Petsmart Warns Of Credential Stuffing Attacks Trying To Hack Accounts
Pet retail giant PetSmart is warning some customers their passwords were reset due to an ongoing credential stuffing attack attempting...
News
Qnap Warns Of Critical Auth Bypass Flaw In Its Nas Devices
QNAP warns of vulnerabilities in its NAS software products, including QTS, QuTS hero, QuTScloud, and myQNAPcloud, that could allow attackers...
Cisa Nsa Share Best Practices For Securing Cloud Services
The NSA and the Cybersecurity and Infrastructure Security Agency (CISA) have released five joint cybersecurity bulletins containing on best practices...
Magnet Goblin Hackers Use 1 Day Flaws To Drop Custom Linux Malware
Image: Midjourney A financially motivated hacking group named Magnet Goblin uses various 1-day vulnerabilities to breach public-facing servers and deploy...
Fbi Us Lost Record 125 Billion To Online Crime In 2023
FBI's Internet Crime Complaint Center (IC3) has released its 2023 Internet Crime Report, which recorded a 22% increase in reported...
Hackers Target Docker Hadoop Redis Confluence With New Golang Malware
Hackers are targeting misconfigured servers running Apache Hadoop YARN, Docker, Confluence, or Redis with new Golang-based malware that automates the...
Hackers Exploit WordPress Plugin Flaw To Infect 3 300 Sites With Malware
Hackers are breaching WordPress sites by exploiting a vulnerability in outdated versions of the Popup Builder plugin, infecting over 3,300...
Anycubic Fixes Exploited 3d Printer Zero Day Flaw With New Firmware
AnyCubic has released new Kobra 2 firmware to fix a zero-day vulnerability exploited last month to print security warnings on...
Critical Teamcity Flaw Now Widely Exploited To Create Admin Accounts
Hackers have started to exploit the critical-severity authentication bypass vulnerability (CVE-2024-27198) in TeamCity On-Premises, which JetBrains addressed in an update...
FBI: US Ransomware Losses Surge 74% to $59.6 Million in 2023
Ransomware losses in the US surged to $59.6m in 2023, a 74% rise on the previous year’s reported figure of...
Ransomware Attackers Leak Sensitive Swiss Government Documents, Login Credentials
Sensitive Swiss federal government data, including classified documents and log in credentials, were leaked by the Play ransomware group following...
Former Google Engineer Charged With Stealing AI Secrets
A Chinese national who used to work at Google has been charged with stealing intellectual property from the tech giant...
Governments Eye Disclosure Requirements for AI Development Labs
AI laboratories will be compelled to disclose their development of general-purpose AI as governments look to have more oversight over...
RATs Spread Via Fake Skype, Zoom, Google Meet Sites
Cybersecurity researchers have uncovered a new cyber-threat involving fraudulent Skype, Google Meet and Zoom websites aimed at spreading malware. The campaign,...
Evasive Panda Targets Tibet With Trojanized Software
A sophisticated cyber-espionage campaign by the China-aligned APT group Evasive Panda (also known as BRONZE HIGHLAND and Daggerfly) has been...
Dropbox Used to Steal Credentials and Bypass MFA in Novel Phishing Campaign
A novel phishing campaign leveraged legitimate Dropbox infrastructure and successfully bypassed multifactor authentication (MFA) protocols, new research from Darktrace has...
UnitedHealth Sets Timeline to Restore Change Healthcare Systems After BlackCat Hit
UnitedHealth Group has published a timeline to restore Change Healthcare’s systems following the BlackCat/ALPHV ransomware attack, which has led to...
Russia’s Midnight Blizzard Accesses Microsoft Source Code
A notorious Russian state-backed APT group has accessed Microsoft source code and internal systems in an ongoing campaign that was...
Telemedicine Business Owner Faces 20 Years For $136m Fraud
A nurse practitioner has pleaded guilty to her role in a massive $136m conspiracy to defraud the US government’s Medicare...
Third-Party Breach and Missing MFA Contributed to British Library Cyber-Attack
The British Library ransomware attack was likely caused by the compromise of third-party credentials coupled with no multifactor authentication (MFA)...
NSA Launches Top 10 Cloud Security Mitigation Strategies
As businesses migrate their services to hybrid and multi-cloud environments, cloud misconfigurations and security flaws are becoming critical points of...
New ‘Connected Places’ infographic published
New 'Connected Places' infographic published It’s been almost 3 years since we released our ‘Connected Places Cyber Security Principles’. Today...
US-CERT Vulnerability Summary for the Week of February 26, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Stealthy Gtpdoor Linux Malware Targets Mobile Operator Networks
Security researcher HaxRob discovered a previously unknown Linux backdoor named GTPDOOR, designed for covert operations within mobile carrier networks. The...
