Data of around 2.5 million Bharti Airtel subscribers of Jammu and Kashmir circle, including Aadhaar numbers, address, and date of birth, has reportedly been leaked by hackers.

A survey of 240 CISOs and 2000 UK workers showed that insecure staff behaviors remain prevalent, nearly a year since the mass shift to remote working as a result of COVID-19.

Government reveals there has been no indication its systems or the country’s critical information infrastructures have been severely impacted by the SolarWinds supply chain breach.

Two of the flaws (CVE-2021-25274 and CVE-2021-25275) were identified in the SolarWinds Orion Platform, while a third separate weakness (CVE-2021-25276) was found in the Serv-U FTP server for Windows.

Dubbed Operation LadyBird, Emotet’s infrastructure was taken down by the joint collaboration between law enforcement agencies from the U.S., the U.K, Canada, along with Europol and Eurojust.

Dubbed Oscorp, the malware abuses accessibility services in Android devices to steal user credentials and media content. The malware gets its name from the title of the login page of its C2 server. 

Data of as many as 8,700 clients has been impacted and Ramsey County is not the only local government affected by this attack. In some cases, the Social Security number may also have been exposed.

Once the malware has landed on a supercomputer, the code buries itself in an OpenSSH server executable and will trigger the backdoor if a call is made through a specific TCP source port.

At least one major ransomware gang is abusing vulnerabilities in the VMWare ESXi product to take over virtual machines deployed in enterprise environments and encrypt their virtual hard drives.

Security researchers on Tuesday uncovered new delivery and evasion techniques adopted by Agent Tesla remote access trojan (RAT) to get around defense barriers and monitor its victims.