The Los Angeles Unified School District has confirmed a data breach after threat actors stole student and employee data by breaching the company’s Snowflake account. […]
US sanctions 12 Kaspersky Lab execs for working in Russian tech sector
The Treasury Department’s Office of Foreign Assets Control (OFAC) has sanctioned twelve Kaspersky Lab executives for operating in the technology sector of Russia. […]
Change Healthcare lists the medical data stolen in ransomware attack
UnitedHealth has confirmed for the first time what types of medical and patient data were stolen in the massive Change Healthcare ransomware attack, stating that data breach notifications will be mailed in July. […]
Five men convicted for operating illegal streaming site Jetflicks
A federal jury in Las Vegas convicted five men for their involvement in the operation of Jetflicks, one of the largest and most popular illegal streaming services in the United States. […]
Tor Browser 13.5 brings Android enhancements, better bridge management
The Tor Project has released Tor Browser 13.5, bringing several improvements and enhancements for Android and desktop versions. […]
Chinese Hackers Deploy SpiceRAT and SugarGh0st in Global Espionage Campaign
A previously undocumented Chinese-speaking threat actor codenamed SneakyChef has been linked to an espionage campaign primarily targeting government entities across Asia and EMEA (Europe, Middle East, and Africa) with SugarGh0st malware since at least August 2023.
“SneakyChef uses lures that are scanned documents of government agencies, most of which are related to various countries’ Ministries
“SneakyChef uses lures that are scanned documents of government agencies, most of which are related to various countries’ Ministries
Military-themed Email Scam Spreads Malware to Infect Pakistani Users
Cybersecurity researchers have shed light on a new phishing campaign that has been identified as targeting people in Pakistan using a custom backdoor.
Dubbed PHANTOM#SPIKE by Securonix, the unknown threat actors behind the activity have leveraged military-related phishing documents to activate the infection sequence.
“While there are many methods used today to deploy malware, the threat actors
Dubbed PHANTOM#SPIKE by Securonix, the unknown threat actors behind the activity have leveraged military-related phishing documents to activate the infection sequence.
“While there are many methods used today to deploy malware, the threat actors
CDK warns: threat actors are calling customers, posing as support
CDK Global has cautioned customers about unscrupulous actors calling them and posing as CDK agents or affiliates to gain unauthorized systems access. The warning follows ongoing cyberattacks that have hit CDK, a software-as-a-service (SaaS) platform that thousands of US car dealerships rely upon. […]
Oyster Backdoor Spreading via Trojanized Popular Software Downloads
A malvertising campaign is leveraging trojanized installers for popular software such as Google Chrome and Microsoft Teams to drop a backdoor called Oyster (aka Broomstick and CleanUpLoader).
That’s according to findings from Rapid7, which identified lookalike websites hosting the malicious payloads that users are redirected to after searching for them on search engines like Google and Bing.
The
That’s according to findings from Rapid7, which identified lookalike websites hosting the malicious payloads that users are redirected to after searching for them on search engines like Google and Bing.
The
SolarWinds Serv-U Vulnerability Under Active Attack – Patch Immediately
A recently patched high-severity flaw impacting SolarWinds Serv-U file transfer software is being actively exploited by malicious actors in the wild.
The vulnerability, tracked as CVE-2024-28995 (CVSS score: 8.6), concerns a directory transversal bug that could allow attackers to read sensitive files on the host machine.
Affecting all versions of the software prior to and including Serv-U 15.4.2
The vulnerability, tracked as CVE-2024-28995 (CVSS score: 8.6), concerns a directory transversal bug that could allow attackers to read sensitive files on the host machine.
Affecting all versions of the software prior to and including Serv-U 15.4.2