Medical Data Breach: Ayush Jharkhand Hacked
The threat actor known as Tanaka recently has been observed sharing a post titled “bitsphere.in” on an English-speaking hacking forum, shedding...
News
New Attack Technique “MalDoc in PDF” Alarms Experts
Security experts from JPCERT/CC have identified a new attack technique called “MalDoc in PDF,” which can elude detection by embedding a...
Sensitive Data about UK Military Sites Potentially Leaked by LockBit
Gigabytes of sensitive data related to British military and intelligence sites have been exposed by the infamous LockBit ransomware group.Zaun,...
US-CERT Vulnerability Summary for the Week of August 21, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoqemu -- qemuThe hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device model...
Hackers Exploit MinIO Storage System Vulnerabilities to Compromise Servers
An unknown threat actor has been observed weaponizing high-severity security flaws in the MinIO high-performance object storage system to achieve...
X (Twitter) to Collect Biometric Data from Premium Users to Combat Impersonation
X, the social media site formerly known as Twitter, has updated its privacy policy to collect users' biometric data to...
Everything You Wanted to Know About AI Security but Were Afraid to Ask
There's been a great deal of AI hype recently, but that doesn't mean the robots are here to replace us....
Vietnamese Cybercriminals Targeting Facebook Business Accounts with Malvertising
Malicious actors associated with the Vietnamese cybercrime ecosystem are leveraging advertising-as-a-vector on social media platforms such as Meta-owned Facebook to...
Chinese-Speaking Cybercriminals Launch Large-Scale iMessage Smishing Campaign in U.S.
A new large-scale smishing campaign is targeting the U.S. by sending iMessages from compromised Apple iCloud accounts with an aim...
Beware of MalDoc in PDF: A New Polyglot Attack Allowing Attackers to Evade Antivirus
Cybersecurity researchers have called attention to a new antivirus evasion technique that involves embedding a malicious Microsoft Word file into...
University of Sydney data breach impacts recent applicants
The University of Sydney (USYD) announced that a breach at a third-party service provider exposed personal information of recently applied...
Children’s snack recalled after its website caught serving porn
Supermarket chain Lidl has been recalling four types of PAW Patrol-themed snacks across the UK. Except, the reason for the...
PoC Exploit Released for Critical VMware Aria’s SSH Auth Bypass Vulnerability
Proof-of-concept (PoC) exploit code has been made available for a recently disclosed and patched critical flaw impacting VMware Aria Operations...
US-CERT Vulnerability Summary for the Week of August 21, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoqemu -- qemuThe hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device model...
Chrome extensions can steal plaintext passwords from websites
A team of researchers from the University of Wisconsin-Madison has uploaded to the Chrome Web Store a proof-of-concept extension that can...
Fake YouPorn extortion scam threatens to leak your sex tape
A new sextortion scam is making the rounds that pretends to be an email from the adult site YouPorn, warning...
US-CERT Vulnerability Summary for the Week of August 21, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoqemu -- qemuThe hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device model...
Okta Warns of Social Engineering Attacks Targeting Super Administrator Privileges
Identity services provider Okta on Friday warned of social engineering attacks orchestrated by threat actors to obtain elevated administrator permissions....
Free Key Group ransomware decryptor helps victims recover data
Researchers took advantage of a weakness in the encryption scheme of Key Group ransomware and developed a decryption tool that...
Classiscam fraud-as-a-service expands, now targets banks and 251 brands
Image: Midjourney The "Classiscam" scam-as-a-service operation has broadened its reach worldwide, targeting many more brands, countries, and industries, causing more...
LogicMonitor customers hacked in reported ransomware attacks
Network monitoring company LogicMonitor confirmed today that some users of its SaaS platform have fallen victim to cyberattacks. The company...
GRU hackers attack Ukrainian military with new Android malware
Image: Midjourney Hackers working for the Main Directorate of the General Staff of the Armed Forces of the Russian Federation,...
Exploit released for critical VMware SSH auth bypass vulnerability
Proof-of-concept exploit code has been released for a critical SSH authentication bypass vulnerability in VMware's Aria Operations for Networks analysis...
Forever 21 data breach: hackers accessed info of 500,000
Forever 21 clothing and accessories retailer is sending data breach notifications to more than half a million individuals who had...
