Online Museum Collections Down After Cyberattack On Service Provider
Museum software solutions provider Gallery Systems has disclosed that its ongoing IT outages were caused by a ransomware attack last...
News
Australian Court Service Hacked, Hearing Recordings at Risk
Court cases and tribunals in Australia have been impacted by a cybersecurity incident, with attackers potentially accessing recordings of hearings,...
Teen Found Alive After “Cyber-Kidnapping” Incident
A Chinese foreign exchange student has been found alive and well by Utah police after being caught up in what...
Over $80m in Crypto Stolen in Cyber-Attack on Orbit Chain
Over $80m worth of cryptocurrency has been stolen following a cyber-attack on cross-chain bridge project Orbit Chain.The blockchain revealed the...
Black Basta Ransomware Decryptor Published
Security researchers have published a new suite of tools designed to help victims of the prolific Black Basta ransomware recover...
US-CERT Vulnerability Summary for the Week of December 25, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
The Definitive Enterprise Browser Buyer’s Guide
Security stakeholders have come to realize that the prominent role the browser has in the modern corporate environment requires a...
Google Settles $5 Billion Privacy Lawsuit Over Tracking Users in ‘Incognito Mode’
Google has agreed to settle a lawsuit filed in June 2020 that alleged that the company misled users by tracking...
The Law Enforcement Operations Targeting Cybercrime In 2023
In 2023, we saw numerous law enforcement operations targeting cybercrime operations, including cryptocurrency scams, phishing attacks, credential theft, malware development,...
The Biggest Cybersecurity And Cyberattack Stories Of 2023
2023 was a big year for cybersecurity, with significant cyberattacks, data breaches, new threat groups emerging, and, of course, zero-day...
New Variant of DLL Search Order Hijacking Bypasses Windows 10 and 11 Protections
Security researchers have detailed a new variant of a dynamic link library (DLL) search order hijacking technique that could be...
New Terrapin Flaw Could Let Attackers Downgrade SSH Protocol Security
Security researchers from Ruhr University Bochum have discovered a vulnerability in the Secure Shell (SSH) cryptographic network protocol that could...
New JinxLoader Targeting Users with Formbook and XLoader Malware
A new Go-based malware loader called JinxLoader is being used by threat actors to deliver next-stage payloads such as Formbook...
Android Game Devs Google Drive Misconfig Highlights Cloud Security Risks
Japanese game developer Ateam has proven that a simple Google Drive configuration mistake can result in the potential but unlikely...
New Black Basta Decryptor Exploits Ransomware Flaw To Recover Files
Researchers have created a decryptor that exploits a flaw in Black Basta ransomware, allowing victims to recover their files for...
Beware: Scam-as-a-Service Aiding Cybercriminals in Crypto Wallet-Draining Attacks
Cybersecurity researchers are warning about an increase in phishing attacks that are capable of draining cryptocurrency wallets. "These threats are...
Top 5 Marketing Tech SaaS Security Challenges
Effective marketing operations today are driven by the use of Software-as-a-Service (SaaS) applications. Marketing apps such as Salesforce, Hubspot, Outreach,...
Hospitals Ask Courts To Force Cloud Storage Firm To Return Stolen Data
Two not-for-profit hospitals in New York are seeking a court order to retrieve data stolen in an August ransomware attack...
Steam Game Mod Breached To Push Password Stealing Malware
Downfall, a fan expansion for the popular Slay the Spire indie strategy game, was breached on Christmas Day to push...
The Week In Ransomware December 29th 2023 Lockbit Targets Hospitals
It's been a quiet week, with even threat actors appearing to take some time off for the holidays. We did...
Malware Abuses Google Oauth Endpoint To Revive Cookies Hijack Accounts
Multiple information-stealing malware families are abusing an undocumented Google OAuth endpoint named "MultiLogin" to restore expired authentication cookies and log...
Critical Vulnerability in Apache OFBiz
Apache has released updates addressing a critical vulnerability (CVE-2023-51467) in their OFBiz Enterprise Resource Planning (ERP) system. The vulnerability has...
Albanian Parliament and One Albania Telecom Hit by Cyber Attacks
The Assembly of the Republic of Albania and telecom company One Albania have been targeted by cyber attacks, the country's...
Kimsuky Hackers Deploying AppleSeed, Meterpreter, and TinyNuke in Latest Attacks
Nation-state actors affiliated to North Korea have been observed using spear-phishing attacks to deliver an assortment of backdoors and tools...
