Critical Vulnerability Found in Microsoft’s AI Healthcare Chatbot
Severe vulnerabilities have been discovered in Microsoft’s AI healthcare chatbot service, allowing access to user and customer information, according to...
News
Cyber-Attack Spreads Phishing Scam Across Greater Manchester Areas
A cyber-attack has hit several boroughs across Greater Manchester, a metropolitan county in Northwest England, leaving thousands of residents vulnerable...
NCSC Calls on UK Firms to Join Mass Cyber-Deception Initiative
The UK’s leading cybersecurity agency has called on the country’s organizations to deploy cyber-deception technologies at scale, in a bid...
Research Uncovers New Microsoft Outlook Vulnerability
Security researchers have revealed a significant vulnerability in Microsoft Outlook. According to Morphisec Threat Labs, which discovered the flaw, CVE-2024-38173...
SolarWinds Urges Upgrade After Revealing Critical RCE Bug
IT management software provider SolarWinds has urged customers to immediately patch a critical vulnerability in its Web Help Desk platform.CVE-2024-28986...
New Phishing Attack Uses Sophisticated Infostealer Malware
A new sophisticated phishing attack featuring a stealthy infostealer malware that exfiltrates a wide range of sensitive data has been uncovered...
Google Warns of Iranian Cyber-Attacks on Presidential Campaigns
An Iranian state-backed threat actor is targeting individuals associated with the Harris and Trump Presidential campaigns, according to Google’s Threat...
Manufacturing Firm Loses $60m in BEC Scam
Chemical manufacturing company Orion has revealed it has lost $60m in a business email compromise (BEC) scam.In a filing to the...
Advanced ValleyRAT Campaign Hits Windows Users in China
A new sophisticated ValleyRAT campaign has been targeting Chinese systems. Uncovered by FortiGuard Labs, the campaign affects Windows users, allowing...
Another Record Year For Ransomware Beckons as Crypto Profits Hit $460m
Ransomware actors are set for their highest-grossing year on record in 2024 after crypto inflows in the first half of...
Russia’s FSB Behind Massive Phishing Espionage Campaign
Two Russian-aligned cyber espionage squads have been conducting a sophisticated spear phishing campaign against Western and Russian civil society entities...
Cyber-criminals Exploited Paris Olympics With Fake Domains
Read more about cybersecurity at the Paris Olympics: Paris 2024 Olympics Face Escalating Cyber-Threats Paris 2024 CISO Reveals Cybersecurity Plans...
SolarWinds Releases Patch for Critical Flaw in Web Help Desk Software
SolarWinds has released patches to address a critical security vulnerability in its Web Help Desk software that could be exploited...
Russian-Linked Hackers Target Eastern European NGOs and Media
Russian and Belarusian non-profit organizations, Russian independent media, and international non-governmental organizations active in Eastern Europe have become the target...
RansomHub Group Deploys New EDR-Killing Tool in Latest Cyber Attacks
A cybercrime group with links to the RansomHub ransomware has been observed using a new tool designed to terminate endpoint...
New Cyber Threat Targets Azerbaijan and Israel Diplomats, Stealing Sensitive Data
A previously unknown threat actor has been attributed to a spate of attacks targeting Azerbaijan and Israel with an aim...
Identity Threat Detection and Response Solution Guide
The Emergence of Identity Threat Detection and Response Identity Threat Detection and Response (ITDR) has emerged as a critical component...
GitHub Vulnerability ‘ArtiPACKED’ Exposes Repositories to Potential Takeover
A newly discovered attack vector in GitHub Actions artifacts dubbed ArtiPACKED could be exploited to take over repositories and gain...
New Gafgyt Botnet Variant Targets Weak SSH Passwords for GPU Crypto Mining
Cybersecurity researchers have discovered a new variant of the Gafgyt botnet that's targeting machines with weak SSH passwords to ultimately...
Post-quantum cryptography: what comes next?
Post-quantum cryptography: what comes next? This month, a major milestone in post-quantum cryptography (PQC) has been reached: 3 algorithm standards...
Black Basta-Linked Attackers Target Users with SystemBC Malware
An ongoing social engineering campaign with alleged links to the Black Basta ransomware group has been linked to "multiple intrusion...
How to Augment Your Password Security with EASM
Simply relying on traditional password security measures is no longer sufficient. When it comes to protecting your organization from credential-based...
Belarusian-Ukrainian Hacker Extradited to U.S. for Ransomware and Cybercrime Charges
A coalition of law enforcement agencies coordinated by the U.K. National Crime Agency (NCA) has led to the arrest and...
Microsoft Issues Patches for 90 Flaws, Including 10 Critical Zero-Days
Microsoft on Tuesday shipped fixes to address a total of 90 security flaws, including 10 zero-days, of which six have...