Personal and financial data probably stolen A cyberattack on a Deloitte-managed government system in Rhode Island carries a "high probability" of sensitive data theft, the state says.... [...]
Healthcare software as a service (SaaS) company Phreesia is notifying over 910,000 people that their personal and health data was exposed in a May breach of its subsidiary ConnectOnCall. [...]
As cybersecurity threats have grown more sophisticated and prevalent, we’ve seen organizations develop robust cyber threat intelligence (CTI) programs to help bolster defenses. However, creating and maturing a CTI program remains a challenge because it requires people, processes, technologies, and metrics to validate success. To help organizations better …
Rhode Island is warning that its RIBridges system, managed by Deloitte, suffered a data breach exposing residents' personal information after the Brain Cipher ransomware gang hacked its systems. [...]
The Serbian government exploited Qualcomm zero-days to unlock and infect Android devices with a new spyware named 'NoviSpy,' used to spy on activists, journalists, and protestors. [...]
Starting next year : Our longstanding offering won’t fundamentally change next year, but we are going to introduce a new offering that’s a big shift from anything we’ve done before—short-lived certificates. Specifically, certificates with a lifetime of six days. This is a big upgrade for the …
Posted by Seth Jenkins, Google Project Zero This blog post provides a technical analysis of exploit artifacts provided to us by Google's Threat Analysis Group (TAG) from Amnesty International. Amnesty’s report on these exploits is available here. Thanks to both Amnesty International and Google's Threat Analysis Group for …
Plus: Netscaler brute force barrage; BeyondTrust API key stolen; and more Infosec in brief There's a problem of titanic proportions brewing for users of the Prometheus open source monitoring toolkit: hundreds of thousands of servers and exporters are exposed to the internet, creating significant security risks and leaving organizations …
The Clop ransomware gang has confirmed to BleepingComputer that they are behind the recent Cleo data-theft attacks, utilizing zero-day exploits to breach corporate networks and steal data. [...]
The Chinese Winnti hacking group is using a new PHP backdoor named 'Glutton' in attacks on organizations in China and the U.S., and also in attacks on other cybercriminals. [...]
This is a current list of where and when I am scheduled to speak: I’m speaking at a joint meeting of the Boston Chapter of the IEEE Computer Society and GBC/ACM, in Boston, Massachusetts, USA, at 7:00 PM ET on Thursday, January 9, 2025. The event …
A threat actor tracked as MUT-1244 has stolen over 390,000 WordPress credentials in a large-scale, year-long campaign targeting other threat actors using a trojanized WordPress credentials checker. [...]
IOCONTROL targets IoT and OT devices from a ton of makers, apparently An Iranian government-linked cybercriminal crew used custom malware called IOCONTROL to attack and remotely control US and Israel-based water and fuel management systems, according to security researchers.... [...]
Automobile parts giant LKQ Corporation disclosed that one of its business units in Canada was hacked, allowing threat actors to steal data from the company. [...]
'Today’s sentencing is more than just a punishment. It’s a message' A Texan who ran a forum on the dark web where depraved netizens could swap child sex abuse material (CSAM), and chat freely about abusing kids, has been sentenced to 30 years in prison.... [...]
Citrix Netscaler is the latest target in widespread password spray attacks targeting edge networking devices and cloud platforms this year to breach corporate networks. [...]
Good survey paper. Blog moderation policy. [...]
A sophisticated and ongoing supply-chain attack operating for the past year has been stealing sensitive login credentials from both malicious and benevolent security personnel by infecting them with Trojanized versions of open source software from GitHub and NPM, researchers said. The campaign, first reported three weeks ago by security …
CISA confirmed today that a critical remote code execution bug in Cleo Harmony, VLTrader, and LexiCom file transfer software is being exploited in ransomware attacks. [...]
Privacy measure leaves some mourning lost memories A year ago, Google announced plans to save people's Location History, which it now calls Timeline, locally on devices rather than on its servers.... [...]
The Federal Trade Commission (FTC) warns about a significant rise in gambling-like online job scams, known as "task scams," that draw people into earning cash through repetitive tasks, with the promises of earning more if they deposit their own money. [...]
CISA and the Environmental Protection Agency (EPA) warned water facilities today to secure Internet-exposed Human Machine Interfaces (HMIs) from cyberattacks. [...]
Russian telecommunications watchdog Roskomnadzor has blocked the Viber encrypted messaging app, used by hundreds of millions worldwide, for violating the country's legislation. [...]
Russian cyberspies Gamaredon has been discovered using two Android spyware families named 'BoneSpy' and 'PlainGnome' to spy on and steal data from mobile devices. [...]
As organizations increasingly use generative AI to streamline processes, enhance efficiency, and gain a competitive edge in today’s fast-paced business environment, they seek mechanisms for measuring and monitoring their use of AI services. To help you navigate the process of adopting generative AI technologies and proactively measure your …
Last week, we saw a supply-chain attack against the Ultralytics AI library on GitHub. A quick summary : On December 4, a malicious version 8.3.41 of the popular AI library ultralytics —which has almost 60 million downloads—was published to the Python Package Index (PyPI) package repository. The …
Germany's Federal Office for Information Security (BSI) has disrupted the BadBox malware operation pre-loaded in over 30,000 Android IoT devices sold in the country. [...]
How Cynet delivered 100 percent Protection and 100 percent Detection Visibility in 2024 MITRE ATT&CK Evaluation Partner Content Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders is to keep IT environments up and running.... [...]
GitGuardian takes on enterprise secrets sprawl Partner Content With Non-Human Identities (NHIs) now outnumbering human users 100 to one in enterprise environments, managing secrets across multiple vaults has become a significant security concern.... [...]
DoJ thinks it's found the folks that ran it, and some of the 'IT warriors' sent out to fleece employers North Korea's fake IT worker scams netted the hermit kingdom $88 million over six years, according to the US Department of Justice, which thinks it's found the people who …
DoJ thinks it's found the folks that ran it, and some of the 'IT warriors' sent out to fleece employers North Korea's fake IT worker scams netted the hermit kingdom $88 million over six years, according to the US Department of Justice, which thinks it's found the people who …
Posted by James Forshaw, Google Project Zero This is a short blog post about some recent improvements I've been making to the OleView.NET tool which has been released as part of version 1.16. The tool is designed to discover the attack surface of Windows COM and find …
A new Linux rootkit malware called Pumakit has been discovered that uses stealth and advanced privilege escalation techniques to hide its presence on systems. [...]
International law enforcement operation seizes the Rydox cybercrime marketplace and arrests three administrators. [...]
Thousands of sites running WordPress remain unpatched against a critical security flaw in a widely used plugin that was being actively exploited in attacks that allow for unauthenticated execution of malicious code, security researchers said. The vulnerability, tracked as CVE-2024-11972, is found in Hunk Companion, a plugin that runs …
Iranian threat actors are utilizing a new malware named IOCONTROL to compromise Internet of Things (IoT) devices and OT/SCADA systems used by critical infrastructure in Israel and the United States. [...]
The U.S. State Department is offering a reward of up to $5 million for information that could help disrupt the activities of North Korean front companies and employees who generated over $88 million via illegal remote IT work schemes in six years. [...]
Amazon CloudWatch dashboards are customizable pages in the CloudWatch console that you can use to monitor your resources in a single view. This post focuses on deploying a CloudWatch dashboard that you can use to create a customizable monitoring solution for your AWS Network Firewall firewall. It’s designed …
Cleo has released security updates for a zero-day flaw in its LexiCom, VLTransfer, and Harmony software, currently exploited in data theft attacks. [...]
The AI phase of industrial evolution is marked by a profound transformation in how humans and intelligent machines collaborate. The blurring of boundaries between physical and digital systems across the manufacturing landscape is accelerating, driven by advancements in automation, robotics, artificial intelligence, and the Internet of Things. This interconnectedness …
At Google, we understand that new technology applications such as artificial intelligence driven innovation can introduce new questions about data privacy. We are committed to helping our customers meet their data protection obligations while using AI offerings integrated in Google Cloud services (which includes Google Workspace services.) Some customers …
The Spanish police, working with colleagues in Peru, conducted a simultaneous crackdown on a large-scale voice phishing (vishing) scam ring in the two countries, arresting 83 individuals. [...]
US Bitcoin ATM operator Byte Federal has disclosed a data breach that exposed the data of 58,000 customers after its systems were breached using a GitLab vulnerability. [...]
More details released after devs allowed weeks to apply fixes We now know the remote code execution vulnerability in Apache Struts 2 disclosed back in November carries a near-maximum severity rating following the publication of the CVE.... [...]
Holiday cheer comes in the form of three arrests and 27 shuttered domains The Europol-coordinated Operation PowerOFF struck again this week as cross-border cops pulled the plug on 27 more domains tied to distributed denial of service (DDoS) criminality.... [...]
High-energy weapon proves its mettle in testing The British Army has successfully destroyed flying drones for the first time using a high-energy laser mounted on an armored vehicle. If perfected, the technology could form an effective counter-measure against drone attacks.... [...]
Few websites actually respect the option, says Mozilla When Firefox 135 is released in February, it'll ship with one less feature: Mozilla plans to remove the Do Not Track toggle from its Privacy and Security settings.... [...]
Acquires two companies that help those on the nice list keep naughty list types at bay Citrix has gone on a European shopping trip, and come home with its bag of gifts bulging thanks to a pair of major buys: infosec outfits deviceTRUST and Strong Network.... [...]
Hackers are exploiting a critical vulnerability in the "Hunk Companion" plugin to install and activate other plugins with exploitable flaws directly from the WordPress.org repository. [...]
Russian nation-state hackers have followed an unusual path to gather intel in the country's ongoing invasion of Ukraine—appropriating the infrastructure of fellow threat actors and using it to infect electronic devices its adversary’s military personnel are using on the front line. On at least two occasions this …