U Haul Says Hacker Accessed Customer Records Using Stolen Creds
U-Haul has started informing customers that a hacker used stolen account credentials to access an internal system for dealers and...
cybersecurity
Unitedhealth Confirms Optum Hack Behind Us Healthcare Billing Outage
Healthcare giant UnitedHealth Group confirmed that its subsidiary Optum was forced to shut down IT systems and various services after...
Operation Cronos: Who Are the LockBit Admins
Read more about LockBit Ransomware: LockBit Takedown: What You Need to Know about Operation CronosLockBit Infrastructure Disrupted by Global Law...
Ftc To Ban Avast From Selling Browsing Data For Advertising Purposes
The U.S. Federal Trade Commission (FTC) will order Avast to pay $16.5 million and ban the company from selling the...
Lockbit Ransomware Secretly Building Next Gen Encryptor Before Takedown
LockBit ransomware developers were secretly building a new version of their file encrypting malware, dubbed LockBit-NG-Dev - likely to become...
Screenconnect Servers Hacked In Lockbit Ransomware Attacks
Attackers are exploiting a maximum severity authentication bypass vulnerability to breach unpatched ScreenConnect servers and deploy LockBit ransomware payloads on...
Bitwardens New Auto Fill Option Adds Phishing Resistance
The Bitwarden open-source password management service has introduced a new inline auto-fill menu that addresses the risk of user credentials being...
New Ssh Snake Malware Steals Ssh Keys To Spread Across The Network
A threat actor is using an open-source network mapping tool named SSH-Snake to look for private keys undetected and move laterally...
Screenconnect Critical Bug Now Under Attack As Exploit Code Emerges
Both technical details and proof-of-concept exploits are available for the two vulnerabilities ConnectWise disclosed earlier this week for ScreenConnect, its...
Fraudsters Tried To Scam Apple Out Of 5 000 Iphones Worth Over 3 Million
Two Chinese nationals face 20 years in prison after being caught and convicted of submitting over 5,000 fake iPhones worth...
Microsoft Expands Free Logging Capabilities After May Breach
Microsoft has expanded free logging capabilities for all Purview Audit standard customers, including U.S. federal agencies, six months after disclosing...
Us Offers 15 Million Bounty For Info On Lockbit Ransomware Gang
The U.S. State Department is now also offering rewards of up to $15 million to anyone who can provide information...
Hackers Abuse Google Cloud Run In Massive Banking Trojan Campaign
Security researchers are warning of hackers abusing the Google Cloud Run service to distribute massive volumes of banking trojans like...
Us Govt Shares Cyberattack Defense Tips For Water Utilities
CISA, the FBI, and the Environmental Protection Agency (EPA) shared a list of defense measures U.S. water utilities should implement...
Joomla Fixes Xss Flaws That Could Expose Sites To Rce Attacks
Five vulnerabilities have been discovered in the Joomla content management system that could be leveraged to execute arbitrary code on...
Over 40% of Firms Struggle With Cybersecurity Talent Shortage
Over 40% of companies globally are struggling to fill critical cybersecurity roles, particularly in information security research and malware analysis,...
Ransomware Groups Targeting Preferences And The Access Economy
How do ransomware groups pick their targets? It’s a rhetorical question: in the vast majority of cases they don’t. Ransomware-as-a-service...
Knight Ransomware Source Code For Sale After Leak Site Shuts Down
The alleged source code for the third iteration of the Knight ransomware is being offered for sale to a single...
Critical Infrastructure Software Maker Confirms Ransomware Attack
PSI Software SE, a German software developer for complex production and logistics processes, has confirmed that the cyber incident it disclosed...
Voltschemer Attacks Use Wireless Chargers To Inject Voice Commands Fry Phones
A team of academic researchers show that a new set of attacks called ‘VoltSchemer’ can inject voice commands to manipulate a smartphone's...
Connectwise Urges Screenconnect Admins To Patch Critical Rce Flaw
ConnectWise warned customers to patch their ScreenConnect servers immediately against a maximum severity flaw that can be used in remote...
Vmware Urges Admins To Remove Deprecated Vulnerable Auth Plug In
VMware urged admins today to remove a discontinued authentication plugin exposed to authentication relay and session hijack attacks in Windows domain...
Police Arrest Lockbit Ransomware Members Release Decryptor In Global Crackdown
Update February 20, 07:21 EST: Article updated with further details on the operation. Law enforcement arrested two operators of the LockBit ransomware...
New Migo Malware Disables Protection Features On Redis Servers
Security researchers discovered a new campaign that targets Redis servers on Linux hosts using a piece of malware called ‘Migo’...
