Blink Copilot Brings Generative AI to Security Automation
Imagine if all you needed to do to turn a security policy into an enforced workflow was type it out...
cybersecurity
RDP honeypot targeted 3.5 million times in brute-force attacks
Remote desktop connections are so powerful a magnet for hackers that an exposed connection can average more than 37,000 times...
Chinese hackers used VMware ESXi zero-day to backdoor VMs
VMware patched today a VMware ESXi zero-day vulnerability exploited by a Chinese-sponsored hacking group to backdoor Windows and Linux virtual...
Pirated Windows 10 ISOs install clipper malware via EFI partitions
Hackers are distributing Windows 10 using torrents that hide cryptocurrency hijackers in the EFI (Extensible Firmware Interface) partition to evade...
CISA orders federal agencies to secure Internet-exposed network devices
CISA issued this year's first binding operational directive (BOD) ordering federal civilian agencies to secure misconfigured or Internet-exposed networking equipment...
Bulletproof hoster gets 3 years for pushing Urfsnif, Zeus malware
Romanian national Mihai Ionut Paunescu, aka "Virus," was sentenced to three years in prison by a Manhattan federal court for...
WordPress Stripe payment plugin bug leaks customer order details
The WooCommerce Stripe Gateway plugin for WordPress was found to be vulnerable to a bug that allows any unauthenticated user...
Swiss government warns of ongoing DDoS attacks, data leak
The Swiss government has disclosed that a recent ransomware attack on an IT supplier might have impacted its data, while...
Have I Been Pwned warns of new Zacks data breach impacting 8 million
Zacks Investment Research (Zacks) has reportedly suffered an older, previously undisclosed data breach impacting 8.8 million customers, with the database...
Fortinet: New FortiOS RCE bug “may have been exploited” in attacks
Fortinet says a critical FortiOS SSL VPN vulnerability that was patched last week "may have been exploited" in attacks impacting...
Exploit released for MOVEit RCE bug used in data theft attacks
Horizon3 security researchers have released proof-of-concept (PoC) exploit code for a remote code execution (RCE) bug in the MOVEit Transfer...
Strava heatmap feature can be abused to find home addresses
Researchers at the North Carolina State University Raleigh have discovered a privacy risk in the Strava app's heatmap feature that could...
Fortinet fixes critical RCE flaw in Fortigate SSL-VPN devices, patch now
Update 6/11/23: Fortinet statement added below. Fortinet has released new Fortigate firmware updates that fix an undisclosed, critical pre-authentication remote...
BlackCat ransomware fails to extort Australian commercial law giant
Australian law firm HWL Ebsworth confirmed to local media outlets that its network was hacked after the ALPHV ransomware gang...
University of Manchester says hackers ‘likely’ stole data in cyberattack
Image: City Suites The University of Manchester warns staff and students that they suffered a cyberattack where threat actors likely stole...
New MOVEit Transfer critical flaws found after security audit, patch now
Progress Software warned customers today of newly found critical SQL injection vulnerabilities in its MOVEit Transfer managed file transfer (MFT)...
Russians charged with hacking Mt. Gox crypto exchange, running BTC-e
Russian nationals Alexey Bilyuchenko and Aleksandr Verner have been charged with the 2011 hacking of the leading cryptocurrency exchange Mt....
Ukrainian hackers take down service provider for Russian banks
A group of Ukrainian hackers known as the Cyber.Anarchy.Squad claimed an attack that took down Russian telecom provider Infotel JSC...
The Week in Ransomware – June 9th 2023 – It’s Clop… Again!
The week was dominated by fallout over the MOVEit Transfer data-theft attacks, with the Clop ransomware gang confirming that they...
Royal ransomware gang adds BlackSuit encryptor to their arsenal
Image: Bing Create The Royal ransomware gang has begun testing a new encryptor called BlackSuit that shares many similarities with...
Why cybersecurity needs a conference like mWISE
Let’s talk about cybersecurity’s silo problem. First, industry divides are weighing on practitioners. According to ISSA, 77% of infosec pros...
PoC released for Windows Win32k bug exploited in attacks
Researchers have released a proof-of-concept (PoC) exploit for an actively exploited Windows local privilege escalation vulnerability fixed as part of...
Japanese pharma giant Eisai discloses ransomware attack
Pharmaceutical company Eisai has disclosed it suffered a ransomware incident that impacted its operations, admitting that attackers encrypted some of...
Clop ransomware likely testing MOVEit zero-day since 2021
The Clop ransomware gang has been looking for ways to exploit a now-patched zero-day in the MOVEit Transfer managed file...
