"Data Breach Exposes 300k Taxi Passengers’ Information"

"Data Breach Exposes 300k Taxi Passengers’ Information"

 Cybersecurity researchers at vpnMentor have uncovered a significant data exposure concerning nearly 300,000 taxi passengers in the UK and Ireland.  The researchers found a non-password-protected database containing personal details.  These records, belonging to Dublin-based iCabbi, a dispatch and fleet management technology provider, were left vulnerable to potential exploitation.  The researchers noted that the exposed database contained 22,745 records and .csv documents with customers’ names, emails, phone numbers, and user IDs.

Submitted by Adam Ekwall on

"New LockBit Variant Exploits Self-Spreading Features"

"New LockBit Variant Exploits Self-Spreading Features"

A recent incident in West Africa further highlights the ongoing threat posed by the LockBit ransomware. With stolen administrator credentials, cybercriminals have deployed a customized variant of the ransomware that can self-propagate. They compromised corporate infrastructure using privileged access, demonstrating the continued risk posed by the leaked LockBit 3.0 builder. The builder was leaked in 2022, but attackers, even those without advanced programming skills, continue to use it to create customized versions.

Submitted by Gregory Rigby on

IEEE 26th International Workshop on Multimedia Signal Processing (MMSP)

"It is the 26th in the series, organized by the Multimedia Signal Processing Technical Committee of the IEEE Signal Processing Society (SPS), with the aim to bring together researchers and practitioners from academia and industry, passionate about multimedia signal processing, to share their knowledge, exchange ideas, explore future research directions and network."

Topics of interest include, but are not limited to security.

"Breakthrough Promises Secure Quantum Computing at Home"

"Breakthrough Promises Secure Quantum Computing at Home"

Millions of people and companies could soon benefit from the full power of next-generation quantum computing because of a breakthrough by scientists at Oxford's Department of Physics that ensures security and privacy. A new study details the advancement, which promises to unlock the transformative potential of cloud-based quantum computing. In the new study, the researchers use an approach called "blind quantum computing." The approach connects two completely different quantum computing entities securely. Their new methods are scalable to large quantum computations.

Submitted by Gregory Rigby on

"Destructive ICS Malware 'Fuxnet' Used by Ukraine Against Russian Infrastructure"

"Destructive ICS Malware 'Fuxnet' Used by Ukraine Against Russian Infrastructure"

Claroty analyzed the Industrial Control System (ICS) malware "Fuxnet," used recently by Ukrainian hackers in an attack on a Russian underground infrastructure company. The hacker group known as "Blackjack," which is suspected to be affiliated with Ukraine's security services, claimed to have launched attacks on several critical Russian organizations. The hackers targeted Internet Service Providers (ISPs), utilities, data centers, and Russia's military, allegedly causing damage and stealing sensitive information.

Submitted by Gregory Rigby on

"Iran's Missile Strikes Against Israel Bolstered by Cyberattacks, Multiple Gangs Involved"

"Iran's Missile Strikes Against Israel Bolstered by Cyberattacks, Multiple Gangs Involved"

Before Iran's missile attack against Israel, the pro-Iranian cyber gang "Handala" claimed to have breached radar systems and sent 500,000 text messages to Israeli citizens. Iran-backed cyberattacks have increased recently, with multiple hacker groups now turning their attention to Israeli targets. Hackers, who have previously targeted the Israeli government and private institutions, shared screenshots of an allegedly compromised RADA system. According to Israeli officials, the number of cyberattacks against the country has increased threefold in recent weeks.

Submitted by Gregory Rigby on

"Palo Alto Networks Fixes Zero-Day Exploited to Backdoor Firewalls"

"Palo Alto Networks Fixes Zero-Day Exploited to Backdoor Firewalls"

Palo Alto Networks has started releasing hotfixes for a zero-day vulnerability that has been actively exploited since March 26th to backdoor PAN-OS firewalls.  The "maximum severity" security flaw, CVE-2024-3400, affects PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 firewalls with device telemetry and GlobalProtect (gateway or portal) enabled.  The company noted that unauthenticated threat actors can exploit it remotely to gain root code execution via command injection in low-complexity attacks that don't require user interaction.

Submitted by Adam Ekwall on

"Juniper Networks Publishes Dozens of New Security Advisories"

"Juniper Networks Publishes Dozens of New Security Advisories"

Juniper Networks recently published dozens of advisories detailing more than a hundred vulnerabilities in Junos OS, Junos OS Evolved, and other products.  Three of the advisories are marked as "critical severity," and all address security defects in third-party software used in the affected products.  The first advisory resolves nine vulnerabilities in the open source data transfer tool cURL, including four critical severity issues.  Two of the critical bugs were disclosed in 2018 and two in 2023.

Submitted by Adam Ekwall on

"Chipmaker Giant Nexperia Confirms Cyber-Attack Amid Ransomware Group Claims"

"Chipmaker Giant Nexperia Confirms Cyber-Attack Amid Ransomware Group Claims"

Global chipmaker giant Nexperia has recently revealed it suffered a cyberattack amid reports that ransomware hackers stole sensitive documents and intellectual property from the company.  The Chinese-owned firm, headquartered in the Netherlands, confirmed on April 12 that “an unauthorized third party” accessed certain IT servers in March 2024.  Nexperia said that it is currently working with external specialists to determine the nature and scope of the incident and has informed relevant authorities in the Netherlands, including law enforcement.

Submitted by Adam Ekwall on

"World-First 'Cybercrime Index' Ranks Countries by Cybercrime Threat Level"

"World-First 'Cybercrime Index' Ranks Countries by Cybercrime Threat Level"

The first-ever "World Cybercrime Index" has been compiled by an international team of researchers after conducting three years of intensive research. It ranks the most significant sources of cybercrime at the national level in order to identify the most critical cybercrime hotspots around the world. Relatively few countries hold the greatest cybercriminal threat, according to the Index. Russia leads the list, followed by Ukraine, China, the US, Nigeria, and Romania. The study will allow the public and private sectors to concentrate their resources on key cybercrime hotspots.

Submitted by Gregory Rigby on
Subscribe to