Claimants in Celsius crypto bankruptcy targeted in phishing attack
Scammers are impersonating the bankruptcy claim agent for crypto lender Celsius in phishing attacks that attempt to steal funds from...
cybersecurity
GitLab urges users to install security updates for critical pipeline flaw
GitLab has released security updates to address a critical severity vulnerability that allows attackers to run pipelines as other users...
Hackers breached International Criminal Court’s systems last week
The International Criminal Court (ICC) disclosed a cyberattack on Tuesday after discovering last week that its systems had been breached....
Trend Micro fixes endpoint protection zero-day used in attacks
Trend Micro fixed a remote code execution zero-day vulnerability in the Trend Micro's Apex One endpoint protection solution that was actively exploited...
Chinese Group Exploiting Linux Backdoor to Target Governments
A Chinese-linked threat actor known as ‘Earth Lusca’ has been conducting cyber espionage campaigns against governments around the world via...
The Week in Ransomware – September 15th 2023 – Russian Roulette
This week’s big news is the extortion attacks on the Caesars and MGM Las Vegas casino chains, with one having...
ORBCOMM ransomware attack causes trucking fleet management outage
9/15/23 update added below. Trucking and fleet management solutions provider ORBCOMM has confirmed that a ransomware attack is behind recent service...
Retool blames breach on Google Authenticator MFA cloud sync feature
Software company Retool says the accounts of 27 cloud customers were compromised following a targeted and multi-stage social engineering attack....
Google extends security update support for Chromebooks to 10 years
Google has announced the Auto Update Expiration (AUE) date will be extended from 5 years to 10 for all Chromebooks, guaranteeing...
Caesars Entertainment Reveals Major Ransomware Breach
Yet another Nevadan casino and hotel chain giant has been compromised by ransomware threat actors, after Caesars Entertainment reported a...
Cloud to Blame for Almost all Security Vulnerabilities
Four out of five (80.3%) security vulnerabilities observed in organizations across all sectors come from a cloud environment, Palo Alto...
Fake Cisco Webex Google Ads abuse tracking templates to push malware
Threat actors use Google Ads tracking templates as a loophole to create convincing Webex software search ads that redirect users...
Criminal IP Elevates Payment Security with PCI DSS Level 1 Certification
With payment card information being an enticing target for cyber attackers, the safeguarding of payment card transactions is of utmost...
Manchester Police officers’ data exposed in ransomware attack
United Kingdom's Greater Manchester Police (GMP) said earlier today that some of its employees' personal information was impacted by a...
Iranian hackers breach defense orgs in password spray attacks
Image: Midjourney Microsoft says an Iranian-backed threat group has targeted thousands of organizations in the U.S. and worldwide in password...
Windows 11 ‘ThemeBleed’ RCE bug gets proof-of-concept exploit
Proof-of-concept exploit code has been published for a Windows Themes vulnerability tracked as CVE-2023-38146 that allows remote attackers to execute code....
MGM casino’s ESXi servers allegedly encrypted in ransomware attack
An affiliate of the BlackCat ransomware group, also known as APLHV, is behind the attack that disrupted MGM Resorts’ operations, forcing...
Caesars Entertainment confirms ransom payment, customer data theft
Caesars Entertainment, self-described as the largest U.S. casino chain with the most extensive loyalty program in the industry, says it...
Auckland transport authority hit by suspected ransomware attack
The Auckland Transport (AT) transportation authority in New Zealand is dealing with a widespread outage caused by a cyber incident,...
Hackers use new 3AM ransomware to save failed LockBit attack
A new ransomware strain called 3AM has been uncovered after a threat actor used it in an attack that failed...
How end-user phishing training works (and why it doesn’t)
It always takes two for a phishing attack to work – an attacker to send the bait and an insider...
Rollbar discloses data breach after hackers stole access tokens
Software bug-tracking company Rollbar disclosed a data breach after unknown attackers hacked its systems in early August and gained access...
France demands Apple pull iPhone 12 due to high RF radiation levels
The Agence Nationale des Fréquences (ANFR) has asked Apple to withdraw iPhone 12 smartphones from the French market because the...
New Windows 11 feature blocks NTLM-based attacks over SMB
Microsoft added a new security feature to Windows 11 that lets admins block NTLM over SMB to prevent pass-the-hash, NTLM...
