Data Security News
The Hacker News
- Apache Cordova App Harness Targeted in Dependency Confusion Attackby [email protected] (The Hacker News)
Researchers have identified a dependency confusion vulnerability impacting an archived Apache project called Cordova App Harness. Dependency […]
- Webinar: Learn Proactive Supply Chain Threat Hunting Techniquesby [email protected] (The Hacker News)
In the high-stakes world of cybersecurity, the battleground has shifted. Supply chain attacks have emerged as a potent threat, exploiting the […]
- Police Chiefs Call for Solutions to Access Encrypted Data in Serious Crime Casesby [email protected] (The Hacker News)
European Police Chiefs said that the complementary partnership between law enforcement agencies and the technology industry is at risk due to […]
- Unmasking the True Cost of Cyberattacks: Beyond Ransom and Recoveryby [email protected] (The Hacker News)
Cybersecurity breaches can be devastating for both individuals and businesses alike. While many people tend to focus on understanding how and why […]
- German Authorities Issue Arrest Warrants for Three Suspected Chinese Spiesby [email protected] (The Hacker News)
German authorities said they have issued arrest warrants against three citizens on suspicion of spying for China. The full names of the […]
- U.S. Imposes Visa Restrictions on 13 Linked to Commercial Spyware Misuseby [email protected] (The Hacker News)
The U.S. Department of State on Monday said it's taking steps to impose visa restrictions on 13 individuals who are allegedly involved in the […]
- Russia's APT28 Exploited Windows Print Spooler Flaw to Deploy 'GooseEgg' Malwareby [email protected] (The Hacker News)
The Russia-linked nation-state threat actor tracked as APT28 weaponized a security flaw in the Microsoft Windows Print Spooler component to deliver […]
- ToddyCat Hacker Group Uses Advanced Tools for Industrial-Scale Data Theftby [email protected] (The Hacker News)
The threat actor known as ToddyCat has been observed using a wide range of tools to retain access to compromised environments and steal valuable […]
Graham Cluley Blog
- City street lights “misbehave” after ransomware attackby Graham Cluley
The UK's Leicester City Council was thrown into chaos last month when a crippling cyber attack forced it to shut down its IT systems and phone lines. […]
- Change Healthcare data for sale on dark web as fallout from ransomware attack spirals out of controlby Graham Cluley
February's crippling ransomware attack against Change Healthcare, which saw prescription orders delayed across the United States, continues to have […]
- 3.5 million Omni Hotel guest details held to ransom by Daixin Teamby Graham Cluley
The international hotel chain Omni Hotels & Resorts has confirmed that a cyber attack last month saw it shut down its systems, with hackers […]
- Police smash LabHost international fraud network, 37 arrestedby Graham Cluley
Police have successfully infiltrated and disrupted the fraud platform "LabHost", used by more than 2,000 criminals to defraud victims worldwide. […]
- Smashing Security podcast #368: Gary Barlow, and a scam turns deadlyby Graham Cluley
Take That's Gary Barlow chats up a pizza-slinging granny from Essex via Facebook, or does he? And a scam takes a sinister turn - for both the person […]
- Zambia arrests 77 people in swoop on “scam” call centreby Graham Cluley
Law enforcement officers in Zambia have arrested 77 people at a call centre company they allege had employed local school-leavers to engage in scam […]
- East Central University suffers BlackSuit ransomware attackby Graham Cluley
The East Central University (ECU) of Ada, Oklahoma, has revealed that a ransomware gang launched an attack against its systems that left some […]
- DragonForce ransomware – what you need to knowby Graham Cluley
Learn more about the DragonForce ransomware - how it came to prominence, and some of the unusual tactics used by the hackers who extort money from […]
Infosecurity Magazine
- US Imposes Visa Restrictions on Alleged Spyware Figures
The move is reportedly part of a broader effort to counter the misuse of surveillance technology
- End-to-End Encryption Sparks Concerns Among EU Law Enforcement
The call comes amid the rollout of end-to-end encryption on Meta’s Messenger platform
- Millions of Americans' Data Potentially Exposed in Change Healthcare Hack
Millions of Americans may be impacted by the Change Healthcare data breach as UnitedHealth confirms exposed data includes personal and health […]
- Vulnerability Exploitation on the Rise as Attackers Ditch Phishing
Mandiant’s latest M-Trends report found that vulnerability exploitation was the most common initial infection vector in 2023, making up 38% of […]
- Russian Sandworm Group Hit 20 Ukrainian Energy and Water Sites
Notorious APT44 group Sandworm launched a major campaign against Ukrainian critical infrastructure in March
- Russian APT28 Group in New “GooseEgg” Hacking Campaign
Microsoft has warned of a long-running credential stealing campaign from Russia’s APT28
- Fraudsters Exploit Telegram’s Popularity For Toncoin Scam
The scheme was uncovered by Kaspersky and has been operational since November 2023
- Dependency Confusion Vulnerability Found in Apache Project
This occurs when a private package fetches a similar public one, leading to exploit due to misconfigurations in package managers
Dark Reading News
- CompTIA Supports Department of Defense Efforts to Strengthen Cyber Knowledge and Skills
- 5 Hard Truths About the State of Cloud Security 2024by Ericka Chickowski, Contributing Writer
Dark Reading talks cloud security with John Kindervag, the godfather of zero trust.
- Siemens Working on Fix for Device Affected by Palo Alto Firewall Bugby Jai Vijayan, Contributing Writer
Growing attacks targeting the flaw prompted CISA to include it in the known exploited vulnerabilities catalog earlier this month.
- Hackers Create Legit Phishing Links With Ghost GitHub, GitLab Commentsby Nate Nelson, Contributing Writer
An utterly innocuous feature in popular Git CDNs allows anyone to conceal malware behind brand names, without those brands being any the wiser.
- Back from the Brink: UnitedHealth Offers Sobering Post-Attack Updateby Dark Reading Staff
The company reports most systems are functioning again but that analysis of the data affected will take months to complete.
- Lessons for CISOs From OWASP's LLM Top 10by Kevin Bocek
It's time to start regulating LLMs to ensure they're accurately trained and ready to handle business deals that could affect the bottom line.
- US Gov Slaps Visa Restrictions on Spyware Honchosby Dark Reading Staff
The State Department can now deny entrance to the US for individuals accused of profiting from spyware-related human rights abuses, and their […]
- Russia's Fancy Bear Pummels Windows Print Spooler Bugby Elizabeth Montalbano, Contributing Writer
The infamous Russian threat actor has created a custom tool called GooseEgg to exploit CVE-2022-38028 in cyber-espionage attacks against targets in […]