Cyber-Attacks on Ukraine Surge 123%, But Success Rates Plummet
Russian cyber-attacks against Ukraine skyrocketed in the first half of 2023, with 762 incidents observed by Ukraine’s State Service of...
News
BEC Attacks Increase By 279% in Healthcare
Business Email Compromise (BEC) attacks in the healthcare sector have seen a 279% increase this year, shows a new report published...
Simple Membership Plugin Flaws Expose WordPress Sites
Two new security flaws in the popular Simple Membership plugin for WordPress, affecting versions 4.3.4 and below, have been identified,...
Leading CISO Creates Model for Ransomware Payment Decisions
Organizations who pay a ransom to cyber-criminals following a cyber-attack are highly likely to suffer a subsequent attack. It is...
Ransomed.vc Group Hits NTT Docomo After Sony Breach Claims
In a recent development following the recent data leak from Sony, the notorious ransomware syndicate Ransomed.vc has targeted Japan’s largest...
US-CERT Vulnerability Summary for the Week of September 11, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infowibu -- codemeter_runtime A heap buffer overflow vulnerability in Wibu CodeMeter Runtime...
ShadowSyndicate hackers linked to multiple ransomware ops, 85 servers
Security researchers have identified infrastructure belonging to a threat actor now tracked as ShadowSyndicate, who likely deployed seven different ransomware families...
Can we fix the weaknesses in password-based authentication?
In password-based authentication, end-users confirm their identity using login credentials, commonly a unique username, and a secret password. These credentials...
SickKids impacted by BORN Ontario data breach that hit 3.4 million
The Hospital for Sick Children, more commonly known as SickKids, is among healthcare providers that were impacted by the recent breach...
New AtlasCross hackers use American Red Cross as phishing lure
A new APT hacking group named 'AtlasCross' targets organizations with phishing lures impersonating the American Red Cross to deliver backdoor...
Sony investigates cyberattack as hackers fight over who’s responsible
Sony says that it is investigating allegations of a cyberattack this week as different hackers have stepped up to claim responsibility for...
Google assigns new maximum rated CVE to libwebp bug exploited in attacks
Google has assigned a new CVE ID (CVE-2023-5129) to a libwebp security vulnerability exploited as a zero-day in attacks and...
New ZeroFont phishing tricks Outlook into showing fake AV-scans
Hackers are utilizing a new trick of using zero-point fonts in emails to make malicious emails appear as safely scanned...
Hackers actively exploiting Openfire flaw to encrypt servers
Hackers are actively exploiting a high-severity vulnerability in Openfire messaging servers to encrypt servers with ransomware and deploy cryptominers. Openfire...
ChromeOS Multiple Vulnerabilities
Multiple vulnerabilities were identified in ChromeOS. A remote attacker could exploit some of these vulnerabilities to trigger denial of service...
Apple Products Multiple Vulnerabilities
Multiple vulnerabilities were identified in Apple Products. A remote attacker could exploit some of these vulnerabilities to trigger elevation of...
Tech Giants Launch Post-Quantum Cryptography Coalition
A new tech consortium launched today with a mission to drive adoption of post-quantum cryptography (PQC).The PQC Coalition features Microsoft,...
Pension Firms Report 4000% Surge in Breaches
Pension providers reported a staggering quadruple-digit percentage increase in data breaches to the UK regulator last year, according to new...
CISA Publishes Hardware Bill of Materials Framework
The US Cybersecurity and Infrastructure Security Agency (CISA) has published new guidance designed to improve the accuracy of risk assessments...
Half of Cyber-Attacks Go Unreported
Fear, ignorance and forgetfulness are some of the reasons for widespread shortcomings in reporting cyber-attacks and breaches, both internally and...
More than 30 US Banks Targeted in New Xenomorph Malware Campaign
Xenomorph malware has reemerged in a new distribution campaign, expanding its scope to target over 30 US banks along with...
ZenRAT Malware Uncovered in Bitwarden Impersonation
A new malware strain called ZenRAT has emerged, concealed within counterfeit Bitwarden installation packages.Discovered by Proofpoint, ZenRAT is a modular...
ShadowSyndicate Investigation Reveals RaaS Ties
A recent collaborative investigation by Group-IB Threat Intelligence, Bridewell and threat researcher Michael Koczwara has exposed the existence of a new...
US-CERT Vulnerability Summary for the Week of September 11, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infowibu -- codemeter_runtime A heap buffer overflow vulnerability in Wibu CodeMeter Runtime...
