Strava heatmap feature can be abused to find home addresses
Researchers at the North Carolina State University Raleigh have discovered a privacy risk in the Strava app's heatmap feature that could...
cybersecurity
Fortinet fixes critical RCE flaw in Fortigate SSL-VPN devices, patch now
Update 6/11/23: Fortinet statement added below. Fortinet has released new Fortigate firmware updates that fix an undisclosed, critical pre-authentication remote...
BlackCat ransomware fails to extort Australian commercial law giant
Australian law firm HWL Ebsworth confirmed to local media outlets that its network was hacked after the ALPHV ransomware gang...
University of Manchester says hackers ‘likely’ stole data in cyberattack
Image: City Suites The University of Manchester warns staff and students that they suffered a cyberattack where threat actors likely stole...
New MOVEit Transfer critical flaws found after security audit, patch now
Progress Software warned customers today of newly found critical SQL injection vulnerabilities in its MOVEit Transfer managed file transfer (MFT)...
Russians charged with hacking Mt. Gox crypto exchange, running BTC-e
Russian nationals Alexey Bilyuchenko and Aleksandr Verner have been charged with the 2011 hacking of the leading cryptocurrency exchange Mt....
Ukrainian hackers take down service provider for Russian banks
A group of Ukrainian hackers known as the Cyber.Anarchy.Squad claimed an attack that took down Russian telecom provider Infotel JSC...
The Week in Ransomware – June 9th 2023 – It’s Clop… Again!
The week was dominated by fallout over the MOVEit Transfer data-theft attacks, with the Clop ransomware gang confirming that they...
Royal ransomware gang adds BlackSuit encryptor to their arsenal
Image: Bing Create The Royal ransomware gang has begun testing a new encryptor called BlackSuit that shares many similarities with...
Why cybersecurity needs a conference like mWISE
Let’s talk about cybersecurity’s silo problem. First, industry divides are weighing on practitioners. According to ISSA, 77% of infosec pros...
Asylum Ambuscade hackers mix cybercrime with espionage
A hacking group tracked as 'Asylum Ambuscade' was observed in recent attacks targeting small to medium-sized companies worldwide, combining cyber...
PoC released for Windows Win32k bug exploited in attacks
Researchers have released a proof-of-concept (PoC) exploit for an actively exploited Windows local privilege escalation vulnerability fixed as part of...
Japanese pharma giant Eisai discloses ransomware attack
Pharmaceutical company Eisai has disclosed it suffered a ransomware incident that impacted its operations, admitting that attackers encrypted some of...
Clop ransomware likely testing MOVEit zero-day since 2021
The Clop ransomware gang has been looking for ways to exploit a now-patched zero-day in the MOVEit Transfer managed file...
Google Chrome password manager gets new safeguards for your credentials
Google Chrome is getting new security-enhancing features for the built-in Password Manager, making it easier for users to manage their...
VMware fixes critical vulnerabilities in vRealize network analytics tool
VMware issued multiple security patches today to address critical and high-severity vulnerabilities in VMware Aria Operations for Networks, allowing attackers...
EC-Council’s Certified CISO Hall of Fame Report 2023 shows Cloud Security as Top Concern
A survey of global cybersecurity leaders through the 2023 Certified CISO Hall of Fame Report commissioned by EC-Council identified 4...
CEO guilty of selling counterfeit Cisco devices to military, govt orgs
A Florida man has pleaded guilty to importing and selling counterfeit Cisco networking equipment to various organizations, including education, government...
Android security update fixes Mali GPU bug exploited as zero-day
Google has released the monthly security update for the Android platform, adding fixes for 56 vulnerabilities, five of them with...
New Fractureiser malware used CurseForge Minecraft mods to infect Windows, Linux
Hackers used the popular Minecraft modding platforms Bukkit and CurseForge to distribute a new 'Fractureiser' information-stealing malware through uploaded modifications...
Honda API flaws exposed customer data, dealer panels, internal docs
Honda's e-commerce platform for power equipment, marine, lawn & garden, was vulnerable to unauthorized access by anyone due to API...
Cisco fixes AnyConnect bug giving Windows SYSTEM privileges
Cisco has fixed a high-severity vulnerability found in Cisco Secure Client (formerly AnyConnect Secure Mobility Client) software that can let...
Barracuda says hacked ESG appliances must be replaced immediately
Image: Bing Image Creator Email and network security company Barracuda warns customers they must replace Email Security Gateway (ESG) appliances...
Lazarus hackers linked to the $35 million Atomic Wallet heist
The notorious North Korean hacking group known as Lazarus has been linked to the recent Atomic Wallet hack, resulting in...
