“Contact”, the threat actor behind this operation has been present since 2020 and it’s believed to have collected over 400.000
Blogs from all around the World
Recent blog posts
Make Sure That Stimulus Check Lands in the Right Bank Account
If you haven’t already, it’s time to build trust relationships with your financial institutions, using strong security, privacy protections and
Multiple Airlines Impacted by Data Breach at Aviation IT Firm SITA
SITA, a multinational company that specializes in air transport communications and IT, this week confirmed falling victim to a cyberattack
TX: Elara Caring notifies more than 100,000 patients after corporate email accounts hacked
Elara Caring, a provider of home-based care, suffered a data security breach that they learned about in mid-December. Last month,
Petersburg Medical Center talks about breach; says hospital will get new health records system
Angela Denning reports that Petersburg Medical Center has come out with more information about a medical records breach. They say
NSA, DHS Issue Guidance on Protective DNS
The U.S. National Security Agency and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) this week published
Latest
Hong Kong democracy activists win bid for bail
Four Hong Kong dissidents charged with subversion were let out on bail late Friday after prosecutors at the last minute dropped an appeal
TX: ProPath Notifies Patients of Data Security Incident
ProPath Services, LLC in Texas has notified patients of a data security breach stemming from compromise of two employees’ email
NC: FBI investigating 8-day cyber attack after ransomware attack on Allergy Partners
John Le reports: Federal authorities are investigating the ransomware attack that caused a network outage at Allergy Partners locations in
Right-wing militants furious after data leak exposes their involvement in paramilitary group
Travis Gettys reports: The data leak from the American Patriots Three Percent website revealed the names, phone numbers and photographs
Southern Illinois University School of Medicine impacted by Accellion breach, notifies patients
It appears that SIU was impacted by the Accellion breach that has been in the news a lot this past
Cybersécurité : les Français craignent pour leur identité en ligne
Depuis que le télétravail est devenu la nouvelle norme, la plupart des employés de bureau traditionnels se sont habitués à
Report: Russian Hackers Exploit Lithuanian Infrastructure
Hacker groups linked to Russian intelligence conducted cyber-attacks against top Lithuanian officials and decision-makers last year and used the Baltic
Supermicro, Pulse Secure Respond to Trickbot’s Ability to Target Firmware
Server and storage technology giant Supermicro and secure access solutions provider Pulse Secure have issued advisories to inform users that
Airline IT specialist Sita confirms cyber-attack – Travel Weekly UK
Airline communications and IT specialist Sita has been the victim of a cyber-attack, “leading to a data security incident involving
Three New Malware Strains Linked to SolarWinds Hackers
Microsoft and cybersecurity firm FireEye on Thursday published blog posts detailing several new pieces of malware that they believe are
Mazafaka — Elite Hacking and Cybercrime Forum — Got Hacked!
by March 5, 2021. GIXnews In what’s a case of hackers getting hacked, a prominent underground online criminal forum by
Researchers Disclose More Malware Used in SolarWinds Hack
See Also: Case Study: Live Oak Bank Tackles Cloud Security with Orca Security The newly discovered malware appear to be
South Africa Opposes WhatsApp-Facebook Data Sharing
South Africa’s information regulator has protested WhatsApp’s plans to share user data with Facebook, vowing to engage directly with the
Connected car technology vulnerable to cyber attacks – Trend Mirco
Connected car technology is vulnerable to cyber attacks, according to a new report from Trend Micro. The cybersecurity firm has
Someone Is Hacking Cybercrime Forums and Leaking User Data
Since the beginning of this year, an unknown threat actor has been hacking cybercrime forums and leaking user data publicly
[remote] CatDV 9.2 – RMI Authentication Bypass
CatDV 9.2 – RMI Authentication BypassExploit-DB.com RSS FeedRead More
[webapps] Fluig 1.7.0 – Path Traversal
Fluig 1.7.0 – Path TraversalExploit-DB.com RSS FeedRead More
Equality for women in the cybersecurity workforce may take a decade – TechHQ
Women working in the industry believe it will take at least a decade for them to be treated as equals
Risky business: 3 timeless approaches to reduce security risk in 2021
Since the COVID-19 pandemic drove workforces home, we’ve seen an increase in security risk across the board: from an increase
White House says closely tracking Microsoft’s emergency patch
WASHINGTON — The White House is closely tracking an emergency patch Microsoft Corp has released, U.S. national security adviser Jake
OSSA introduces Camera Cyber Security Specification and App Developer Council
Read the original article: OSSA introduces Camera Cyber Security Specification and App Developer Council The Open Security & Safety Alliance
Hollywood’s Elite Private Schools Hacked
Gary Baum reports: Several top L.A. private schools’ digital servers have been breached in recent weeks, and law enforcement is
‘The EU cannot defend Europe’: NATO chief
Most EU member states are also NATO member states, and their citizens’ safety relies on an alliance that far outspends
Friendly fire: Four well-known cybercriminal forums dealing with breaches
I’ve posted links to some other reports on this topic earlier today, but just came across Intel 471’s post. Sometimes,
Business Apps Spoofed in 45% of Impersonation Attacks
Business-related applications like those from Microsoft, Zoom, and DocuSign are most often impersonated in brand phishing attacks.Dark Reading:Read More
Microsoft, FireEye Uncover More Malware Used in the SolarWinds Campaign
Dark Reading:Read More
Data of 580,000 Singapore Airlines customers leaked in SITA security breach
Toh Ting Wei reports: About 580,000 Singapore Airlines (SIA) customers have been affected by a data leak at an external
Report: Russian hackers exploit Lithuanian infrastructure
AP reports: Hacker groups linked to Russian intelligence conducted cyber-attacks against top Lithuanian officials and decision-makers last year and used
Okta to Buy Auth0 for $6.5 Billion
The security firm Okta shook up the identity and access management market Wednesday by announcing a $6.5 billion deal to
Four Microsoft Exchange Zero-Days Exploited by China
Microsoft has issued an emergency Microsoft Exchange patch to fix four zero-day vulnerabilities currently being exploited by China.Schneier on SecurityRead
Zero-day vulnerabilities in Microsoft Exchange Server
Read the original article: Zero-day vulnerabilities in Microsoft Exchange Server The four vulnerabilities inside Microsoft Exchange Server allow an attacker
New Social Security Scam Spoofs Government Badges
Criminals text or email photos of fake government identification badges to trick people into sending money.Dark Reading:Read More
Privilege Escalation Bugs Patched in Linux Kernel
A total of five vulnerabilities that could lead to local privilege escalation were recently identified and fixed in the Linux
State hackers rush to exploit unpatched Microsoft Exchange servers – BleepingComputer
Multiple state-sponsored hacking groups are actively exploiting critical Exchange bugs Microsoft patched Tuesday via emergency out-of-band security updates. Microsoft addressed
Secure Laptops & the Enterprise of the Future
The enterprise of the future will depend upon organizations’ ability to extend the company firewall to everywhere people are working.Dark
Qualys Is the Latest Victim of Accellion Data Breach
Security vendor confirms attackers exploited a previously disclosed vulnerability in the enterprise firewall technology to breach its network.Dark Reading:Read More
Managed Services Provider CompuCom Hit by Malware
Managed services provider CompuCom was recently targeted in a cyberattack that led to some disruption to customer services and internal
Ransomware attacks of two more medical entities disclosed: one in U.S., one in Canada
It seems that every day, we learn of more ransomware attacks on healthcare entities. Here are two more. Arizona: Cochise
Russian cybercriminal forum hacked, user details exposed
A Russian cybercrime forum appears to have suffered a data breach, spilling details of users. Which is a terribly unfortunate
Cybercriminals Finding Ways to Bypass ‘3D Secure’ Fraud Prevention System
Security researchers with threat intelligence firm Gemini Advisory say they have observed dark web activities related to bypassing 3D Secure
UK: 15 schools in Nottinghamshire crippled by cyber attack
Bobby Hellard reports: Schools across Nottinghamshire have had to shut down their IT networks after a central trust that manages their systems
Wall Street targeted by new Capital Call investment email scammers
Business Email Compromise (BEC) scammers, who have made rich returns in recent years tricking organisations into transferring funds into their
Payroll giant PrismHR outage likely caused by ransomware attack
Leading payroll company PrismHR is suffering a massive outage after suffering a cyberattack this weekend that looks like a ransomware
Cybercriminals Target Industrial Organizations in Information Theft Campaign
A mysterious cybercrime group apparently driven by profit has been targeting industrial organizations in Europe, Asia and North America as
Why We Need More Blue Team Voices at the Table
The red team draws attention, but the blue team has the expertise to keep networks secure day in and day
The Accellion breach also impacted Qualys; threat actors start dumping files
As I noted yesterday on Twitter, Qualys was added to threat actor CLOP’s leak site, raising the question as to
The US Managed Service Provider CompuCom Confirms Ongoing Outage Following Malware Incident
Read the original article: The US Managed Service Provider CompuCom Confirms Ongoing Outage Following Malware Incident CompuCom is an IT
Indian state government website exposed COVID-19 lab test results
Zack Whittaker covers a data leak first reported by BleepingComputer. You can read TechCrunch’s report on the incident here.DataBreaches.netRead More
Update now! Chrome fix patches in-the-wild zero-day
Google has released a patch for yet another vulnerability in Chrome’s audio component after it was exploited in the wild.