Enlarge / The Rexroth Nutrunner, a line of torque wrench sold by Bosch Rexroth. (credit: Bosch Rexroth) Researchers have unearthed nearly two dozen vulnerabilities that could allow hackers to sabotage or disable a popular line of network-connected wrenches that factories around the world use to assemble sensitive instruments and devices …
Toronto Zoo, the largest zoo in Canada, says that a ransomware attack that hit its systems on early Friday had no impact on the animals, its website, or its day-to-day operations. [...]
The official Netgear and Hyundai MEA Twitter/X accounts (together with over 160,000 followers) are the latest hijacked to push scams designed to infect potential victims with cryptocurrency wallet drainer malware. [...]
The Turkish state-backed cyber espionage group tracked as Sea Turtle has been carrying out multiple spying campaigns in the Netherlands, focusing on telcos, media, internet service providers (ISPs), and Kurdish websites. [...]
The Authy desktop apps for Windows, macOS, and Linux will be discontinued in August 2024, with the company recommending users switch to a mobile version of the two-factor authentication (2FA) app. [...]
Leading U.S. mortgage lender loanDepot confirmed today that a cyber incident disclosed over the weekend was a ransomware attack that led to data encryption. [...]
The Lockbit ransomware operation has claimed responsibility for a November 2023 cyberattack on the Capital Health hospital network and threatens to leak stolen data and negotiation chats by tomorrow. [...]
In the wake of the MGM Resorts service desk hack, it's clear that organizations need to rethink their approach to securing their help desks. Learn more from Specops Software on how to prevent such incidents. [...]
U.S. mortgage lender loanDepot has suffered a cyberattack that caused the company to take IT systems offline, preventing online payments against loans. [...]
A campaign delivering the AsyncRAT malware to select targets has been active for at least the past 11 months, using hundreds of unique loader samples and more than 100 domains. [...]
Multiple implementations of the Kyber key encapsulation mechanism for quantum-safe encryption, are vulnerable to a set of flaws collectively referred to as KyberSlash, which could allow the recovery of secret keys. [...]
Google is downplaying reports of malware abusing an undocumented Google Chrome API to generate new authentication cookies when previously stolen ones have expired. [...]
Cybercriminals are abusing X advertisements to promote websites that lead to crypto drainers, fake airdrops, and other scams. [...]
Enlarge Software maker Ivanti is urging users of its end-point security product to patch a critical vulnerability that makes it possible for unauthenticated attackers to execute malicious code inside affected networks. The vulnerability, in a class known as a SQL injection, resides in all supported versions of the Ivanti …
With it being the first week of the New Year and some still away on vacation, it has been slow with ransomware news, attacks, and new information. [...]
The U.S. Department of Justice announced the end of a transnational investigation into the dark web xDedic cybercrime marketplace, charging 19 suspects for their involvement in running and using the market's services. [...]
The administrator behind the notorious BreachForums hacking forum has been arrested again for breaking pretrial release conditions, including using an unmonitored computer and a VPN. [...]
Security researchers are detecting hundreds of IP addresses on a daily basis that scan or attempt to exploit Apache RocketMQ services vulnerable to a remote command execution flaw identified as CVE-2023-33246 and CVE-2023-37582. [...]
The Twitter/X account of blockchain security firm CertiK was hijacked today to redirect the company's more than 343,000 followers to a malicious website pushing a cryptocurrency wallet drainer. [...]
The Memorial University of Newfoundland (MUN) continues to deal with the effects of a cyberattack that occurred in late December and postponed the start of classes in one campus. [...]
A crypto wallet service co-founder shares with the world his agony after losing $125,000 to a crypto scam. The startup CEO, who at the time believed he was on a legitimate cryptocurrency airdrop website, realized after his loss that the domain he'd went on was setup for the …
Enlarge (credit: Getty Images) Orange España, Spain’s second-biggest mobile operator, suffered a major outage on Wednesday after an unknown party obtained a “ridiculously weak” password and used it to access an account for managing the global routing table that controls which networks deliver the company's Internet traffic, researchers …
Ivanti fixed a critical remote code execution (RCE) vulnerability in its Endpoint Management software (EPM) that can let unauthenticated attackers hijack enrolled devices or the core server. [...]
The Russian hackers behind a December breach of Kyivstar, Ukraine's largest telecommunications service provider, have wiped all systems on the telecom operator's core network. [...]
Hackers are increasingly targeting verified accounts on X (formerly Twitter) belonging to government and business profiles and marked with 'gold' and 'grey' checkmarks to promote cryptocurrency scams, phishing sites, and sites with crypto drainers. [...]