Attacks on your network are often meticulously planned operations launched by sophisticated threats. Sometimes your technical fortifications provide a formidable challenge, and the attack requires assistance from the inside to succeed. For example, in 2022, the FBI issued a warning1 that SIM swap attacks are growing: gain control of the phone and earn a gateway to email, bank accounts, stocks,
MNGI Digestive Health Data Breach Impacts 765,000 Individuals
MNGI Digestive Health tells the Maine AGO that hackers accessed the personal information of 765,000 individuals.
The post MNGI Digestive Health Data Breach Impacts 765,000 Individuals appeared first on SecurityWeek.
Apache HugeGraph Vulnerability Exploited in Wild
A recently patched Apache HugeGraph-Server vulnerability tracked as CVE-2024-27348 is being targeted in attacks.
The post Apache HugeGraph Vulnerability Exploited in Wild appeared first on SecurityWeek.
FIN7 Group Advertises Security-Bypassing Tool on Dark Web Forums
The financially motivated threat actor known as FIN7 has been observed using multiple pseudonyms across several underground forums to likely advertise a tool known to be used by ransomware groups like Black Basta.
“AvNeutralizer (aka AuKill), a highly specialized tool developed by FIN7 to tamper with security solutions, has been marketed in the criminal underground and used by multiple
“AvNeutralizer (aka AuKill), a highly specialized tool developed by FIN7 to tamper with security solutions, has been marketed in the criminal underground and used by multiple
Virtual Event Today: Cloud & Data Security Summit | 2024
Join us as we explore the latest trends in the world of SaaS security, cyberattacks against cloud infrastructure, data security posture management (DSPM), and the hype and promise of AI and LLM technologies.
The post Virtual Event Today: Cloud & Data Security Summit | 2024 appeared first on SecurityWeek.
Chrome 126 Updates Patch High-Severity Vulnerabilities
Chrome 126 security updates released this week resolve high-severity vulnerabilities reported by external researchers.
The post Chrome 126 Updates Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
Oracle Patches 240 Vulnerabilities With July 2024 CPU
Oracle releases 386 new security patches to resolve roughly 240 unique CVEs as part of its July 2024 Critical Patch Update.
The post Oracle Patches 240 Vulnerabilities With July 2024 CPU appeared first on SecurityWeek.
China-linked APT17 Targets Italian Companies with 9002 RAT Malware
A China-linked threat actor called APT17 has been observed targeting Italian companies and government entities using a variant of a known malware referred to as 9002 RAT.
The two targeted attacks took place on June 24 and July 2, 2024, Italian cybersecurity company TG Soft said in an analysis published last week.
“The first campaign on June 24, 2024 used an Office document, while the second
The two targeted attacks took place on June 24 and July 2, 2024, Italian cybersecurity company TG Soft said in an analysis published last week.
“The first campaign on June 24, 2024 used an Office document, while the second
Rite Aid Says Hack Impacts 2.2M People as Ransomware Gang Threatens to Leak Data
Pharmacy chain Rite Aid says 2.2 million people are impacted by a recent data breach for which the RansomHub group has taken credit.
The post Rite Aid Says Hack Impacts 2.2M People as Ransomware Gang Threatens to Leak Data appeared first on SecurityWeek.
Scattered Spider Adopts RansomHub and Qilin Ransomware for Cyber Attacks
The infamous cybercrime group known as Scattered Spider has incorporated ransomware strains such as RansomHub and Qilin into its arsenal, Microsoft has revealed.
Scattered Spider is the designation given to a threat actor that’s known for its sophisticated social engineering schemes to breach targets and establish persistence for follow-on exploitation and data theft. It also has a history of
Scattered Spider is the designation given to a threat actor that’s known for its sophisticated social engineering schemes to breach targets and establish persistence for follow-on exploitation and data theft. It also has a history of