View ArticleClik here to view.
Dairy giant Agropur says data breach exposed customer info
Agropur, one of the largest dairy cooperatives in North America, is notifying customers of a data breach after some of its shared online directories were exposed. Although the firm said the breach...
View ArticleClik here to view.
Ticketmaster sends notifications about recent massive data breach
Ticketmaster has started to notify customers who were impacted by a data breach after hackers stole the company’s Snowflake database, containing the data of millions of people. “Ticketmaster recently...
View ArticleClik here to view.
Infosys McCamish says LockBit stole data of 6 million people
Infosys McCamish Systems (IMS) disclosed that the LockBit ransomware attack it suffered earlier this year impacted sensitive information of more than six million individuals. IMS is a multinational...
View ArticleClik here to view.
Meet Brain Cipher — The new ransomware behind Indonesia’s data center attack
Image: Midjourney The new Brain Cipher ransomware operation has begun targeting organizations worldwide, gaining media attention for a recent attack on Indonesia’s temporary National Data Center....
View ArticleClik here to view.
ハッカー、D-Link DIR-859ルーターの重大な欠陥を悪用してパスワードを盗む
ハッカーは、すべての D-Link DIR-859 WiFi ルーターに影響する重大な脆弱性を悪用し、パスワードを含むアカウント情報をデバイスから収集しています。 このセキュリティ問題は1月に公開され、現在CVE-2024-0769(深刻度スコア9.8)として追跡されている。 D-Link DIR-859...
View ArticleClik here to view.
Dev rejects CVE severity, makes his GitHub repo read-only
The popular open source project, ‘ip’ recently had its GitHub repository archived, or made “read-only” by its developer. Fedor Indutny, due to a CVE report filed against his project, started getting...
View ArticleClik here to view.
Fake IT support sites push malicious PowerShell scripts as Windows fixes
Fake IT support sites promote malicious PowerShell “fixes” for common Windows errors, like the 0x80070643 error, to infect devices with information-stealing malware. First discovered by eSentire’s...
View ArticleClik here to view.
Juniper releases out-of-cycle fix for max severity auth bypass flaw
Juniper Networks has released an emergency update to address a maximum severity vulnerability that leads to authentication bypass in Session Smart Router (SSR), Session Smart Conductor, and WAN...
View ArticleClik here to view.
Google Chrome to let Isolated Web App access sensitive USB devices
Google is working on a new Unrestricted WebUSB feature, which allows trusted isolated web apps to bypass security restrictions in the WebUSB API. WebUSB is a JavaScript API that allows web...
View ArticleClik here to view.
Router maker’s support portal hacked, replies with MetaMask phishing
has verified that the helpdesk portal of a router maker is currently sending MetaMask phishing emails in response to newly filed support tickets, in what appears to be a compromise. The Canadian...
View ArticleClik here to view.
New regreSSHion OpenSSH RCE bug gives root on Linux servers
A new OpenSSH unauthenticated remote code execution (RCE) vulnerability dubbed “regreSSHion” gives root privileges on glibc-based Linux systems. OpenSSH is a suite of networking utilities based on the...
View ArticleClik here to view.
Latest Intel CPUs impacted by new Indirector side-channel attack
Modern Intel processors, including chips from the Raptor Lake and the Alder Lake generations are susceptible to a new type of a high-precision Branch Target Injection (BTI) attack dubbed ‘Indirector,’...
View ArticleClik here to view.
Cisco warns of NX-OS zero-day exploited to deploy custom malware
Cisco has patched an NX-OS zero-day exploited in April attacks to install previously unknown malware as root on vulnerable switches. Cybersecurity firm Sygnia, who reported the incidents to Cisco,...
View ArticleClik here to view.
Australian charged for ‘Evil Twin’ WiFi attack on plane
An Australian man was charged by Australia’s Federal Police (AFP) for allegedly conducting an ‘evil twin’ WiFi attack on various domestic flights and airports in Perth, Melbourne, and Adelaide to...
View ArticleClik here to view.
CDK Global says all dealers will be back online by Thursday
CDK Global says that its dealer management system (DMS), impacted by a massive IT outage following a June 18th ransomware attack, will be back online by Thursday for all car dealerships. The company...
View ArticleClik here to view.
Prudential Financial now says 2.5 million impacted by data breach
Prudential Financial, a global financial services company, has revealed that over 2.5 million people had their personal information compromised in a February data breach. According to an 8-K form...
View Article