Blogs from all around the World

Recent blog posts


Colorado-Based Sengrid Email Marketing Company Accounts Were Hacked

“Contact”, the threat actor behind this operation has been present since 2020 and it’s believed to have collected over 400.000


Make Sure That Stimulus Check Lands in the Right Bank Account

If you haven’t already, it’s time to build trust relationships with your financial institutions, using strong security, privacy protections and


Multiple Airlines Impacted by Data Breach at Aviation IT Firm SITA

SITA, a multinational company that specializes in air transport communications and IT, this week confirmed falling victim to a cyberattack


TX: Elara Caring notifies more than 100,000 patients after corporate email accounts hacked

Elara Caring, a provider of home-based care, suffered a data security breach that they learned about in mid-December. Last month,


Petersburg Medical Center talks about breach; says hospital will get new health records system

Angela Denning reports that Petersburg Medical Center has come out with more information about a medical records breach. They say


NSA, DHS Issue Guidance on Protective DNS

The U.S. National Security Agency and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) this week published


TX: ProPath Notifies Patients of Data Security Incident

ProPath Services, LLC in Texas has notified patients of a data security breach stemming from compromise of two employees’ email


NC: FBI investigating 8-day cyber attack after ransomware attack on Allergy Partners

John Le reports: Federal authorities are investigating the ransomware attack that caused a network outage at Allergy Partners locations in


Right-wing militants furious after data leak exposes their involvement in paramilitary group

Travis Gettys reports: The data leak from the American Patriots Three Percent website revealed the names, phone numbers and photographs


Southern Illinois University School of Medicine impacted by Accellion breach, notifies patients

It appears that SIU was impacted by the Accellion breach that has been in the news a lot this past


Cybersécurité : les Français craignent pour leur identité en ligne

Depuis que le télétravail est devenu la nouvelle norme, la plupart des employés de bureau traditionnels se sont habitués à


Report: Russian Hackers Exploit Lithuanian Infrastructure

Hacker groups linked to Russian intelligence conducted cyber-attacks against top Lithuanian officials and decision-makers last year and used the Baltic


Supermicro, Pulse Secure Respond to Trickbot’s Ability to Target Firmware

Server and storage technology giant Supermicro and secure access solutions provider Pulse Secure have issued advisories to inform users that


Airline IT specialist Sita confirms cyber-attack – Travel Weekly UK

Airline communications and IT specialist Sita has been the victim of a cyber-attack, “leading to a data security incident involving


Three New Malware Strains Linked to SolarWinds Hackers

Microsoft and cybersecurity firm FireEye on Thursday published blog posts detailing several new pieces of malware that they believe are


Threat Model Humor

At a hospital.Schneier on SecurityRead More


Mazafaka — Elite Hacking and Cybercrime Forum — Got Hacked!

by March 5, 2021. GIXnews In what’s a case of hackers getting hacked, a prominent underground online criminal forum by


Researchers Disclose More Malware Used in SolarWinds Hack

See Also: Case Study: Live Oak Bank Tackles Cloud Security with Orca Security The newly discovered malware appear to be


South Africa Opposes WhatsApp-Facebook Data Sharing

South Africa’s information regulator has protested WhatsApp’s plans to share user data with Facebook, vowing to engage directly with the


Connected car technology vulnerable to cyber attacks – Trend Mirco

Connected car technology is vulnerable to cyber attacks, according to a new report from Trend Micro. The cybersecurity firm has


Someone Is Hacking Cybercrime Forums and Leaking User Data

Since the beginning of this year, an unknown threat actor has been hacking cybercrime forums and leaking user data publicly


[remote] CatDV 9.2 – RMI Authentication Bypass

CatDV 9.2 – RMI Authentication RSS FeedRead More


[webapps] Fluig 1.7.0 – Path Traversal

Fluig 1.7.0 – Path RSS FeedRead More


Equality for women in the cybersecurity workforce may take a decade – TechHQ

Women working in the industry believe it will take at least a decade for them to be treated as equals


Risky business: 3 timeless approaches to reduce security risk in 2021

Since the COVID-19 pandemic drove workforces home, we’ve seen an increase in security risk across the board: from an increase


White House says closely tracking Microsoft’s emergency patch

WASHINGTON — The White House is closely tracking an emergency patch Microsoft Corp has released, U.S. national security adviser Jake


OSSA introduces Camera Cyber Security Specification and App Developer Council

Read the original article: OSSA introduces Camera Cyber Security Specification and App Developer Council The Open Security & Safety Alliance


Hollywood’s Elite Private Schools Hacked

Gary Baum reports: Several top L.A. private schools’ digital servers have been breached in recent weeks, and law enforcement is


‘The EU cannot defend Europe’: NATO chief

Most EU member states are also NATO member states, and their citizens’ safety relies on an alliance that far outspends


Friendly fire: Four well-known cybercriminal forums dealing with breaches

I’ve posted links to some other reports on this topic earlier today, but just came across Intel 471’s post. Sometimes,


Business Apps Spoofed in 45% of Impersonation Attacks

Business-related applications like those from Microsoft, Zoom, and DocuSign are most often impersonated in brand phishing attacks.Dark Reading:Read More


Data of 580,000 Singapore Airlines customers leaked in SITA security breach

Toh Ting Wei reports: About 580,000 Singapore Airlines (SIA) customers have been affected by a data leak at an external


Report: Russian hackers exploit Lithuanian infrastructure

AP reports: Hacker groups linked to Russian intelligence conducted cyber-attacks against top Lithuanian officials and decision-makers last year and used


Okta to Buy Auth0 for $6.5 Billion

The security firm Okta shook up the identity and access management market Wednesday by announcing a $6.5 billion deal to


Four Microsoft Exchange Zero-Days Exploited by China

Microsoft has issued an emergency Microsoft Exchange patch to fix four zero-day vulnerabilities currently being exploited by China.Schneier on SecurityRead


Zero-day vulnerabilities in Microsoft Exchange Server

Read the original article: Zero-day vulnerabilities in Microsoft Exchange Server The four vulnerabilities inside Microsoft Exchange Server allow an attacker


New Social Security Scam Spoofs Government Badges

Criminals text or email photos of fake government identification badges to trick people into sending money.Dark Reading:Read More


Privilege Escalation Bugs Patched in Linux Kernel

A total of five vulnerabilities that could lead to local privilege escalation were recently identified and fixed in the Linux


State hackers rush to exploit unpatched Microsoft Exchange servers – BleepingComputer

Multiple state-sponsored hacking groups are actively exploiting critical Exchange bugs Microsoft patched Tuesday via emergency out-of-band security updates. Microsoft addressed


Secure Laptops & the Enterprise of the Future

The enterprise of the future will depend upon organizations’ ability to extend the company firewall to everywhere people are working.Dark


Qualys Is the Latest Victim of Accellion Data Breach

Security vendor confirms attackers exploited a previously disclosed vulnerability in the enterprise firewall technology to breach its network.Dark Reading:Read More


Managed Services Provider CompuCom Hit by Malware

Managed services provider CompuCom was recently targeted in a cyberattack that led to some disruption to customer services and internal


Ransomware attacks of two more medical entities disclosed: one in U.S., one in Canada

It seems that every day, we learn of more ransomware attacks on healthcare entities.  Here are two more. Arizona:  Cochise


Russian cybercriminal forum hacked, user details exposed

A Russian cybercrime forum appears to have suffered a data breach, spilling details of users. Which is a terribly unfortunate


Cybercriminals Finding Ways to Bypass ‘3D Secure’ Fraud Prevention System

Security researchers with threat intelligence firm Gemini Advisory say they have observed dark web activities related to bypassing 3D Secure


UK: 15 schools in Nottinghamshire crippled by cyber attack

Bobby Hellard reports: Schools across Nottinghamshire have had to shut down their IT networks after a central trust that manages their systems


Wall Street targeted by new Capital Call investment email scammers

Business Email Compromise (BEC) scammers, who have made rich returns in recent years tricking organisations into transferring funds into their


Payroll giant PrismHR outage likely caused by ransomware attack

Leading payroll company PrismHR is suffering a massive outage after suffering a cyberattack this weekend that looks like a ransomware


Cybercriminals Target Industrial Organizations in Information Theft Campaign

A mysterious cybercrime group apparently driven by profit has been targeting industrial organizations in Europe, Asia and North America as


Why We Need More Blue Team Voices at the Table

The red team draws attention, but the blue team has the expertise to keep networks secure day in and day


The Accellion breach also impacted Qualys; threat actors start dumping files

As I noted yesterday on Twitter, Qualys was added to threat actor CLOP’s leak site, raising the question as to


The US Managed Service Provider CompuCom Confirms Ongoing Outage Following Malware Incident

Read the original article: The US Managed Service Provider CompuCom Confirms Ongoing Outage Following Malware Incident CompuCom is an IT


Indian state government website exposed COVID-19 lab test results

Zack Whittaker covers a data leak first reported by BleepingComputer.  You can read TechCrunch’s report on the incident here.DataBreaches.netRead More


Update now! Chrome fix patches in-the-wild zero-day

Google has released a patch for yet another vulnerability in Chrome’s audio component after it was exploited in the wild.