ALPHV ransomware gang claims attack on Florida circuit court
The ALPHV (BlackCat) ransomware gang has claimed an attack that affected state courts across Northwest Florida (part of the First Judicial...
cybersecurity
D-Link WiFi range extender vulnerable to command injection attacks
The popular D-Link DAP-X1860 WiFi 6 range extender is susceptible to a vulnerability allowing DoS (denial of service) attacks and...
GNOME Linux systems exposed to RCE attacks via file downloads
A memory corruption vulnerability in the open-source libcue library can let attackers execute arbitrary code on Linux systems running the...
Hackers modify online stores’ 404 pages to steal credit cards
A new Magecart card skimming campaign hijacks the 404 error pages of online retailer's websites, hiding malicious code to steal...
MGM Resorts Reveals Over $100M in Costs After Ransomware Attack
MGM Resorts International has disclosed that costs resulting from a ransomware attack in September have surpassed $100m, including $10m in...
Bounty offered for secret NSA seeds behind NIST elliptic curves algo
A bounty of $12,288 has been announced for the first person to crack the NIST elliptic curves seeds and discover...
FTC warns of ‘staggering’ losses to social media scams since 2021
The Federal Trade Commission says Americans have lost at least $2.7 billion to social media scams since 2021, with the...
D.C. Board of Elections confirms voter data stolen in site hack
Image: Lorie Shaull (CC BY 2.0 DEED) The District of Columbia Board of Elections (DCBOE) is currently probing a data leak...
Blackbaud agrees to $49.5 million settlement for ransomware data breach
Cloud computing provider Blackbaud reached a $49.5 million agreement with attorneys general from 49 U.S. states to settle a multi-state...
MGM Resorts ransomware attack led to $100 million loss, data theft
MGM Resorts reveals that last month's cyberattack cost the company $100 million and allowed the hackers to steal customers' personal...
Genetics firm 23andMe says user data stolen in credential stuffing attack
23andMe has confirmed to BleepingComputer that it is aware of user data from its platform circulating on hacker forums and attributes...
CISA and NSA Publish Top 10 Misconfigurations
Two leading US government security agencies have shared the top 10 most common cybersecurity misconfigurations, in a bid to improve...
China-linked cyberspies backdoor semiconductor firms with Cobalt Strike
Hackers engaging in cyber espionage have targeted Chinese-speaking semiconductor companies with TSMC-themed lures that infect them with Cobalt Strike beacons....
Amazon to make MFA mandatory for ‘root’ AWS accounts by mid-2024
Amazon will require all privileged AWS (Amazon Web Services) accounts to use multi-factor authentication (MFA) for stronger protection against account...
Lyca Mobile investigates customer data leak after cyberattack
Lyca Mobile has released a statement about an unexpected disruption on its network caused by a cyberattack that may have...
NSA and CISA reveal top 10 cybersecurity misconfigurations
The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) revealed today the top ten most common...
Exploits released for Linux flaw giving root on major distros
Proof-of-concept exploits have already surfaced online for a high-severity flaw in GNU C Library's dynamic loader, allowing local attackers to...
Enhancing your application security program with continuous monitoring
Historically, cybersecurity models have been largely reactive. Organizations would assess vulnerabilities at specified intervals, typically following a security incident or...
Sony confirms data breach impacting thousands in the U.S.
Sony Interactive Entertainment (Sony) has notified current and former employees and their family members about a cybersecurity breach that exposed...
Cisco fixes hard-coded root credentials in Emergency Responder
Cisco released security updates to fix a Cisco Emergency Responder (CER) vulnerability that let attackers log into unpatched systems using...
Researchers warn of 100,000 industrial control systems exposed online
About 100,000 industrial control systems (ICS) were found on the public web, exposed to attackers probing them for vulnerabilities and...
Microsoft: Hackers target Azure cloud VMs via breached SQL servers
Hackers have been observed trying to breach cloud environments through Microsoft SQL Servers vulnerable to SQL injection. Microsoft's security researchers...
Atlassian patches critical Confluence zero-day exploited in attacks
Australian software company Atlassian released emergency security updates to fix a maximum severity zero-day vulnerability in its Confluence Data Center...
Hundreds of malicious Python packages found stealing sensitive data
A malicious campaign that researchers observed growing more complex over the past half year, has been planting on open-source platforms...
