The US Cybersecurity and Infrastructure Security Agency (CISA) published advisories last week to inform organizations using Hitachi Energy products about several recently addressed critical and high-severity vulnerabilities.
The Hive ransomware gang this week added the company to its Tor leak site, threatening to publish the stolen data. The gang states that the attack took place on December 3rd, 2022 and the attack was disclosed on January 6, 2023.
Pennsylvania-based nonprofit Maternal and Family Health Services this week revealed a ransomware attack in April 2022 that compromised patient medical and financial data.
A Russian hacking team known as Cold River targeted three nuclear research laboratories in the United States this past summer, according to internet records reviewed by Reuters and five cyber security experts.
Information-stealer Vidar is once again found exploiting social media services such as TikTok, Telegram, Steam, and Mastodon as an intermediate command-and-control (C2) server. One advantage of this tactic is that such traffic is really difficult to identify and block using trivial security solutions. The abuse of top platforms as the intermediary C2 gives a longer […]
A municipal ambulance services provider that serves 15 cities in a Texas county has reported to federal regulators a ransomware attack potentially affecting 612,000 individuals, equivalent to nearly 30% of the county’s 2.1 million population.
Researchers unearthed an interesting technique used by threat actors wherein they use WerFault.exe, the Windows Error Reporting tool, to execute Pupy RAT on the victims’ machine. The use of ISO files and abuse of genuine Windows tools to deliver Pupy RAT indicates that the operators of this campaign know what will keep them under the radar.
The list of potentially compromised data includes their names, email addresses, phone numbers, latest transactions, and Flying Blue information like their earned miles balance.
More signs truth may be stranger than fiction: Seattle police have charged a software programmer with engineering a fraud scheme inspired by the online heist in the 1999 black comedy film “Office Space.”
Aqua Nautilus researchers have recently discovered that attackers can easily impersonate popular Visual Studio Code extensions and trick unknowing developers into downloading them.