Maine govt notifies 1.3 million people of MOVEit data breach
The State of Maine has announced that its systems were breached after threat actors exploited a vulnerability in the MOVEit file...
News
Mortgage giant Mr. Cooper says customer data exposed in breach
Mr. Cooper, the largest home loan servicer in the United States, says it found evidence of customer data exposed during...
Microsoft: BlueNoroff hackers plan new crypto-theft attacks
Microsoft warns that the BlueNoroff North Korean hacking group is setting up new attack infrastructure for upcoming social engineering campaigns...
Russian APT Sandworm Disrupted Power in Ukraine Using Novel OT Techniques
Google-owned Mandiant has revealed that Sandowrm, a Russia-backed hacking group, conducted a disruptive cyber-attack targeting a Ukrainian critical infrastructure organization...
Quishing Campaigns Spike 50% in September
Security researchers have detected a double-digit percentage increase in incidents involving QR code phishing (quishing), as cyber-criminals exploit employee use...
UK Shoppers Lost Nearly £11m to Fraud Last Festive Season
A leading UK security agency has warned of AI-generated fraud in the coming weeks, after citing new figures that shoppers...
New Kamran Spyware Targets Urdu-Speaking Users in Pakistan
Security researchers have identified a watering-hole attack on a regional news website, Hunza News, which delivers news about Gilgit-Baltistan, a...
OpenAI Reveals ChatGPT Is Being DDoS-ed
ChatGPT developer OpenAI has admitted the cause of intermittent outages across its flagship generative AI offering over the past day:...
Signature Techniques of Asian APT Groups Revealed
The Kaspersky Cyber Threat Intelligence team has unveiled crucial insights into the tactics, techniques and procedures (TTPs) employed by Asian...
MOVEit Gang Targets SysAid Customers With Zero-Day Attacks
Microsoft has revealed a new threat campaign exploiting a zero-day vulnerability in the popular SysAid IT helpdesk software.Posting to X...
MPs Dangerously Uninformed About Facial Recognition – Report
Most British lawmakers are unaware or misinformed about how and where facial recognition technology (FRT) is being used, and the...
ICBC and Allen & Overy Hit By Ransomware
Two giants of the banking and legal sectors have been breached by suspected ransomware actors, according to reports.Allen & Overy...
US-CERT Vulnerability Summary for the Week of October 30, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infocontec -- solarview_compact_firmwareAn issue in Contec SolarView Compact v.6.0 and before allows...
Alert: ‘Effluence’ Backdoor Persists Despite Patching Atlassian Confluence Servers
Cybersecurity researchers have discovered a stealthy backdoor named Effluence that's deployed following the successful exploitation of a recently disclosed security...
Russian Hackers Sandworm Cause Power Outage in Ukraine Amidst Missile Strikes
The notorious Russian hackers known as Sandworm targeted an electrical substation in Ukraine last year, causing a brief power outage...
New Malvertising Campaign Uses Fake Windows News Portal to Distribute Malicious Installers
A new malvertising campaign has been found to employ fake sites that masquerade as legitimate Windows news portal to propagate...
Iran-Linked Imperial Kitten Cyber Group Targeting Middle East’s Tech Sectors
A group with links to Iran targeted transportation, logistics, and technology sectors in the Middle East, including Israel, in October...
Stealthy Kamran Spyware Targeting Urdu-speaking Users in Gilgit-Baltistan
Urdu-speaking readers of a regional news website that caters to the Gilgit-Baltistan region have likely emerged as a target of...
The New 80/20 Rule for SecOps: Customize Where it Matters, Automate the Rest
There is a seemingly never-ending quest to find the right security tools that offer the right capabilities for your organization....
OpenAI confirms DDoS attacks behind ongoing ChatGPT outages
OpenAI has been addressing "periodic outages" due to DDoS attacks targeting its API and ChatGPT services within the last 24...
Google ads push malicious CPU-Z app from fake Windows news site
A threat actor has been abusing Google Ads to distribute a trojanized version of the CPU-Z tool to deliver the...
Kyocera AVX says ransomware attack impacted 39,000 individuals
Kyocera AVX Components Corporation (KAVX) is sending notices of a data breach exposing personal information of 39,111 individuals following a...
Industrial and Commercial Bank of China hit by ransomware attack
Image: Adrian Grycuk/CC BY-SA 3.0 PL The Industrial & Commercial Bank of China (ICBC) is restoring systems and services following...
Microsoft: SysAid zero-day flaw exploited in Clop ransomware attacks
Threat actors are exploiting a zero-day vulnerability in the service management software SysAid to gain access to corporate servers for data theft and...
