UK National Cyber Security Centre Gets a New CTO
The UK’s National Cyber Security Centre (NCSC) has announced its new chief technology officer (CTO) will be Ollie Whitehouse.Spun out...
News
Mend.io SAML Vulnerability Exposed
WithSecure has unveiled a new security vulnerability in Mend.io’s application security platform today, raising concerns about data privacy and potential...
Airlines Battle Surge in Loyalty Program Fraud
Cyber fraudsters have been observed increasingly exploiting vulnerabilities in air miles and customer service systems across the EU, the UK...
More Schools Hit By Cyber-Attacks Before Term Begins
A north London school and a Berkshire schools group have become the latest victims of serious cyber-attacks ahead of the new...
UK Electoral Commission Fails Cybersecurity Test Amid Data Breach
The UK’s Electoral Commission has admitted to failing a crucial cybersecurity test at the same time that hackers breached its...
US-CERT Vulnerability Summary for the Week of August 21, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoqemu -- qemuThe hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device model...
Key Cybersecurity Tools That Can Mitigate the Cost of a Breach
IBM's 2023 installment of their annual "Cost of a Breach" report has thrown up some interesting trends. Of course, breaches...
Researchers Warn of Cyber Weapons Used by Lazarus Group’s Andariel Cluster
The North Korean threat actor known as Andariel has been observed employing an arsenal of malicious tools in its cyber...
Meta Takes Down Thousands of Accounts Involved in Disinformation Ops from China and Russia
Meta has disclosed that it disrupted two of the largest known covert influence operations in the world from China and...
German financial agency site disrupted by DDoS attack since Friday
The German Federal Financial Supervisory Authority (BaFin) announced today that an ongoing distributed denial-of-service (DDoS) attack has been impacting its...
Insurer fined $3M for exposing data of 650k clients for two years
The Swedish Authority for Privacy Protection (IMY) has fined insurer Trygg-Hansa $3 million for exposing on its online portal sensitive data belonging...
Okta: Hackers target IT help desks to gain Super Admin, disable MFA
Identity and access management company Okta released a warning about social engineering attacks targeting IT service desk agents at U.S.-based customers in an attempt...
Hackers exploit MinIO storage system to breach corporate networks
Image: Midjourney Hackers are exploiting two recent MinIO vulnerabilities to breach object storage systems and access private information, execute arbitrary...
Freecycle confirms massive data breach impacting 7 million users
Freecycle, an online forum dedicated to exchanging used items rather than trashing them, confirmed a massive data breach that affected...
Four Convicted in $18m Investment Fraud Scheme
Four men have been found guilty of participating in a global investment fraud and money laundering conspiracy that tricked victims...
Suffolk High School Forced Offline After Cyber-Attack
A leading English secondary school has shut down its IT systems following a cyber-attack just days before the start of...
Sydney University Suffers Supply Chain Breach
The University of Sydney has revealed a supply chain-related data breach in which the personal information of international students and...
Sensitive Data about UK Military Sites Potentially Leaked by LockBit
Gigabytes of sensitive data related to British military and intelligence sites have been exposed by the infamous LockBit ransomware group.Zaun,...
Python Package Index Targeted Again By VMConnect
Cybersecurity experts at ReversingLabs have unveiled a concerning continuation of the infamous VMConnect campaign. This ongoing assault, initially discovered in early...
Medical Data Breach: Ayush Jharkhand Hacked
The threat actor known as Tanaka recently has been observed sharing a post titled “bitsphere.in” on an English-speaking hacking forum, shedding...
New Attack Technique “MalDoc in PDF” Alarms Experts
Security experts from JPCERT/CC have identified a new attack technique called “MalDoc in PDF,” which can elude detection by embedding a...
US-CERT Vulnerability Summary for the Week of August 21, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoqemu -- qemuThe hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device model...
Hackers Exploit MinIO Storage System Vulnerabilities to Compromise Servers
An unknown threat actor has been observed weaponizing high-severity security flaws in the MinIO high-performance object storage system to achieve...
X (Twitter) to Collect Biometric Data from Premium Users to Combat Impersonation
X, the social media site formerly known as Twitter, has updated its privacy policy to collect users' biometric data to...
