News
-
"BlackCat Ransomware's Data Exfiltration Tool Gets an Upgrade"The BlackCat ransomware, also known as ALPHV, is still evolving, and the latest example is a new version of the gang's data exfiltration tool used in double-extortion attacks. BlackCat is a Ransomware-as-a-Service (RaaS) operation considered a successor…
-
"15-Year-Old Unpatched Python Vulnerability Potentially Affects Over 350,000 Projects"About 350,000 open source projects may be vulnerable to exploitation as a result of a 15-year-old unpatched security flaw in a Python module. The open source repositories cover a wide range of industry verticals, including software development,…
-
"DOE Invests $12M in Cybersecurity Research for Energy Grid"According to Jon Wellinghoff, former chairman of the Federal Energy Regulatory Commission (FERC), attackers could bring down the US power grid by targeting just a few substations. The Department of Energy (DOE) announced $12 million in funding for…
-
"Deepfake Audio Has a Tell – Researchers Use Fluid Dynamics to Spot Artificial Imposter Voices"An audio deepfake detection technique developed by researchers at the University of Florida measures the acoustic and fluid dynamic differences between voice samples generated organically by human speakers and those generated synthetically by computers.…
-
"Wide-Ranging Philippines Phishing Scams Are Sending Out Millions of Messages, SIM Card Registration Bill Proposed as a Solution"Residents of the Philippines have been bombarded with phishing scams pushing millions of malicious messages aimed at stealing their login credentials. Therefore, the Philippines government is considering reintroducing a previously vetoed bill that would…
-
"25% Of S&P 500 Have SSO Credentials Exposed on Dark Web"Cybersecurity professionals regard Single Sign-On (SSO) credentials as the keys to the kingdom. Employees gain access to numerous applications by logging in once with these credentials, which are the last thing an organization wants stolen or sold on the…
-
"Firms Act to Beef up Software Supply Chain Security"In order to protect the software supply chain, new data shows a significant increase in activities to secure open source components and integrate security into developer toolchains. The 13th edition of Synopsys' Building Security In Maturity Model (BSIMM…
-
"New York Emergency Services Provider Says Patient Data Stolen in Ransomware Attack"It has recently been discovered that the personal information of roughly 320,000 individuals was compromised following a ransomware attack at New York-based ambulance services provider Empress EMS (Emergency Medical Services). The organization…
-
"Hackers Admit Destroying InterContinental Hotels Group's Data For Fun"The threat actors named "TeaPea," who were behind the InterContinental Hotels Group (IHG) cyberattack reported earlier this month, admitted doing it "for fun." The threat actors talked to BBC over the weekend and stated that they are a couple from…
-
"Critical Vulnerability in Oracle Cloud Infrastructure Allowed Unauthorized Access"A new vulnerability in Oracle Cloud Infrastructure (OCI) could allow unauthorized access to cloud storage volumes of all users, hence violating cloud isolation. Security researchers at Wiz discovered the flaw in June and dubbed it AttachMe. …
-
"ChromeLoader Malware Evolves into Prevalent, More Dangerous Cyber Threat"Security researchers have issued a warning about the malware tool known as ChromeLoader. It first appeared in January as a consumer-focused, browser-hijacking credential stealer, but has since evolved into a widespread and multifaceted threat to…
-
"US to Award $1B to State, Local, and Territorial Governments to Improve Cyber Resilience"The US government will provide $1 billion in grants to assist State, Local, and Territorial (SLT) governments in addressing cybersecurity risks, strengthening the cybersecurity of critical infrastructure, and ensuring cyber resilience in the face of…