Daily News - Setembro (08/09 - 14/09) - 37 Semana de 2024

Cyber Security, Hacking, Privacy and Information Security News --- Daily Updates !! Weekly Resume...

14/09

23andMe will pay $30 million to settle 2023 data breach lawsuit

Data breach: Integrated Personnel and Payroll Information System (IPPIS) website hijacked by unknown hacker, workers personal information made public

FBI tells public to ignore false claims of hacked voter data

Fortinet admits hacker stole customer data from its servers

Ivanti Warns of Active Exploitation of Newly Patched Cloud Appliance Vulnerability

Kawasaki Europe Confirms Cyber Attack, RansomHub Claims Responsibility

Malware locks browser in kiosk mode to steal Google credentials

Multiple attacks forces CISA to order agencies to upgrade or remove end-of-life Ivanti appliance

National Social Security Fund of Cameroon (CNPS) Data Breach: SpaceBears Hack Confirmed, Government in Denial

Port of Seattle Confirms August Cyberattack by Rhysida Ransomware

Seattle Tacoma Airport Says it Was Victim of Ransomware Attack That it Refused to Pay, Admits Some Data May Have Been Stolen

Singapore Customs issues scam alert on ‘parcel clearance’ fraud SMS and phishing link

Whale Phishing Scam: What is it? How to stay safe

What is whale phishing scam and tips to stay safe

13/09

23andMe Agrees To $30 Million Settlement For Last Year's Data Breach

23andMe to pay $30 million in genetics data breach settlement

64% of education IT workers say ransomware impacts education quality

A Threat Actor Claims to Data Breach of WeCloudData

Access Sports Medicine & Orthopaedics Data Breach Affects Over 88,000 Patients

Alleged We One Data Breach Exposes 13,000 Users’ Information

Apple Vision Pro Vulnerability Exposed Virtual Keyboard Inputs to Attackers

Bank details compromised in TfL cyber attack

BT spots 2,000 potential attacks on its network a second

China denies hacking the Pacific Islands Forum earlier this year

CosmicBeetle Ransomware Group Targets Small Businesses in Europe and Asia

Critical vulnerabilities found in Photoshop, Premiere Pro, and multiple other Adobe products

Cyber attack delays introduction of contactless payment at Kent stations including Dunton Green, Eynsford, Otford, Sevenoaks and Shoreham

Cyber insurance set for explosive growth

Cyberattack compromises and shuts down Highline Public Schools

Cyberattacks on US utilities surged 70% this year, says Check Point

Employee benefits provider VeriSource says data breach impacted about 112k individuals

Fortinet confirms customer data breach

Fortinet Confirms Customer Data Breach via Third Party

Fortinet Confirms Data Breach After Hacker Claims 440GB Heist

Governo desmente ataque hacker no GOV.BR. Instabilidades foram por ‘questão operacional”

Hacker claims to have stolen 20GB data hoard from Capgemini, and is threatening to leak it all

Hacker mais valioso do mundo em 2024 é português

Hackers steal nearly 1.7 million credit card numbers in breach

Health Network Reaches $65M Settlement Over Data Breach

How the New EU Regulatory Landscape Will Impact Software Security

How to make Infrastructure as Code secure by default

India Ascends to Tier 1 Rank in Global Cybersecurity Index (GCI 2024)

IntelBroker Allegedly Breached Washington DC DMV and IAAI

Ivanti warns high severity CSA flaw is now exploited in attacks

Kawasaki’s European arm restores operation after cyberattack claimed by Ransomhub

KillSec Allegedly Breaches SuperCommerce.ai, Leaks Confidential Business Data

LOGE Camps Data Breach Impacts an Unknown Number of Consumers Sensitive Information

Malicious Actors Spreading False US Voter Registration Breach Claims

Meta Set to Un-Pause its AI Training in the UK

Microsoft Vows to Prevent Future CrowdStrike-Like Outages

NCA arrests 17-year-old Brit over cyber attack on Transport for London

New Android Malware Ajina.Banker Steals 2FA Codes, Spreads via Telegram

New Linux Malware Campaign Exploits Oracle Weblogic to Mine Cryptocurrency

New Linux malware Hadooken targets Oracle WebLogic servers

Online Grocery Store Superbazaar Allegedly Breached 6M Records Exposed

Organizations still don’t know how to handle non-human identities

Port of Seattle refuses to pay Rhysida ransom, warns of data leak

Progress WhatsUp Gold Exploited Just Hours After PoC Release for Critical Flaw

RansomHub claims Kawasaki cyberattack, threatens to leak stolen data

Ransomware attacks are soaring to a new high

Record $65m Settlement for Hacked Patient Photos

Russian hackers attack Taiwanese government in response to president’s comments

Schools and universities are paying higher ransomware demands

Security measures fail to keep up with rising email attacks

Stealthy Fileless Attack Targets Attendees of US-Taiwan Defense Industry Conference

Tennessee school district loses $3.4 million to a fake curriculum vendor

Top 5 Vulnerability Management Mistakes Companies Make (Plus a Bonus Mistake to Avoid)

TrickMo Android Trojan Exploits Accessibility Services for On-Device Banking Fraud

Turkish government denies allegations of a massive data breach impacting 85 million citizens

UK Data Centers Gain Critical National Infrastructure Status Amid £4Bn Investment

UK to class data centres as 'critical national infrastructure

12/09

17-Year Old Teen Arrested Behind The London Transport Cyber Attack

A Threat Actor Alleged Data Breach at Chile’s National Sports Institute (IND)

A Threat Actor Claims to Breach of Fortinet, Compromising Over 440GB Data

Acadian Ambulance data breach impacted close to 2.9 million patients

Adobe completes fix for Reader bug with known PoC exploit (CVE-2024-41869)

Adobe Patch Tuesday security updates fixed multiple critical issues in the company’s products

Aembit Raises $25 Million in Series A Funding for Non-Human Identity and Access Management

Another case of ransomware data duplication as second group claims Myelec cyber attack

Application detection and response is the gap-bridging technology we need

August 2024’s Most Wanted Malware: FakeUpdates maintains its dominance in India, overtaking Qbot

Avis Car Rental Suffers a Data Breach Impacting Nearly 300,000 Customers

Benefits and best practices of leveraging AI for cybersecurity

Beware: New Vo1d Malware Infects 1.3 Million Android TV Boxes Worldwide

Beware of Work Email Security Alert that Steals Your Login Credentials

Brazil’s largest forex bank vulnerable to attack

BT detects 2,000 cyber-attack signals per second as threats surge

Business Email Compromise Costs $55bn Over a Decade

Business email scam losses larger than Wyoming economy

Cert-In Issues High Severity Warning for Android Users, Recommends Patching

Chinese banking giant's London HQ targeted by cybercriminals, threatening to leak millions of files

CISA Alerts Federal Agencies to Urgent Microsoft Vulnerabilities

Cisco IOS XR Software Flaw Let Attackers Exhaust Memory, DoS & Elevate Privileges

Cisco Web-Based Management Interface Vulnerability Allows Privilege Escalation

Cosmetics Company SACARA Allegedly Breached 692K Rows of User Data For Sale

Criminal IP Teams Up with IPLocation.io to Deliver Unmatched IP Solutions to Global Audiences

Cyber attack on payment gateway provider Slim CD impacted about 1.7 million individuals

Cybercrime in the Education Sector

Cybersecurity giant Fortinet discloses a data breach

CyberVolk Claims Breach of U.S. Geological Survey Database

Exploitation Zero-Day Vulnerabilities For Remote Access Became Prime Target

Exposed Selenium Grid Servers Targeted for Crypto Mining and Proxyjacking

FBI: Reported cryptocurrency losses reached $5.6 billion in 2023

Florida Department of Health says security incident impacted over 725,000 individuals

Fortinet confirms data breach after hacker claims to steal 440GB of files

Fortinet suffers third-party data breach affecting Asia-Pacific customers

French Retailers Hit by Cyberattack, Customer Data Stolen

From Amazon to Target: Hackers Mimic Top Brands in Global Crypto Scam

GitLab Issues Critical Patch Releases: Versions 17.3.2, 17.2.5, and 17.1.7 Address Key Vulnerabilities

GitLab Releases Critical Security Update, Urges Users to Patch Immediately

GitLab warns of critical pipeline execution vulnerability

Google AI model under scrutiny as EU launches probe over data privacy

Google Chrome adds 3 new security features to boost your online safety and privacy

Google Unveils Air-gapped Backup Vaults to Protect Data from Ransomware Attacks

Hackers targeting WhatsUp Gold with public exploit since August

Highline Public Schools forced to shut all activities following a cyber attack

Hospital system to pay $65 million for dark web data leak, including images of nude cancer patients

How to spot a crypto "pig butchering" scam

Hunters Ransomware Group Allegedly Claims Breach of ICBC London

I asked cybersec pros for top picks on a secure smartphone: here's what they said

Internal disconnects vs. cybersecurity: How connectivity shapes challenges

Iranian Cyber Group OilRig Targets Iraqi Government in Sophisticated Malware Attack

Ireland's Watchdog Launches Inquiry into Google's AI Data Practices in Europe

Irish Data Protection Regulator to Investigate Google AI

July’s Disney Data Breach Included Financial and Strategy Secrets, Cruise Passenger and Staff PII

Kadokawa investigates new data leak following BlackSuit ransomware attack

Kali Linux 2024.3 Released with 11 New Hacking Tools

KemperSports reports a data breach impacting 62,000 individuals

Lazarus Group Targets Developers in Fresh VMConnect Campaign

Lehigh Valley Health Network agrees to $65M settlement over ransomware attack that leaked nude photos

Losses due to cryptocurrency and BEC scams are soaring

Mastercard Acquires Global Threat Intelligence Firm Recorded Future for $2.65bn

Mastercard expands cybersecurity footprint with acquisition of Recorded Future

New Android Banking Malware TrickMo Attacking Users To Steal Login Credentials

New Android Malware 'Ajina.Banker' Steals Financial Data and Bypasses 2FA via Telegram

New Vo1d malware infects 1.3 million Android TV streaming boxes

North Korean hackers target jobseekers, slipping malware into fake coding tests

NZ-based Bennett Currie customer data published following ransomware attack

Offensive Security Launches Kali Linux 2024.3 with Major Tool Upgrades

Open Source Updates Have 75% Chance of Breaking Apps

Private Malware to Ransomware-as-a-Service: the Rise of Mallox

Ransomware Attackers Exploit Education’s Desperation, Demand Excessive Payments

Ransomware Disguised as a Game: Kransom’s Attack Through DLL Side-Loading

Schools Face Million-Dollar Bills as Ransomware Rises

Security firm warns Bing and DuckDuckGo users of ‘Etherscan’ phishing website

Singapore Police arrest six men allegedly involved in a cybercrime syndicate

Six North Korean Threat Groups Under The Umbrella Of Lazarus

Suspect arrested over the Transport for London cyberattack

TD Bank Fined $28 Million by CFPB for Allegedly Sharing Inaccurate Customer Data

Teen Arrested in Connection with Transport for London Cyberattack

TfL Confirms Customer Data Breach, 17-Year-Old Suspect Arrested

The 18 biggest data breaches of the 21st century

Threat Actor Claims Fortinet Data Breach via Third-Party Service

Threat Actors Are Finding it Easier Than Ever to Breach Cyber-Defenses: Enter Data-Centric Security

Threat Actors Exploiting Legitimate Software For Stealthy Cyber Attacks

Top 3 Threat Report Insights for Q2 2024

Top priorities for federal cybersecurity: Infrastructure, zero trust, and AI-driven defense

Transport for London confirms customer data stolen in cyberattack

Turkish minister confirms vast personal data breach of millions

UK arrests teen linked to Transport for London cyber attack

UK NCA arrested a teenager linked to the attack on Transport for London

UK Recognizes Data Centers as Critical National Infrastructure

Urgent: GitLab Patches Critical Flaw Allowing Unauthorized Pipeline Job Execution

VirtualBox 7.1: This is a major update, here’s what’s new

Why All-in-One Platforms Are the Future of Cybersecurity

WordPress Mandates Two-Factor Authentication for Plugin and Theme Developers

WordPress To Mandate 2FA for Theme And Plugin Developers

11/09

12 dark web monitoring tools

72% of BEC attacks were from free webmail domains

Adobe fixes Acrobat Reader zero-day with public PoC exploit

Ally Financial faces class action lawsuit following cyberattack and data breach

Barely any businesses are really that confident about their security protection

Chinese ‘Crimson Palace’ Espionage Campaign Targets Southeast Asian Governments

Chinese DragonRank Hackers Exploit Global Windows Servers in SEO Fraud

Chinese hackers linked to cybercrime syndicate arrested in Singapore

Colorado Man Sentenced for Cyberstalking and Obstruction of Justice

Como criminosos hackers usam tecnologia para furtar carros “sem chave”

Corretora de criptomoedas sai do ar após perder milhões em hack e anuncia sorteio para acalmar clientes

CosmicBeetle Exploiting Old Vulnerabilities To Attack SMBs All Over The World

Criminal IP and IPLocation.io Join Forces for Enhanced IP Analysis

Cybersecurity is a fundamental component of patient care and safety

Data backup and recovery tools are failing businesses far more than expected

Data Breach Hits Immigrus: 7,000 Clients’ Personal Information Exposed

Developers Beware: Lazarus Group Uses Fake Coding Tests to Spread Malware

Developers Under Attack Via Fake Recruiter Coding Tests

Devious new cyberattack leaks secrets from LCD screen noise on air-gapped computers

DockerSpy: Search for images on Docker Hub, extract sensitive information

eBook: Keep assets secure after cloud migration

ETFs de Bitcoin são o próximo grande alvo para hackers norte-coreanos, diz Cyvers

Fake password manager coding test used to hack Python developers

Ford Files Patent to Collect Driver Data, Including Conversations, for In-Car Ads

Hacker afirma ter derrubado hoje aplicações “gov.br”

Hackers Attacking Credentials Stored Locations of the Browser

Hackers Can Abuse Active Directory Certificate Services to Establish Persistence

Hackers Exploit HTTP Response Header to Launch Sophisticated Phishing Attacks

Hackers Use Fake Domains to Trick Trump Supporters in Trading Card Scam

How AI and zero trust are transforming resilience strategies

Immediate threats or long-term security? Deciding where to focus is the modern CISO’s dilemma

India’s 5000 Cyber Commandos May Not Be Enough, Say Experts

Ivanti fixed a maximum severity flaw in its Endpoint Management software (EPM)

Ivanti patches serious endpoint management software security bugs, so update now

Ivanti Releases Urgent Security Updates for Endpoint Manager Vulnerabilities

Markel Launches New Cyber Insurance Policy for FinTech Firms

Massive data leak at MNA Healthcare exposes thousands of medical workers’ information

Microsoft confesses its recent security updates...broke Windows 10 security patches

Microsoft Fixes Four Actively Exploited Zero-Days

Microsoft Issues Patches for 79 Flaws, Including 3 Actively Exploited Windows Flaws

Microsoft Patch Tuesday security updates for September 2024 addressed four actively exploited zero-days

Microsoft Security Update, 4 Zero-days & 79 Vulnerabilities Fixed

Microsoft September 2024 Patch Tuesday: Addressing 79 New Vulnerabilities and Product Updates

New RansomHub Attack Killing Kaspersky’s TDSSKiller To Disable EDR

Only 5% of business leaders report seamless connectivity

Opus Security Elevates Vulnerability Management With its AI-Powered Multi-Layered Prioritization Engine

Poland's Supreme Court Blocks Pegasus Spyware Probe

PopinBorder Database Allegedly Breached

Progress Software issues fix for maximum severity vulnerability

Researchers Hacked EV Car Chargers To Execute Arbitrary Code

Researchers Spent $20 to Become Admin of .MOBI TLD

RipperSec and NoName057 Launch DDoS Attacks on Taiwanese Government Sites

Tewkesbury Council continues to respond to a significant cyber attack

Threat Actor Claims to Sell KFC Mexico Customer Database with Over 349,000 Records

Threat Actor Offers Network Access to Major Brazilian Real Estate Company

Transport for London CTO says hackers disrupted Dial a Ride service for the disabled

UK’s ICO and NCA Sign Memorandum to Boost Reporting and Resilience

What is Buffer Overflow?

Why Is It So Challenging to Go Passwordless?

Windows Smart App Control Zero-Day (CVE-2024-38217) Exploited Since 2018 Finally Fixed

WordPress.org to require 2FA for plugin developers by October

10/09

33 open-source cybersecurity solutions you didn’t know you needed

AI-Powered Deepfake Scams Wreak Havoc on Businesses

August 2024’s Most Wanted Malware: RansomHub Reigns Supreme While Meow Ransomware Surges

BreachSeek, AI-Based Automated Multi-Platform Penetration Testing Tool

Canadian Payment Gateway Slim CD Suffers Major Cyberattack, Impacting 1.7 Million Users

China-based cyber espionage campaign in SE Asia is expanding, says Sophos

China-Linked Threat Actors Target Taiwan Military Industry

Chinese Hackers Using Open Source Tools Like Nmap to Launch Cyber Attacks

CISA confirms that SonicWall vulnerability is getting exploited (CVE-2024-40766)

CISA Warns of Three Vulnerabilities That Are Actively Exploited in the Wild

CMS notifies nearly 950,000 individuals of data breach linked to MOVEit vulnerability

Columbus City Council says the cyberattack is a federal ongoing investigation

CosmicBeetle Deploys Custom ScRansom Ransomware, Partnering with RansomHub

Critical SonicWall SSLVPN Bug Exploited By Ransomware Actors

Cyberstalkers sextort $1.9M from young men via Apple Pay and Cash App

Data Allegedly from Thai Hospital Listed for Sale on Dark Web Forum

Data leak exposes 14,000 US medical professionals: what we know so far

DoJ Distributes $18.5m to Western Union Fraud Victims

Don’t Delay: Patch LoadMaster Now to Avoid Exploitation

Earth Preta Hackers Added New Tools To Their Arsenal

Electronic payment gateway Slim CD disclosed a data breach impacting 1.7M individuals

Experts Identify 3 Chinese-Linked Clusters Behind Cyberattacks in Southeast Asia

FBI warns of increased losses from crypto scams as crooks deepfake Apple's CEO

Flipper Zero Firmware 1.0 Released After 3 Years of Development

Flipper Zero releases Firmware 1.0 after three years of development

Highline Public Schools Forced to Close By Cyber-Attack

How human-led threat hunting complements automation in detecting cyber threats

India to Train 5,000 Cyber Commandos to Combat Growing Cybercrime

Infosecurity Magazine Online Summit Autumn 2024 Day One Sessions

Ivanti Endpoint Manager RCE Vulnerabilities Let Attackers Gain Server Access Remotely

Ivanti fixes maximum severity RCE bug in Endpoint Management software

Kenya Calls for Increased Investment in Cybersecurity to Protect Savings and Credit Cooperatives (SACCOs)

London High School Sent Students Home Following Ransomware Attack

Lowe’s employees targeted with malvertising campaign

Massive Spike in Crypto Fraud: FBI Reports Over $5.6 Billion Losses in 2023

Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes

Microsoft fixes Windows Smart App Control zero-day exploited since 2018

Microsoft September 2024 Patch Tuesday fixes 4 zero-days, 79 flaws

Mustang Panda Deploys Advanced Malware to Spy on Asia-Pacific Governments

Navigating Endpoint Privilege Management: Insights for CISOs and Admins

New Lookout Threat Research Proves Mobile Security Should Be Central to Modern Data Protection Strategies

New PIXHELL acoustic attack leaks secrets from LCD screen noise

New PIXHELL Attack Exploits Screen Noise to Exfiltrates Data from Air-Gapped Computers

New York health clinic forced to shut internal network following a ransomware attack

NoName ransomware gang deploying RansomHub malware in recent attacks

Palo Alto Networks details new ‘Repellent Scorpius’ group distributing Cicada3301 ransomware

Payment Gateway Platform SLIM CD Data Breach, 1.7 Million Users Data Exposed

Planned Parenthood of Montana Responds to RansomHub Cyberattack

Poland thwarted cyberattacks that were carried out by Russia and Belarus

Quad7 botnet evolves to more stealthy tactics to evade detection

Quad7 Botnet Operators Compromising Several Routers & VPN Appliances

RansomHub ransomware abuses Kaspersky TDSSKiller to disable EDR software

Researcher Exploited CI / CD Pipelines To Gain Full Server Access

Researchers Detail Attacks on Air-Gapped Computers to Steal Data

Researchers turn RAM into radio antenna, beaming secrets from air-gapped system

Russian pro-democracy nonprofit investigates alleged data breach by Kremlin-backed hackers

Seventh Sense Unveils Revolutionary Privacy-Preserving Face-Based Public Key Infrastructure and eID Solution

Shining a Light on Shadow Apps: The Invisible Gateway to SaaS Data Breaches

Small Business, Big Threats: INE Security Launches Initiative to Train SMBs to Close a Critical Skills Gap

'Still no evidence of data loss' from cyber attack

Tech stack uniformity has become a systemic vulnerability

The Justice Department (DoJ) Distributes $18.5m to Western Union Fraud Victims

The Role of VPNs in Protecting Online Privacy

Third-party risk management can learn a lot from the musk ox

Transport for London staff face limited system access following cyber attack

Trustwave Reveals the Financial Sector's Cyber Threats

Uncovering a sophisticated phishing attack via WordPress theme exploitation

U.S. chipmaker Microchip says hackers stole employees' sensitive personal information

U.S. CISA adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog

“View Once” messages on WhatsApp can be accessed repeatedly, researchers warn

Zyxel fixes critical command injection flaw in EOL NAS devices (CVE-2024-6342)

Zyxel NAS Devices Vulnerable to Command Injection Attacks

Want to get ahead? Four activities that can enable a more proactive security regime

Was your Social Security number leaked to the dark web? Here's how to find out

Washington state school district closed for second day after cyberattack

Western intelligence agencies warn of Russian GRU cyber-attacks on NATO and EU nations

Western Union fraud victims reimbursed, millions paid out

What is Asymmetric Cryptography?

What is Border Gateway Protocol (BGP)?

WhatsApp View Once Privacy Flaw Exploited by Attackers in the Wild

Wifi routers and VPN appliances targeted by notorious botnet Quad7

Windows 10 KB5043064 update released with 6 fixes, security updates

Wix to block Russian users starting September 12

09/09

7 Ways to Enhance Cybersecurity with AI and ML

A Threat Actor Claims Data Breach of Muzu.co

Agência de inteligência alemã faz alerta contra grupo de hackers russos

AI content-based threats not dominating yet, but the breaking point is coming

AI cybersecurity needs to be as multi-layered as the system it’s protecting

Avis Car Rental suffers a data breach, exposing the personal information of customers

Avis Data Breach: Car Rental Firm Informs Customers that Cyberattack Leaked Sensitive Data

Avis hit by major data breach, customer data affected

Avis Rent A Car announces data breach

Best practices for implementing the Principle of Least Privilege

Beware Of Malicious Chrome Extension That Delivers Weaponized ZIP Archive

Biggin Hill School Closes Due to Ransomware Attack

Bitcoin ATMs Now Become as a Playground for Scammers

Blind Eagle Targets Colombian Insurance Sector with Customized Quasar RAT

Car Giant Avis Reveals Breach Impacted 300,000 Customers

Chinese Hackers Exploit Visual Studio Code in Southeast Asian Cyberattacks

Cisco's merch store targeted by dangerous malware

Confidant Health database exposed 5.3 terabytes of patient information

Critical IBM webMethods Vulnerabilites Let Attackers Execute Arbitrary Commands

Critical SonicWall Vulnerability Possibly Exploited in Ransomware Attacks

Critical Vulnerabilities Disclosed in IBM webMethods Integration Server

Crypto-friendly Russian laws could become a headache for the West

Cyber-Attack on Payment Gateway Exposes 1.7 Million Credit Card Details

CyberVolk Group Claims Cyber Attacks Against Chinese Companies

DDoS Attacks Double With Governments Most Targeted

Did a Cyberattack Cause the Centrelink Outage? Twitter Speculates

Emergency Fix Issued for 10/10 Severity Vulnerability in LoadMaster Products

End of an era: Security budget growth slows down

Escritório hacker trocava Imei de telefones e tablets furtados em BH

Florida IT security company inadvertently hires North Korean hacker

Fog Ransomware Group Attacking Employees of Financial Services Sector

German intelligence says Russian GRU group behind NATO, EU cyberattacks

Hackers Exploiting GeoServer RCE Vulnerability to Deploy Malware

Hackers Stolen 300,000 Users Personal Data in Cyber Attack at Car Rental Firm

Highline Public Schools Closed Due to Cybersecurity Incident

Highline Public Schools closes schools following cyberattack

Highline Public Schools Hit by Cyberattack, Classes Canceled

How AI can cut through the security noise

How to defend against brute force and password spray attacks

Iranian Vice President Highlights Fuel Station Vulnerability to Cyberattacks

Kibana Vulnerabilities Let Attackers Execute Arbitrary Code

Lazarus Group Targets Blockchain Pros with Fake Video Conferencing, Job Scam

Major US car rental breach exposes hundreds of thousands

Man Charged in AI-Generated Music Fraud on Spotify and Apple Music

Meta fixes easily bypassed WhatsApp ‘View Once’ privacy feature

Metro Pacific Tollways Corporation (MPTC) confirms ‘limited’ data breach affecting Easytrip user accounts

Millions impacted by payment provider hack – here's how to stay safe

Multiple malware families delivered exploiting GeoServer GeoTools flaw CVE-2024-36401

New Android SpyAgent Malware Uses OCR to Steal Crypto Wallet Recovery Keys

New Cyber Espionage Campaign Targets Taiwanese Drone Manufacturers

New RAMBO Attack Uses RAM Radio Signals to Steal Data from Air-Gapped Networks

New Veeam Vulnerability Puts Thousands of Backup Servers at Risk – PATCH NOW!

One More Tool Will Do It? Reflecting on the CrowdStrike Fallout

OpenZiti: Secure, open-source networking for your applications

Payment gateway data breach affects 1.7 million credit card owners

Payment Gateway SLIM CD Data Breach: 1.7 Million Users Impacted

Phishing in focus: Disinformation, election and identity fraud

Planned Parenthood of Montana experienced a cyber attack

Predator spyware operation is back with a new infrastructure

Progress Software fixed a maximum severity flaw in LoadMaster

Progress Software Issues Patch for Vulnerability in LoadMaster and MT Hypervisor

Reputational Hijacking with JamPlus: A New Technique to Bypass Smart App Control (SAC)

Russian Military Hackers Attacking Attacking U.S. and Global Critical Infrastructure

Sistemas do STJ viram alvo de ataque hacker

Soldado “hacker” que invadiu computador da tenente pra ver fotos íntimas tem HC negado pelo STM

Technology Causes “Digital Entropy” as Firms Struggle With Governance

TfL Admits Some Services Are Down Following Cyber-Attack

Threat Actor “888” Allegedly Leaks Plastix Marketing Database, Exposing Over 34,000 User Records

Threat Actor Claims Breach of Stoxkart Database

Threat Actor Claims Dibcase Data Breach, Exposes 4 Million Client Records

TIDRONE APT targets drone manufacturers in Taiwan

TIDRONE Espionage Group Targets Taiwan Drone Makers in Cyber Campaign

Two Arrested by FBI for Credit Card Fraud Could Face 20-Yrs Prison

Understand How Threat Intelligence Benefits for a Business

Updating secure boot is crucial to keeping systems secure and working properly

U.S. Offers $10 Million for Info on Russian Cadet Blizzard Hackers Behind Major Attacks

USAA system breach exposes personal data of over 32,000 customers nationwide

Veeam Backup & Replication RCE flaw may soon be leveraged by ransomware gangs (CVE-2024-40711)

Webinar: How to Protect Your Company from GenAI Data Leakage Without Losing It's Productivity Benefits

What is a TPM, and why does Windows 11 require one?

What’s next after the CISO role?

Wing Security SaaS Pulse: Continuous Security & Actionable Insights — For Free

08/09

900,000 Americans on Medicare Warned of Data Breach

Centers for Medicare & Medicaid Services (CMS) Notifies Individuals Potentially Impacted by Data Breach

Cyber Expert Finds Phishing Campaign Targeting School Children

Exploring modern Hacktivist tactics, a threat to digital infrastructure

Feds indicted two alleged administrators of WWH Club dark web marketplace

Huge data breach involving social security numbers could impact millions of Americans

Iranian hackers ramp up digital attacks on US political campaigns

More than $100,000 lost in days to Singtel SMS scam

Penpie Hacker Launders $27M Through Tornado Cash, Ignoring Bounty Offer: Report

Progress LoadMaster vulnerable to 10/10 severity RCE flaw

Rádios e sistemas da PMDF ficam fora do ar em “possível” ataque hacker

STJ é alvo de ataque hacker, mas informa que não houve prejuízo ao sistema

STJ sofre tentativa de ataque hacker; tribunal diz que não houve prejuízo ao sistema

The adaptable Cicada3301 ransomware attacks Windows and Linux PCs

Threat Actor Claims to Sell Web Shell Access to a Major Rental and Retail Company

Whale phishing scam: Pune IT firm’s HR manager duped into buying gift cards worth Rs 10 lakh

Daily News - Setembro (01/09 - 07/09) - 36 Semana de 2024