News
-
"Customer and Employee Data the Top Prize for Hackers – Imperva"Security researchers at Imperva discovered that the theft of customer and employee data accounts for almost half (45%) of all stolen data between July 2021 and June 2022. Companies’ source code and proprietary information accounted for 6.7% and 6.5…
-
"Vidar Info-Stealing Malware Promoted by More Than 1,300 Fabricated AnyDesk Websites"The AnyDesk website is being spoofed in a malicious campaign involving over 1,300 domains, all of which link to a Dropbox folder containing the information-stealing malware called Vidar. AnyDesk, a popular remote desktop application for Windows, Linux,…
-
"More Than 120 Models of Siemens' S7-1500 PLCs Contain a Serious Vulnerability—and No Fix Is on the Way"The computer worm Stuxnet crippled hundreds of centrifuges within Iran's Natanz uranium enrichment plant in 2009 by targeting the software running on the facility's industrial computers, known as Programmable Logic Controllers (PLCs). All of the…
-
"'Dark Pink' Hacking Group Targets Government and Military in Southeast Asia"Group-IB has released a report on a new Advanced Persistent Threat (APT) campaign targeting Southeast Asian and Eastern European countries for espionage. The APT dubbed "Dark Pink" is considered to be a new threat actor. Dark Pink has targeted military…
-
"Government Watchdog Cracks Thousands of Passwords at US Federal Agency in Minutes"The Inspector General of the Department of the Interior (DOI) conducted a security audit of the agency's password management policies and has now released a report stating that they were able to crack more than 18,000 of the department's Active Directory…
-
"Lorenz Ransomware Gang Plants Backdoors to Use Months Later"Security experts warn that patching critical flaws that enable network access is insufficient protection against ransomware attacks. Some ransomware gangs are using critical vulnerabilities to plant a backdoor while the window of opportunity is still…
-
"StrongPity Hackers Distribute Trojanized Telegram App to Target Android Users"StrongPity, also known as APT-C-41 and Promethium, is an Advanced Persistent Threat (APT) group that has been targeting Android users with a Trojanized version of the Telegram software via a fake website impersonating the Shagle video chat service. The…
-
"How Can We Make the Electric Grid More Resilient to Cyberattacks?"Junho Hong, Assistant Professor of Electrical and Computer Engineering at the University of Michigan-Dearborn, and his colleague Professor Wencong Su are leading a new project funded with a grant from the US Department of Energy (DOE). They are teaming…
-
"Widespread 2FA Bypass Attack Compromised Comcast Xfinity Accounts; Targets Coinbase, Gemini, Evernote, and Dropbox"Comcast Xfinity customers have reported that their accounts have been compromised by a campaign employing a two-factor authentication (2FA) bypass technique. Despite enabling 2FA, Xfinity email customers began receiving messages that their account…
-
"Messenger Billed as Better Than Signal Is Riddled With Vulnerabilities"Academic researchers have identified critical flaws in Threema, an instant messenger claimed to provide a level of security and privacy unmatched by any other chat service. However, according to the researchers, the flaws fundamentally invalidate the…
-
"Oregon Insurer Data Breach May Have Exposed Personal Info"Oregon workers compensation insurer SAIF Corp. suffered a data breach last fall that may have exposed some policyholders’ Social Security numbers and medical information. The company noted that much of the information was at least two decades old,…
-
"Hospitals Are at Risk: Smartphone Attacks Could Release Deadly Microbes"Negative pressure rooms, which are used in hospitals and laboratories to prevent the spread of deadly pathogens, can be breached using a smartphone, according to a team of researchers from the University of California, Irvine (UCI). These rooms are…