News
-
"Singapore Clocks Higher Ransomware Attacks, Warns of IoT Risks"In Singapore, ransomware and phishing attacks are on the rise, affecting small and medium-sized businesses (SMBs) as well as social media platforms. Cybercriminals are also expected to turn their attention to Internet of Things (IoT) devices and…
-
"Baker & Taylor's Systems Remain Offline a Week After Ransomware Attack"A server outage impacted library services company Baker & Taylor's systems and applications on August 23, 2022. A day later, the firm confirmed it engaged outside third-party experts to fix the issue. Baker & Taylor's systems remained…
-
"Academics Devise Open Source Tool For Hunting Node.js Security Flaws"A group of academic researchers at Johns Hopkins University and Renmin University of China have designed an open-source Node.js bug hunting tool that has already identified 180 security vulnerabilities. Node.js is an open-source, cross-platform…
-
"2.5 Million Impacted by Data Breach at Nelnet Servicing"The data of more than 2.5 million individuals were recently compromised in a data breach at technology services provider Nelnet Servicing. The impacted individuals have taken student loans from Edfinancial and OSLA, which have contracted Nelnet for…
-
"UK Spies Fund New Course for Female Coders"The UK's main intelligence agency for dealing with cyber threats (GCHQ) is hoping to attract more female coders to its ranks by recently starting a new bootcamp course. GCHQ is sponsoring one of the 14-week 'nanodegree' courses run by social…
-
"Chinese Hackers Target Energy Firms in South China Sea"The Chinese APT known as TA423 (aka Red Ladon, APT40, and Leviathan) has been operating a cyberespionage campaign across Australia, Malaysia, and Europe. Security researchers at Proofpoint noted that the campaign has had three distinct phases, the…
-
"Outdated Infrastructure Not up to Today's Ransomware Challenges"According to a global survey commissioned by Cohesity, nearly half of respondents say their organization relies on outdated, legacy backup and recovery infrastructure to manage and protect their data. This technology, in some cases, is more than 20 years…
-
"Google Launches New Open-Source Software Vulnerability Rewards Program (OSS VRP)"The Open-Source Software Vulnerability Rewards Program (OSS VRP) is a new initiative launched by Google. Google's open-source projects are the focus of this new program. Depending on the severity of the vulnerability, the company is offering rewards…
-
"Hackers Use ModernLoader to Infect Systems with Stealers and Cryptominers"Between March and June 2022, three different but related campaigns were discovered delivering ModernLoader, RedLine Stealer, and cryptocurrency miners onto compromised systems. According to Cisco Talos researcher Vanja Svajcer, the actors use PowerShell…
-
"Receipt for €8M iOS Zero-Day Sale Pops Up on Dark Web"Documents appear to show that the Israeli spyware firm Intellexa sold a full suite of services centered on a zero-day vulnerability impacting both the Android and iOS ecosystems. An unknown customer appears to have paid around €8 million last month for a…
-
"FBI: Hackers Increasingly Exploit DeFi Bugs to Steal Cryptocurrency"The FBI has issued a warning to investors that cybercriminals are increasingly exploiting security flaws in Decentralized Finance (DeFi) platforms to steal cryptocurrency. Investors who believe cybercriminals have stolen their DeFi investments should…
-
"Microsoft: Nation-state Iranian hackers exploit Log4Shell against Israel"According to new research, the Iranian hacker group MuddyWater, which is allegedly linked to the country's state intelligence service, is still exploiting the Log4j vulnerability to gain access to corporate networks in Israel during the two countries'…