Blogs from all around the World

Recent blog posts

  

Colorado-Based Sengrid Email Marketing Company Accounts Were Hacked

“Contact”, the threat actor behind this operation has been present since 2020 and it’s believed to have collected over 400.000

  

Make Sure That Stimulus Check Lands in the Right Bank Account

If you haven’t already, it’s time to build trust relationships with your financial institutions, using strong security, privacy protections and

  

Multiple Airlines Impacted by Data Breach at Aviation IT Firm SITA

SITA, a multinational company that specializes in air transport communications and IT, this week confirmed falling victim to a cyberattack

  

TX: Elara Caring notifies more than 100,000 patients after corporate email accounts hacked

Elara Caring, a provider of home-based care, suffered a data security breach that they learned about in mid-December. Last month,

  

Petersburg Medical Center talks about breach; says hospital will get new health records system

Angela Denning reports that Petersburg Medical Center has come out with more information about a medical records breach. They say

  

NSA, DHS Issue Guidance on Protective DNS

The U.S. National Security Agency and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) this week published

  

TX: ProPath Notifies Patients of Data Security Incident

ProPath Services, LLC in Texas has notified patients of a data security breach stemming from compromise of two employees’ email

  

NC: FBI investigating 8-day cyber attack after ransomware attack on Allergy Partners

John Le reports: Federal authorities are investigating the ransomware attack that caused a network outage at Allergy Partners locations in

  

Right-wing militants furious after data leak exposes their involvement in paramilitary group

Travis Gettys reports: The data leak from the American Patriots Three Percent website revealed the names, phone numbers and photographs

  

Southern Illinois University School of Medicine impacted by Accellion breach, notifies patients

It appears that SIU was impacted by the Accellion breach that has been in the news a lot this past

  

Cybersécurité : les Français craignent pour leur identité en ligne

Depuis que le télétravail est devenu la nouvelle norme, la plupart des employés de bureau traditionnels se sont habitués à

  

Report: Russian Hackers Exploit Lithuanian Infrastructure

Hacker groups linked to Russian intelligence conducted cyber-attacks against top Lithuanian officials and decision-makers last year and used the Baltic

  

Supermicro, Pulse Secure Respond to Trickbot’s Ability to Target Firmware

Server and storage technology giant Supermicro and secure access solutions provider Pulse Secure have issued advisories to inform users that

  

Airline IT specialist Sita confirms cyber-attack – Travel Weekly UK

Airline communications and IT specialist Sita has been the victim of a cyber-attack, “leading to a data security incident involving

  

Three New Malware Strains Linked to SolarWinds Hackers

Microsoft and cybersecurity firm FireEye on Thursday published blog posts detailing several new pieces of malware that they believe are

  

Threat Model Humor

At a hospital.Schneier on SecurityRead More

  

Mazafaka — Elite Hacking and Cybercrime Forum — Got Hacked!

by March 5, 2021. GIXnews In what’s a case of hackers getting hacked, a prominent underground online criminal forum by

  

Researchers Disclose More Malware Used in SolarWinds Hack

See Also: Case Study: Live Oak Bank Tackles Cloud Security with Orca Security The newly discovered malware appear to be

  

South Africa Opposes WhatsApp-Facebook Data Sharing

South Africa’s information regulator has protested WhatsApp’s plans to share user data with Facebook, vowing to engage directly with the

  

Connected car technology vulnerable to cyber attacks – Trend Mirco

Connected car technology is vulnerable to cyber attacks, according to a new report from Trend Micro. The cybersecurity firm has

  

Someone Is Hacking Cybercrime Forums and Leaking User Data

Since the beginning of this year, an unknown threat actor has been hacking cybercrime forums and leaking user data publicly

  

[remote] CatDV 9.2 – RMI Authentication Bypass

CatDV 9.2 – RMI Authentication BypassExploit-DB.com RSS FeedRead More

  

[webapps] Fluig 1.7.0 – Path Traversal

Fluig 1.7.0 – Path TraversalExploit-DB.com RSS FeedRead More

  

Equality for women in the cybersecurity workforce may take a decade – TechHQ

Women working in the industry believe it will take at least a decade for them to be treated as equals

  

Risky business: 3 timeless approaches to reduce security risk in 2021

Since the COVID-19 pandemic drove workforces home, we’ve seen an increase in security risk across the board: from an increase

  

White House says closely tracking Microsoft’s emergency patch

WASHINGTON — The White House is closely tracking an emergency patch Microsoft Corp has released, U.S. national security adviser Jake

  

OSSA introduces Camera Cyber Security Specification and App Developer Council

Read the original article: OSSA introduces Camera Cyber Security Specification and App Developer Council The Open Security & Safety Alliance

  

Hollywood’s Elite Private Schools Hacked

Gary Baum reports: Several top L.A. private schools’ digital servers have been breached in recent weeks, and law enforcement is

  

‘The EU cannot defend Europe’: NATO chief

Most EU member states are also NATO member states, and their citizens’ safety relies on an alliance that far outspends

  

Friendly fire: Four well-known cybercriminal forums dealing with breaches

I’ve posted links to some other reports on this topic earlier today, but just came across Intel 471’s post. Sometimes,

  

Business Apps Spoofed in 45% of Impersonation Attacks

Business-related applications like those from Microsoft, Zoom, and DocuSign are most often impersonated in brand phishing attacks.Dark Reading:Read More

  

Data of 580,000 Singapore Airlines customers leaked in SITA security breach

Toh Ting Wei reports: About 580,000 Singapore Airlines (SIA) customers have been affected by a data leak at an external

  

Report: Russian hackers exploit Lithuanian infrastructure

AP reports: Hacker groups linked to Russian intelligence conducted cyber-attacks against top Lithuanian officials and decision-makers last year and used

  

Okta to Buy Auth0 for $6.5 Billion

The security firm Okta shook up the identity and access management market Wednesday by announcing a $6.5 billion deal to

  

Four Microsoft Exchange Zero-Days Exploited by China

Microsoft has issued an emergency Microsoft Exchange patch to fix four zero-day vulnerabilities currently being exploited by China.Schneier on SecurityRead

  

Zero-day vulnerabilities in Microsoft Exchange Server

Read the original article: Zero-day vulnerabilities in Microsoft Exchange Server The four vulnerabilities inside Microsoft Exchange Server allow an attacker

  

New Social Security Scam Spoofs Government Badges

Criminals text or email photos of fake government identification badges to trick people into sending money.Dark Reading:Read More

  

Privilege Escalation Bugs Patched in Linux Kernel

A total of five vulnerabilities that could lead to local privilege escalation were recently identified and fixed in the Linux

  

State hackers rush to exploit unpatched Microsoft Exchange servers – BleepingComputer

Multiple state-sponsored hacking groups are actively exploiting critical Exchange bugs Microsoft patched Tuesday via emergency out-of-band security updates. Microsoft addressed

  

Secure Laptops & the Enterprise of the Future

The enterprise of the future will depend upon organizations’ ability to extend the company firewall to everywhere people are working.Dark

  

Qualys Is the Latest Victim of Accellion Data Breach

Security vendor confirms attackers exploited a previously disclosed vulnerability in the enterprise firewall technology to breach its network.Dark Reading:Read More

  

Managed Services Provider CompuCom Hit by Malware

Managed services provider CompuCom was recently targeted in a cyberattack that led to some disruption to customer services and internal

  

Ransomware attacks of two more medical entities disclosed: one in U.S., one in Canada

It seems that every day, we learn of more ransomware attacks on healthcare entities.  Here are two more. Arizona:  Cochise

  

Russian cybercriminal forum hacked, user details exposed

A Russian cybercrime forum appears to have suffered a data breach, spilling details of users. Which is a terribly unfortunate

  

Cybercriminals Finding Ways to Bypass ‘3D Secure’ Fraud Prevention System

Security researchers with threat intelligence firm Gemini Advisory say they have observed dark web activities related to bypassing 3D Secure

  

UK: 15 schools in Nottinghamshire crippled by cyber attack

Bobby Hellard reports: Schools across Nottinghamshire have had to shut down their IT networks after a central trust that manages their systems

  

Wall Street targeted by new Capital Call investment email scammers

Business Email Compromise (BEC) scammers, who have made rich returns in recent years tricking organisations into transferring funds into their

  

Payroll giant PrismHR outage likely caused by ransomware attack

Leading payroll company PrismHR is suffering a massive outage after suffering a cyberattack this weekend that looks like a ransomware

  

Cybercriminals Target Industrial Organizations in Information Theft Campaign

A mysterious cybercrime group apparently driven by profit has been targeting industrial organizations in Europe, Asia and North America as

  

Why We Need More Blue Team Voices at the Table

The red team draws attention, but the blue team has the expertise to keep networks secure day in and day

  

The Accellion breach also impacted Qualys; threat actors start dumping files

As I noted yesterday on Twitter, Qualys was added to threat actor CLOP’s leak site, raising the question as to

  

The US Managed Service Provider CompuCom Confirms Ongoing Outage Following Malware Incident

Read the original article: The US Managed Service Provider CompuCom Confirms Ongoing Outage Following Malware Incident CompuCom is an IT

  

Indian state government website exposed COVID-19 lab test results

Zack Whittaker covers a data leak first reported by BleepingComputer.  You can read TechCrunch’s report on the incident here.DataBreaches.netRead More

  

Update now! Chrome fix patches in-the-wild zero-day

Google has released a patch for yet another vulnerability in Chrome’s audio component after it was exploited in the wild.