Microsoft: SysAid zero-day flaw exploited in Clop ransomware attacks
Threat actors are exploiting a zero-day vulnerability in the service management software SysAid to gain access to corporate servers for data theft and...
cybersecurity
Russian hackers switch to LOTL technique to cause power outage
Russian state hackers have evolved their methods for breaching industrial control systems by adopting living-off-the-land techniques that enable reaching the...
BlueNoroff hackers backdoor Macs with new ObjCShellz malware
The North Korean-backed BlueNorOff threat group targets Apple customers with new macOS malware tracked as ObjCShellz that can open remote...
Fake Ledger Live app in Microsoft Store steals $768,000 in crypto
Microsoft has recently removed from its store a fraudulent Ledger Live app for cryptocurrency management after multiple users lost at...
TransForm says ransomware data breach affects 267,000 patients
Shared service provider TransForm has published an update on the cyberattack that recently impacted operations in multiple hospitals in Ontario,...
Marina Bay Sands discloses data breach impacting 665,000 customers
The Marina Bay Sands (MBS) luxury resort and casino in Singapore has disclosed a data breach that impacts personal data...
Microsoft Authenticator now blocks suspicious MFA alerts by default
Microsoft has introduced a new protective feature in the Authenticator app to block notifications that appear suspicious based on specific checks...
Sumo Logic discloses security breach, advises API key resets
Security and data analytics company Sumo Logic disclosed a security breach after discovering that its AWS (Amazon Web Services) account...
WhatsApp now lets users hide their location during calls
WhatsApp is rolling out a new privacy feature that helps Android and iOS users hide their location during calls by...
Russian-speaking threat actor “farnetwork” linked to 5 ransomware gangs
The operator of the Nokoyawa ransomware-as-a-service (RaaS), a threat actor known as 'farnetwork', built experience over the years by helping the JSWORM, Nefilim, Karma,...
Russian state-owned Sberbank hit by 1 million RPS DDoS attack
Russian financial organization Sberbank states in a press release that two weeks ago it faced the most powerful distributed denial of...
FBI: Ransomware gangs hack casinos via 3rd party gaming vendors
The Federal Bureau of Investigation is warning that ransomware threat actors are targeting casino servers and use legitimate system management...
Cybercrime service bypasses Android security to install malware
A new dropper-as-a-service (DaaS) cybercrime operation named 'SecuriDropper' has emerged, using a method that bypasses the 'Restricted Settings' feature in Android...
QNAP warns of critical command injection flaws in QTS OS, apps
QNAP Systems published security advisories for two critical command injection vulnerabilities that impact multiple versions of the QTS operating system...
Veeam warns of critical bugs in Veeam ONE monitoring platform
Veeam released hotfixes today to address four vulnerabilities in the company's Veeam ONE IT infrastructure monitoring and analytics platform, two...
US sanctions Russian who laundered money for Ryuk ransomware affiliate
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned Russian national Ekaterina Zhdanova for laundering millions...
Critical Atlassian Confluence bug exploited in Cerber ransomware attacks
Attackers are exploiting a recently patched and critical severity Atlassian Confluence authentication bypass flaw to encrypt victims' files using Cerber...
TellYouThePass ransomware joins Apache ActiveMQ RCE attacks
Internet-exposed Apache ActiveMQ servers are also targeted in TellYouThePass ransomware attacks targeting a critical remote code execution (RCE) vulnerability previously...
Hackers exploit Looney Tunables Linux bug, steal cloud creds
The operators of the Kinsing malware are targeting cloud environments with systems vulnerable to "Looney Tunables," a Linux security issue identified...
Socks5Systemz proxy service infects 10,000 systems worldwide
A proxy botnet called 'Socks5Systemz' has been infecting computers worldwide via the 'PrivateLoader' and 'Amadey' malware loaders, currently counting 10,000...
Discord will switch to temporary file links to block malware delivery
Discord will switch to temporary file links for all users by the end of the year to block attackers from...
Dutch hacker jailed for extortion, selling stolen data on RaidForums
A former Dutch cybersecurity professional was sentenced to four years in prison after being found guilty of hacking and blackmailing...
Okta breach: 134 customers exposed in October support system hack
Okta says attackers who breached its customer support system last month gained access to files belonging to 134 customers, five...
The Week in Ransomware – November 3rd 2023 – Hive’s Back
Over the past couple of months, ransomware attacks have been escalating as new operations launch, old ones return, and existing...
