CISA warns govt agencies to secure iPhones against spyware attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies today to patch security vulnerabilities abused as part of...
cybersecurity
New WiKI-Eve attack can steal numerical passwords over WiFi
A new attack dubbed 'WiKI-Eve' can intercept the cleartext transmissions of smartphones connected to modern WiFi routers and deduce individual...
Pentagon Urges Collaboration in Cyber Defense
In a discussion at the FedTalks event in Washington last Thursday, Leslie A. Beavers, principal deputy chief information officer at...
Microsoft Teams phishing attack pushes DarkGate malware
A new phishing campaign is abusing Microsoft Teams messages to send malicious attachments that install the DarkGate Loader malware. The...
The Week in Ransomware – September 8th 2023 – Conti Indictments
It started as a slow ransomware news week but slowly picked up pace with the Department of Justice announcing indictments...
Ragnar Locker claims attack on Israel’s Mayanei Hayeshua hospital
The Ragnar Locker ransomware gang has claimed responsibility for an attack on Israel's Mayanei Hayeshua hospital, threatening to leak 1...
Dymocks Booksellers suffers data breach impacting 836k customers
Dymocks Booksellers is warning customers their personal information was exposed in a data breach after the company's database was shared...
Notepad++ 8.5.7 released with fixes for four security vulnerabilities
Notepad++ version 8.5.7 has been released with fixes for multiple buffer overflow zero-days, with one marked as potentially leading to...
Cisco warns of VPN zero-day exploited by ransomware gangs
Cisco is warning of a CVE-2023-20269 zero-day vulnerability in its Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense...
China Unleashes AI-Powered Image Generation For Influence Operations
China has unveiled a new cyber capability powered by artificial intelligence, enabling the automatic generation of images for influence operations....
The Initial Access Broker Economy: A Deep Dive into Dark Web Hacking Forums
How much does it cost to buy hacked domain administrator access to a Fortune 500 U.S.chemical manufacturer? More than a...
US and UK sanction 11 TrickBot and Conti cybercrime gang members
The USA and the United Kingdom have sanctioned eleven Russian nationals associated with the TrickBot and Conti ransomware cybercrime operations. The...
Microsoft: North Korean hackers target Russian govt, defense orgs
Microsoft says North Korean hacking groups have breached multiple Russian government and defense targets since the start of the year....
Windows cryptomining attacks target graphic designer’s high-powered GPUs
Image: Midjourney Cybercriminals are leveraging a legitimate Windows tool called 'Advanced Installer' to infect the computers of graphic designers with...
Johnson & Johnson discloses IBM data breach impacting patients
Johnson & Johnson Health Care Systems ("Janssen") has informed its CarePath customers that their sensitive information has been compromised in...
Google: State hackers attack security researchers with new zero-day
Google's Threat Analysis Group (TAG) says North Korean state hackers are again targeting security researchers in attacks using at least...
CISA warns of critical Apache RocketMQ bug exploited in attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added to its catalog of known exploited vulnerabilities (KEV) a critical–severity...
Cisco BroadWorks impacted by critical authentication bypass flaw
A critical vulnerability impacting the Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow remote attackers...
Iranian hackers breach US aviation org via Zoho, Fortinet bugs
Image: Midjourney State-backed hacking groups have breached a U.S. aeronautical organization using exploits targeting critical Zoho and Fortinet vulnerabilities, a...
Google Looker Studio abused in cryptocurrency phishing attacks
Cybercriminals are abusing Google Looker Studio to create counterfeit cryptocurrency phishing websites that phish digital asset holders, leading to account...
Apple zero-click iMessage exploit used to infect iPhones with spyware
Citizen Lab says two zero-days fixed by Apple today in emergency security updates were actively abused as part of a...
Zero-Day Flaw Exposes Atlas VPN User IPs
A Reddit user known as “Educational-Map-8145” has exposed a critical zero-day flaw affecting the Linux client of Atlas VPN, a popular...
Toyota says filled disk storage halted Japan-based factories
Image: Midjourney Toyota says a recent disruption of operations in Japan-based production plants was caused by its database servers running...
W3LL phishing kit hijacks thousands of Microsoft 365 accounts, bypasses MFA
A threat actor known as W3LL developed a phishing kit that can bypass multi-factor authentication along with other tools that...
