CISA has added a critical Jenkins vulnerability that can be exploited to gain remote code execution to its catalog of security bugs, warning that it’s actively exploited in attacks. […]
Hackers linked to $14M Holograph crypto heist arrested in Italy
Suspected hackers behind the heist of $14,000,000 worth of cryptocurrency from blockchain tech firm Holograph was arrested in Italy after living a lavish lifestyle for weeks in the country. […]
Windows Zero-Day Attack Linked to North Korea’s Lazarus APT
The vulnerability, tracked as CVE-2024-38193 and marked as ‘actively exploited’ by Microsoft, allows SYSTEM privileges on the latest Windows operating systems.
The post Windows Zero-Day Attack Linked to North Korea’s Lazarus APT appeared first on SecurityWeek.
Carespring Data Breach Exposes Personal and Medical Information of Nearly 77,000 Patients
Data includes names, dates of birth, physical addresses, Social Security Numbers, medical and diagnosis information, and health insurance details.
The post Carespring Data Breach Exposes Personal and Medical Information of Nearly 77,000 Patients appeared first on SecurityWeek.
FlightAware configuration error leaked user data for years
Flight tracking platform FlightAware is asking some users to reset their account login passwords due to a data security incident that may have exposed personal information. […]
National Public Data Says Breach Impacts 1.3 Million People
National Public Data (NPD) has confirmed suffering a data breach, but the company says the incident only affects 1.3 million people in the US.
The post National Public Data Says Breach Impacts 1.3 Million People appeared first on SecurityWeek.
New UULoader Malware Distributes Gh0st RAT and Mimikatz in East Asia
A new type of malware called UULoader is being used by threat actors to deliver next-stage payloads like Gh0st RAT and Mimikatz.
The Cyberint Research Team, which discovered the malware, said it’s distributed in the form of malicious installers for legitimate applications targeting Korean and Chinese speakers.
There is evidence pointing to UULoader being the work of a Chinese speaker due to the
The Cyberint Research Team, which discovered the malware, said it’s distributed in the form of malicious installers for legitimate applications targeting Korean and Chinese speakers.
There is evidence pointing to UULoader being the work of a Chinese speaker due to the
City of Flint Scrambling to Restore Services Following Ransomware Attack
The City of Flint, Michigan, has been struggling with network and online service disruptions after being hit by ransomware last week.
The post City of Flint Scrambling to Restore Services Following Ransomware Attack appeared first on SecurityWeek.
Cybercriminals Exploit Popular Software Searches to Spread FakeBat Malware
Cybersecurity researchers have uncovered a surge in malware infections stemming from malvertising campaigns distributing a loader called FakeBat.
“These attacks are opportunistic in nature, targeting users seeking popular business software,” the Mandiant Managed Defense team said in a technical report. “The infection utilizes a trojanized MSIX installer, which executes a PowerShell script to
“These attacks are opportunistic in nature, targeting users seeking popular business software,” the Mandiant Managed Defense team said in a technical report. “The infection utilizes a trojanized MSIX installer, which executes a PowerShell script to
US Lawmakers Want Investigation Into TP-Link Over Chinese Hacking Fears
Lawmakers want TP-Link to be investigated by the Department of Commerce over concerns that its routers can be easily hacked to infiltrate US systems.
The post US Lawmakers Want Investigation Into TP-Link Over Chinese Hacking Fears appeared first on SecurityWeek.