The Week In Ransomware December 29th 2023 Lockbit Targets Hospitals
It's been a quiet week, with even threat actors appearing to take some time off for the holidays. We did...
cybersecurity
Malware Abuses Google Oauth Endpoint To Revive Cookies Hijack Accounts
Multiple information-stealing malware families are abusing an undocumented Google OAuth endpoint named "MultiLogin" to restore expired authentication cookies and log...
Apache Ofbiz Rce Flaw Exploited To Find Vulnerable Confluence Servers
A critical Apache OFBiz pre-authentication remote code execution vulnerability is being actively exploited using public proof of concept (PoC) exploits. Apache...
Easypark Discloses Data Breach That May Impact Millions Of Users
Parking app developer EasyPark has published a notice on its website warning of a data breach it discovered on December...
Kroll Reveals Ftx Customer Info Exposed In August Data Breach
Risk and financial advisory company Kroll has released additional details regarding the August data breach, which exposed the personal information...
Game Mod On Steam Breached To Push Password Stealing Malware
Downfall, a fan expansion for the popular Slay the Spire indie strategy game, was breached on Christmas Day to push...
Russian Military Hackers Target Ukraine With New Masepie Malware
Ukraine's Computer Emergency Response Team (CERT) is warning of a new phishing campaign that allowed Russia-linked hackers to deploy previously...
Microsoft Disables Msix Protocol Handler Abused In Malware Attacks
Microsoft has again disabled the MSIX ms-appinstaller protocol handler after multiple financially motivated threat groups abused it to infect Windows...
Eagers Automotive Halts Trading In Response To Cyberattack
Eagers Automotive has announced it suffered a cyberattack and was forced to halt trading on the stock exchange as it...
Blockchain Devs Wallet Emptied In Job Interview Using Npm Package
A blockchain developer shares his ordeal over the holidays when he was approached on LinkedIn by a "recruiter" for a web development...
Iphone Triangulation Attack Abused Undocumented Hardware Feature
The Operation Triangulation spyware attacks targeting iPhone devices since 2019 leveraged undocumented features in Apple chips to bypass hardware-based security protections....
Lockbit Ransomware Disrupts Emergency Care At German Hospitals
German hospital network Katholische Hospitalvereinigung Ostwestfalen (KHO) has confirmed that recent service disruptions at three hospitals were caused by a...
New Xamalicious Android Malware Installed 330k Times On Google Play
A previously unknown Android backdoor named 'Xamalicious' has infected approximately 338,300 devices via malicious apps on Google Play, Android's official...
Yakult Australia Confirms Cyber Incident After 95 Gb Data Leak
Yakult Australia, manufacturer of a probiotic milk drink, has confirmed experiencing a "cyber incident" in a statement to BleepingComputer. Both...
Mortgage Firm Loancare Warns 13 Million People Of Data Breach
Mortgage servicing company LoanCare is warning 1,316,938 borrowers across the U.S. that their sensitive information was exposed in a data...
Panasonic Discloses Data Breach After December 2022 Cyberattack
Panasonic Avionics Corporation, a leading supplier of in-flight communications and entertainment systems, disclosed a data breach affecting an undisclosed number...
Ohio Lottery Hit By Cyberattack Claimed By Dragonforce Ransomware
The Ohio Lottery was forced to shut down some key systems after a cyberattack affected an undisclosed number of internal...
Barracuda Fixes New Esg Zero Day Exploited By Chinese Hackers
Network and email security firm Barracuda says it remotely patched all active Email Security Gateway (ESG) appliances on December 21...
Integris Health Patients Get Extortion Emails After Cyberattack
Integris Health patients in Oklahoma are receiving blackmail emails stating that their data was stolen in a cyberattack on the...
Github Warns Users To Enable 2fa Before Upcoming Deadline
GitHub is warning users that they will soon have limited functionality on the site if they do not enable two-factor...
Gta 5 Source Code Reportedly Leaked Online A Year After Rockstar Hack
The source code for Grand Theft Auto 5 was reportedly leaked on Christmas Eve, a little over a year after the...
Google Chrome Now Scans For Compromised Passwords In The Background
Google says the Chrome Safety Check feature will work in the background to check if passwords saved in the web...
Google Chrome Adds Background Scans For Compromised Passwords
Google says the Chrome Safety Check feature will work in the background to check if passwords saved in the web...
Fake Vpn Chrome Extensions Force Installed 15 Million Times
Three malicious Chrome extensions posing as VPN (Virtual Private Networks) infected were downloaded 1.5 million times, acting as browser hijackers,...
