Month: May 2024

0 Comments
The BBC has confirmed a breach of its pension scheme, exposing the personal data of many of its employees. The public service broadcaster revealed that attackers copied files containing some BBC Trust members’ personal details from a cloud-based storage device. The information includes names, National Insurance numbers, dates of birth and home addresses. The BBC
0 Comments
May 31, 2024NewsroomNetwork Security / Cyber Attack More than 600,000 small office/home office (SOHO) routers are estimated to have been bricked and taken offline following a destructive cyber attack staged by unidentified cyber actors, disrupting users’ access to the internet. The mysterious event, which took place between October 25 and 27, 2023, and impacted a
0 Comments
A new operation coordinated by Europol has targeted several significant malware droppers, including IcedID, SystemBC, Pikabot, Smokeloader, Bumblebee and Trickbot.  Dubbed “Endgame” and conducted between May 27 and 29 2024, the operation aimed to disrupt criminal networks by arresting high-value targets, dismantling their infrastructure and freezing illicit proceeds. The targeted malware facilitated ransomware and other malicious
0 Comments
Hundreds of cybersecurity professionals, analysts and decision-makers came together earlier this month for ESET World 2024, a conference that showcased the company’s vision and technological advancements and featured a number of insightful talks about the latest trends in cybersecurity and beyond. The topics ran the gamut, but it’s safe to say that the subjects that
0 Comments
May 30, 2024NewsroomLinux / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting the Linux kernel to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2024-1086 (CVSS score: 7.8), the high-severity issue relates to a use-after-free bug in the netfilter component that permits
0 Comments
A malicious email campaign has been discovered leveraging piano-themed messages to perpetrate advance fee fraud (AFF) scams.  These campaigns, active since at least January 2024, primarily target students and faculty at North American colleges and universities.  However, industries such as healthcare and food and beverage services have also been affected. According to Proofpoint, who discovered
0 Comments
Cybersecurity firm Check Point has urged customers to review their VPN configurations to prevent potential exploitation by threat actors seeking initial access to enterprise networks. Writing in a security advisory on Monday, the company reported that VPNs from various cybersecurity vendors have been increasingly targeted.  In particular, Check Point has observed attempts to breach its
0 Comments
Source code of fake Pegasus spyware is being sold on the surface web, the dark web and instant messaging platforms, CloudSEK has found. Following Apple’s recent warning about “mercenary spyware” attacks, cloud security provider CloudSEK investigated the clear and dark web for spyware-related threats. The firm analyzed approximately 25,000 Telegram posts and found that many
0 Comments
May 24, 2024NewsroomMalvertising / Endpoint Security Threat actors have been observed making use of fake websites masquerading as legitimate antivirus solutions from Avast, Bitdefender, and Malwarebytes to propagate malware capable of stealing sensitive information from Android and Windows devices. “Hosting malicious software through sites which look legitimate is predatory to general consumers, especially those who
0 Comments
May 25, 2024NewsroomMachine Learning / Data Breach Cybersecurity researchers have discovered a critical security flaw in an artificial intelligence (AI)-as-a-service provider Replicate that could have allowed threat actors to gain access to proprietary AI models and sensitive information. “Exploitation of this vulnerability would have allowed unauthorized access to the AI prompts and results of all
0 Comments
Australian patients’ health and personal information has reportedly been published online by following the ransomware attack on medical prescriptions provider MediSecure. The Melbourne-based company confirmed on May 24 that a data set containing the personal information and limited health data of its customers has been posted onto a dark web forum by a cybercriminal group.
0 Comments
May 24, 2024NewsroomEndpoint Security / Threat Intelligence The MITRE Corporation has revealed that the cyber attack targeting the not-for-profit company towards late December 2023 by exploiting zero-day flaws in Ivanti Connect Secure (ICS) involved the actor creating rogue virtual machines (VMs) within its VMware environment. “The adversary created their own rogue VMs within the VMware
0 Comments
Security researchers have revealed a series of criminal campaigns that exploit cloud storage services such as Amazon S3, Google Cloud Storage, Backblaze B2 and IBM Cloud Object Storage.  These campaigns, driven by unnamed threat actors, aim to redirect users to malicious websites to steal their information using SMS messages. According to a technical write-up published
0 Comments
May 23, 2024NewsroomRansomware / Virtualization Ransomware attacks targeting VMware ESXi infrastructure following an established pattern regardless of the file-encrypting malware deployed. “Virtualization platforms are a core component of organizational IT infrastructure, yet they often suffer from inherent misconfigurations and vulnerabilities, making them a lucrative and highly effective target for threat actors to abuse,” cybersecurity firm
0 Comments
Security experts have reported a 341% increase in malicious phishing links, business email compromise (BEC), QR code and attachment-based threats in the past six months.  This data comes from SlashNext’s mid-year The State of Phishing 2024 report, which also identified an 856% increase in malicious email and messaging threats over the previous 12 months. Since the
0 Comments
Cybersecurity researchers have disclosed details of a previously undocumented threat group called Unfading Sea Haze that’s believed to have been active since 2018. The intrusion singled out high-level organizations in South China Sea countries, particularly military and government targets, Bitdefender said in a report shared with The Hacker News. “The investigation revealed a troubling trend
0 Comments
Security researchers have observed a new DoppelGänger campaign dubbed Operation Matriochka aimed at challenging the credibility of journalists and fact-checkers since May 2022.  By leveraging X (formerly Twitter), the operation not only disseminated disinformation articles but also engaged in commenting and sharing to prompt further investigation. According to a technical write-up published by the Sekoia
0 Comments
May 21, 2024NewsroomVulnerability / Software Development GitHub has rolled out fixes to address a maximum severity flaw in the GitHub Enterprise Server (GHES) that could allow an attacker to bypass authentication protections. Tracked as CVE-2024-4985 (CVSS score: 10.0), the issue could permit unauthorized access to an instance without requiring prior authentication. “On instances that use
0 Comments
A new report has revealed that 59% of geographically distributed businesses encounter network issues at least once a month.  Kaspersky’s findings, titled “Managing geographically distributed businesses: challenges and solutions,” highlight the frequent network outages, lost connections and poor performance of services and applications that these companies face. The study also shows that 46% of these businesses