Mom’s Meals discloses data breach impacting 1.2 million people
PurFoods, which conducts business in the U.S. as 'Mom's Meals,' is warning of a data breach after the personal information...
cybersecurity
Four common password mistakes hackers love to exploit
Our brains are incredibly good at pattern completion – it’s why we see animals in the clouds and remember entire...
Microsoft will enable Exchange Extended Protection by default this fall
Microsoft announced today that Windows Extended Protection will be enabled by default on servers running Exchange Server 2019 starting this...
Spain warns of LockBit Locker ransomware phishing attacks
The National Police of Spain is warning of an ongoing 'LockBit Locker' ransomware campaign targeting architecture companies in the country...
Exploit released for Juniper firewall bugs allowing RCE attacks
Proof-of-concept exploit code has been publicly released for vulnerabilities in Juniper SRX firewalls that, when chained, can allow unauthenticated attackers...
Attacks on Citrix NetScaler systems linked to ransomware actor
A threat actor believed to be tied to the FIN8 hacking group exploits the CVE-2023-3519 remote code execution flaw to...
MalDoc in PDFs: Hiding malicious Word docs in PDF files
Japan's computer emergency response team (JPCERT) is sharing a new 'MalDoc in PDF' attack detected in July 2023 that bypasses...
ICO calls on social media firms to protect user’s data from scraping
UK's Information Commissioner's Office (ICO), together with eleven data protection and privacy authorities from around the world, have published a...
Rhysida claims ransomware attack on Prospect Medical, threatens to sell data
The Rhysida ransomware gang has claimed responsibility for the massive cyberattack on Prospect Medical Holdings, claiming to have stolen 500,000...
Data breach at French govt agency exposes info of 10 million people
Pôle emploi, France's governmental unemployment registration and financial aid agency, is informing of a data breach that exposed data belonging...
Microsoft: Stealthy Flax Typhoon hackers use LOLBins to evade detection
Microsoft has identified a new hacking group it now tracks as Flax Typhoon that argets government agencies and education, critical manufacturing,...
ICO calls social media firms to protect people’s data from scraping
UK's Information Commissioner's Office (ICO), together with eleven data protection and privacy authorities from around the world, have published a...
Leaseweb is restoring ‘critical’ systems after security breach
Leaseweb, one of the world's largest cloud and hosting providers, notified people that it's working on restoring "critical" systems disabled...
Kroll data breach exposes info of FTX, BlockFi, Genesis creditors
Multiple reports on social media warn of a data breach at financial and risk advisory company Kroll that resulted in...
Privacy Regulator Warns of Surge in “Text Pest” Cases
The UK’s data protection watchdog is urging victims of so-called “text pests” to come forward after revealing that nearly a...
Last call for mWISE, the security conference for frontline practitioners.
We’re down to the final weeks of registration for mWISE, the highly targeted, community-focused cybersecurity conference from Mandiant, now part...
Hackers use public ManageEngine exploit to breach internet org
The North Korean state-backed hacker group tracked as Lazarus has been exploiting a critical vulnerability (CVE-2022-47966) in Zoho's ManageEngine ServiceDesk...
Exploit released for Ivanti Sentry bug abused as zero-day in attacks
Proof-of-concept exploit code is now available for a critical Ivanti Sentry authentication bypass vulnerability that enables attackers to execute code...
Jupiter X Core WordPress plugin could let hackers hijack sites
Two vulnerabilities affecting some version of Jupiter X Core, a premium plugin for setting up WordPress and WooCommerce websites, allow...
FBI warns of patched Barracuda ESG appliances still being hacked
The Federal Bureau of Investigation warned that patches for a critical Barracuda Email Security Gateway (ESG) remote command injection flaw...
Ransomware hackers dwell time drops to 5 days, RDP still widely used
Ransomware threat actors are spending less time on compromised networks before security solutions sound the alarm. In the first half of...
New Whiffy Recon malware uses WiFi to triangulate your location
Cybercriminals behind the Smoke Loader botnet are using a new piece of malware called Whiffy Recon to triangulate the location...
Sensitive Data of 10 Million at Risk After French Employment Agency Breach
The French national employment agency, Pôle emploi, has been hit by a cyber-attack potentially exposing critical information of up to...
WinRAR zero-day exploited since April to hack trading accounts
A WinRar zero-day vulnerability tracked as CVE-2023-38831 was actively exploited to install malware when clicking on harmless files in an...
