News
-
"Logistics Company D.W. Morgan Exposed 100 GB of Data From Clients, Including Fortune 500 Companies"An Amazon S3 bucket belonging to the logistics company D.W. Morgan was discovered to be open, exposing more than 100 GB of sensitive data about shipments and clients, including Fortune 500 companies such as Cisco and Ericsson. The Website Planet security… -
"QNAP NAS Devices Hit in Surge of eCh0raix Ransomware Attacks"QNAP network-attached storage (NAS) device users have been reporting eCh0raix (also known as QNAPCrypt) ransomware attacks on their systems. The threat actor behind the eCh0raix ransomware attacks appears to have amplified their activity a week before… -
"FDA, CISA Warn of Fresenius Kabi Infusion Pump Flaws"The Food and Drug Administration (FDA) recently released an alert about the Cybersecurity and Infrastructure Security Agency's (CISA) warning of a dozen vulnerabilities identified in specific components of Germany-based medical device manufacturer…
-
"Bots Are Stealing Christmas!"Security researchers at Kasada released new data on the latest fraud and malicious automation trends. The researchers observed a 4x increase in automated online gift card lookup attempts during the holiday season. The researchers also… -
"Shutterfly Says Ransomware Attack Impacted Manufacturing"Shutterfly, an online platform for photography and personalized products, has confirmed that a ransomware attack has affected some of its services. Shutterfly operates multiple services and brands, such as BorrowLenses, GrooveBook, Lifetouch,… -
"New Flaws Expose EVlink Electric Vehicle Charging Stations to Remote Hacking"Schneider Electric has released patches for flaws found in its EVlink electric vehicle charging stations. The security vulnerabilities affect EVlink City (EVC1S22P4 and EVC1S7P4), Parking (EVW2, EVF2, and EVP2PE), Smart Wallbox (EVB1A) devices, and some…
-
"Reducing Software Supply Chain Vulnerability: Lessons Learned from Log4j"Federal IT teams are trying to patch the Log4j vulnerabilities and follow guidance issued by the US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA), which requires federal agencies to mitigate the…
-
"Organizations Targeted With Babuk-Based Rook Ransomware"Security researchers have found a new ransomware variant dubbed Rook. Rook shows numerous similarities with Babuk, and security researchers have discovered that it was built using Babuk code that was leaked online earlier this year. Rook was…
-
"Flaws in WordPress Plugin Put 3 Million Websites at Risk"Severe vulnerabilities have been discovered in the All In One SEO WordPress plugin, affecting over 3 million websites. The vulnerabilities could allow an attacker to take advantage of a SQL injection issue and a privilege-escalation bug. The two…
-
"CISA Releases Free Scanner to Spot Log4j Exposure"The Cybersecurity and Infrastructure Security Agency (CISA) has published a new scanning tool to help organizations find unpatched Log4j instances in their IT environment. CISA posted the Log4j Scanner to GitHub. CISA noted that this… -
"Community of Ethical Hackers Needed to Prevent AI's Looming 'Crisis of Trust'"An international team of risk and machine-learning experts, led by researchers at the University of Cambridge's Centre for the Study of Existential Risk (CSER), recommends that the Artificial Intelligence (AI) industry creates a global community composed… -
"IT Security: Computer Attacks with Laser Light"IT security experts of the Karlsruhe Institute of Technology (KIT) have demonstrated that air-gapped computer systems are still susceptible to being attacked. In a project titled LaserShark, the researchers have shown that it is possible to transmit data…