The Monetary Authority of Singapore (MAS) has announced a new requirement impacting all major retail banks in the country to phase out the use of one-time passwords (OTPs) within the next three months. […]
Hackers use PoC exploits in attacks 22 minutes after release
Threat actors are quick to weaponize available proof-of-concept (PoC) exploits in actual attacks, sometimes as quickly as 22 minutes after exploits are made publicly available. […]
Microsoft fixes bug causing Windows Update automation issues
Microsoft has resolved a known issue caused by the June 2024 KB5039302 preview update, causing update problems when using Windows Update automation scripts on Windows 11 systems. […]
AT&T Confirms Data Breach Affecting Nearly All Wireless Customers
American telecom service provider AT&T has confirmed that threat actors managed to access data belonging to “nearly all” of its wireless customers as well as customers of mobile virtual network operators (MVNOs) using AT&T’s wireless network.
“Threat actors unlawfully accessed an AT&T workspace on a third-party cloud platform and, between April 14 and April 25, 2024, exfiltrated
“Threat actors unlawfully accessed an AT&T workspace on a third-party cloud platform and, between April 14 and April 25, 2024, exfiltrated
Critical Exim bug bypasses security filters on 1.5 million mail servers
Censys warns that over 1.5 million Exim mail transfer agent (MTA) instances are unpatched against a critical vulnerability that lets threat actors bypass security filters. […]
Rite Aid confirms data breach after June ransomware attack
Pharmacy giant Rite Aid confirmed a data breach after suffering a cyberattack in June, which was claimed by the RansomHub ransomware operation. […]
DNS hijacks target crypto platforms registered with Squarespace
A wave of coordinated DNS hijacking attacks targets decentralized finance (DeFi) cryptocurrency domains using the Squarespace registrar, redirecting visitors to phishing sites hosting wallet drainers. […]
Netgear warns users to patch auth bypass, XSS router flaws
Netgear warned customers to update their devices to the latest available firmware, which patches stored cross-site scripting (XSS) and authentication bypass vulnerabilities in several WiFi 6 router models. […]
DarkGate Malware Exploits Samba File Shares in Short-Lived Campaign
Cybersecurity researchers have shed light on a short-lived DarkGate malware campaign that leveraged Samba file shares to initiate the infections.
Palo Alto Networks Unit 42 said the activity spanned the months of March and April 2024, with the infection chains using servers running public-facing Samba file shares hosting Visual Basic Script (VBS) and JavaScript files. Targets included North
Palo Alto Networks Unit 42 said the activity spanned the months of March and April 2024, with the infection chains using servers running public-facing Samba file shares hosting Visual Basic Script (VBS) and JavaScript files. Targets included North
Massive AT&T data breach exposes call logs of 109 million customers
AT&T is warning of a massive data breach where threat actors stole the call logs for approximately 109 million customers, or nearly all of its mobile customers, from an online database on the company’s Snowflake account. […]