Capita warns customers they should assume data was stolen
Business process outsourcing firm Capita is warning customers to assume that their data was stolen in a cyberattack that affected...
News
US-CERT Vulnerability Summary for the Week of May 1, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
New Flaw in WordPress Plugin Used by Over a Million Sites Under Active Exploitation
A security vulnerability has been disclosed in the popular WordPress plugin Essential Addons for Elementor that could be potentially exploited...
Solving Your Teams Secure Collaboration Challenges
In today's interconnected world, where organisations regularly exchange sensitive information with customers, partners and employees, secure collaboration has become increasingly...
XWorm Malware Exploits Follina Vulnerability in New Wave of Attacks
Cybersecurity researchers have discovered an ongoing phishing campaign that makes use of a unique attack chain to deliver the XWorm...
Bl00dy Ransomware Gang Strikes Education Sector with Critical PaperCut Vulnerability
U.S. cybersecurity and intelligence agencies have warned of attacks carried out by a threat actor known as the Bl00dy Ransomware...
New Stealthy Variant of Linux Backdoor BPFDoor Emerges from the Shadows
A previously undocumented and mostly undetected variant of a Linux backdoor called BPFDoor has been spotted in the wild, cybersecurity...
New Phishing-as-a-Service Platform Lets Cybercriminals Generate Convincing Phishing Pages
A new phishing-as-a-service (PhaaS or PaaS) platform named Greatness has been leveraged by cybercriminals to target business users of the...
Netgear Routers’ Flaws Expose Users to Malware, Remote Attacks, and Surveillance
As many as five security flaws have been disclosed in Netgear RAX30 routers that could be chained to bypass authentication...
The Week in Ransomware – May 12th 2023 – New Gangs Emerge
This week we have multiple reports of new ransomware families targeting the enterprise, named Cactus and Akira, both increasingly active...
Discord discloses data breach after support agent got hacked
Discord is notifying users of a data breach that occurred after the account of a third-party support agent was compromised....
Toyota: Car location data of 2 million customers exposed for ten years
Toyota Motor Corporation disclosed a data breach on its cloud environment that exposed the car-location information of 2,150,000 customers for...
FBI: Bl00dy Ransomware targets education orgs in PaperCut attacks
The FBI and CISA issued a joint advisory to warn that the Bl00dy Ransomware gang is now also actively exploiting...
CISA warns of critical Ruckus bug used to infect Wi-Fi access points
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned today of a critical remote code execution (RCE) flaw in the...
US-CERT Vulnerability Summary for the Week of May 1, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Twitter rolls out encrypted DMs, but only for paying accounts
Twitter has launched its 'Encrypted Direct Messages' feature allowing paid Twitter Blue subscribers to send end-to-end encrypted messages to other...
Former Ubiquiti dev who extorted the firm gets six years in prison
Nickolas Sharp, a former senior developer of Ubiquiti, was sentenced to six years in prison for stealing company data, attempting...
Babuk code used by 9 ransomware gangs to encrypt VMWare ESXi servers
An increasing number of ransomware operations are adopting the leaked Babuk ransomware source code to create Linux encryptors targeting VMware...
Multinational tech firm ABB hit by Black Basta ransomware attack
Swiss multinational company ABB, a leading electrification and automation technology provider, has suffered a Black Basta ransomware attack, reportedly impacting...
Stealthier version of Linux BPFDoor malware spotted in the wild
A new, stealthier variant of the Linux malware 'BPFDoor' has been discovered, featuring more robust encryption and reverse shell communications....
WordPress Elementor plugin bug let attackers hijack accounts on 1M sites
One of WordPress's most popular Elementor plugins, "Essential Addons for Elementor," was found to be vulnerable to an unauthenticated privilege...
Brightly warns of SchoolDude data breach exposing credentials
U.S. tech company and Siemens subsidiary Brightly Software is notifying customers that their personal information and credentials were stolen by...
US-CERT Vulnerability Summary for the Week of May 1, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
New APT Group Red Stinger Targets Military and Critical Infrastructure in Eastern Europe
A previously undetected advanced persistent threat (APT) actor dubbed Red Stinger has been linked to attacks targeting Eastern Europe since...
