Police Recover Over $40m Headed to BEC Scammers
A Singaporean commodity firm has had a narrow escape after police managed to intervene to recover nearly all of the $42.3m...
News
French Museums Hit By Ransomware Attack
IT systems used by about 40 French museums, including the Grand Palais, have been targeted by a ransomware attack.The French...
#BHUSA: Ransom Payments Surge, Organizations Pay Average of $2.5m
Most organizations pay ransoms when they find themselves victim of a ransomware attack, a new survey by Extrahop has highlighted....
#BHUSA: 17.8m Phishing Emails Detected in First Half of 2024
Darktrace researchers have reported that 17.8 million phishing emails were detected between December 2023 and July 2024.The new report, published...
CVEs Surge 30% in 2024, Only 0.91% Weaponized
In the first half of 2024, the number of reported Common Vulnerabilities and Exposures (CVEs) has increased by 30% compared...
Mobile Guardian Hack Leads to 13,000 Student Devices Wiped in Singapore
Singapore’s Ministry of Education has found that 13,000 students in the country had their data remotely wiped following a cyber-attack...
INTERPOL Recovers $41 Million in Largest Ever BEC Scam in Singapore
INTERPOL said it devised a "global stop-payment mechanism" that helped facilitate the largest-ever recovery of funds defrauded in a business...
Suspicious Minds: Insider Threats in The SaaS World
Everyone loves the double-agent plot twist in a spy movie, but it's a different story when it comes to securing...
North Korean Hackers Moonstone Sleet Push Malicious JS Packages to npm Registry
The North Korea-linked threat actor known as Moonstone Sleet has continued to push malicious npm packages to the JavaScript package...
New Android Spyware LianSpy Evades Detection Using Yandex Cloud
Users in Russia have been the target of a previously undocumented Android post-compromise spyware called LianSpy since at least 2021....
Google Patches New Android Kernel Vulnerability Exploited in the Wild
Google has addressed a high-severity security flaw impacting the Android kernel that it has been actively exploited in the wild....
New Zero-Day Flaw in Apache OFBiz ERP Allows Remote Code Execution
A new zero-day pre-authentication remote code execution vulnerability has been disclosed in the Apache OFBiz open-source enterprise resource planning (ERP)...
F5 BIG-IP Security Restriction Bypass Vulnerability
A vulnerability was identified in F5 BIG-IP, a remote attacker could exploit this vulnerability to trigger security restriction bypass on the targeted system. Note:No patch...
Microsoft Monthly Security Update (May 2018)
Updated Risk Level, Description, Source and Related Links.CVE-2018-0824 vulnerability is exploited in the wild. Microsoft COM for Windows contains a...
APT Group StormBamboo Attacks ISP Customers Via DNS Poisoning
Security researchers have uncovered a sophisticated supply chain attack campaign stemming from the compromise of an unnamed ISP.Volexity said the...
US Sues TikTok For Children’s Law Violations
TikTok and parent company ByteDance are in the dock again after the Justice Department and FTC filed a civil lawsuit...
White House and EC-Council Launch $15m Cybersecurity Scholarship Program
The White House and EC-Council have announced a $15m pledge to train over 50,000 students in critical cybersecurity skills.The scholarship...
86% of Firms Identify Unknown Cyber-Risks as Top Concern
Eighty-six percent of respondents have identified unknown organizational cyber-risks as a top concern, according to the Critical Start 2024 Cyber Risk...
Critical Vulnerability in Apache OFBiz Requires Immediate Patching
Organizations utilizing Apache OFBiz have been warned to promptly address a critical vulnerability due to escalating exploitation attempts targeting a...
TikTok Withdraws Lite Rewards Program from EU Over Child Safety Fears
TikTok has agreed to permanently withdraw its ‘Lite Rewards’ program from the EU in response to EU Commission concerns about...
#BHUSA: Nation-State Attacks Target Hardware Supply Chains
A new report from HP Wolf Security has highlighted the growing danger from threat actors targeting physical device supply chains...
US-CERT Vulnerability Summary for the Week of July 29, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
The Loper Bright Decision: How it Impacts Cybersecurity Law
The Loper Bright decision has yielded impactful results: the Supreme Court has overturned forty years of administrative law, leading to...
Kazakh Organizations Targeted by ‘Bloody Wolf’ Cyber Attacks
Organizations in Kazakhstan are the target of a threat activity cluster dubbed Bloody Wolf that delivers a commodity malware called...
