AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Cyber ​​incidents

CERT-UA alert: PurpleFox outbreak in UkraineUnder attack: measures to combat PurpleFox's infiltration into UkraineThe Ukrainian CERT-UA has detected a wide spread of PurpleFox malware, recommending updating systems and using antivirus to identify and remove the virus.

Critical vulnerability for Mercedes-Benz: GitHub token exposureInadvertent exposure of a company token puts Mercedes-Benz's IT security to the testMercedes-Benz faced a data leak because an employee exposed a GitHub token, allowing access to important source code. The company responded by revoking the token and strengthening security measures.

HP Enterprise data breach: Nobelium investigatedIn-depth analysis of the recent cyber attack on HP Enterprise and possible connections with past episodesHP Enterprise suffered a cyber attack where data was stolen from its emails, probably by Midnight Blizzard, a group linked to Russian intelligence. The connection with other similar attacks is being investigated.

Massive data exposure: global breach discoveredIncredible security incident: 26 billion data exposedA 12 terabyte database with 26 billion sensitive records has been exposed online. Researchers recommend strong passwords and multi-factor authentication to protect yourself.

Data leak: 71 million online credentials exposedThe serious security breach reveals the need for enhanced protective measures for usersA hacker has leaked 71 million user credentials online from major platforms such as Facebook and Roblox. The data includes emails and 25 million unencrypted passwords. We recommend using strong passwords and two-factor authentication.

Security alert: Ivanti Connect Secure VPN under attackIncrease in attacks on Ivanti VPN systems highlights critical issues in corporate cybersecurityTwo serious vulnerabilities, CVE-2023-46805 and CVE-2024-21887, affected Ivanti VPNs, with attacks starting in December 2023. It is estimated that there are over 18,000 devices at risk globally. Ivanti has provided safety guidelines.

Cybercrime in Ukraine: cryptojacking operation dismantledInternational operation against illegal cryptocurrency miningA 29-year-old man who illegally created a million virtual servers to generate cryptocurrencies, earning $2 million, has been arrested in Ukraine. Europol and local police worked together to stop him after reports of suspicious activity.

AsyncRAT: a large-scale cyber breachInfiltration and evasive strategies: the RAT that threatens digital securityAsyncRAT, a remote access tool for Windows, was used in a cyberattack to infiltrate and steal data from systems, targeting critical infrastructure in the US.

Difficulty in accessing italian users via SPID on EU LoginInteroperability of digital identities: nodes and disservices in the SPID authentication system for Italian usersMany Italians are having problems accessing European web services via SPID, due to a persistent error. At the root of the problem would be the Italian eIDAS node, still in the process of being updated. This latest delay is negatively impacting users' job opportunities.

Large-scale theft of cryptocurrencies via phishingAnalysis of sophisticated cybercriminal strategies in the cryptocurrency sectorThe text reports that in 2023 a powerful malware, called "Wallet drainer", caused a loss of 295 million dollars in cryptocurrencies to 324,000 users. There are criminal groups, such as Monkey Drainer and Inferno Drainer, who have perpetrated phishing attacks by evading security systems. Despite advertising...

Yahoo data breaches: Food for thought on cybersecurityThe implications of the Yahoo data breach and the need for greater cybersecurityThe article discusses cyber breaches suffered by Yahoo in 2013 and 2014 that exposed data of billions of users. The attack was facilitated by phishing techniques and outdated encryption. Yahoo's secrecy and poor data security management led to serious consequences, including a hefty fine. After the incident,...

Cyber intrusion hits Yakult Australia and New ZealandDragonForce releases 95GB of leaked data: Buttonware known for production of popular probiotic beverageThe well-known company Yakult Australia was the victim of a cyber attack. The "DragonForce" criminal group claimed responsibility for the raid, during which 95GB of company data was allegedly stolen and subsequently disclosed. Despite the accident, the company's offices are operational. The investigations...

Corewell Health security breachData from over a million Michigan residents stolenMichigan healthcare provider Corewell Health's cybersecurity was breached, exposing sensitive data of more than a million residents. The compromised information includes personal and medical data. HealthEC, the platform involved, has started sending notifications to affected individuals, offering free...

Malware campaign targets banking informationThe artifice of the attacks has been revealed: between malicious scripts, camouflage and links with DanaBotA recent malware campaign carried out a JavaScript injection attack, targeting 50,000 users at 40 banking institutions around the world. The malware injects a malicious script into the user's browser, modifying banks' web pages and stealing data. Cybercriminals used sophisticated techniques to bypass...

Cyber Warfare fragments: attacks in Africa with MuddyC2GoUnder the radar: operational tactics and emerging tools of the MuddyWater groupIranian hacker group MuddyWater has strengthened attacks on telecommunications in Africa, via a new system called MuddyC2Go. This system, managed remotely, facilitates cyber attacks and spreads through phishing emails or by exploiting vulnerabilities in outdated software. MuddyWater will try to remain...

Play ransomware alert: 300 entities affected, including critical infrastructureThe modus operandi of the Play cybercriminal group and advice for countering its attacksThe FBI, CISA and ASD's ACSC warn against the activities of the Play ransomware cybercriminal group, responsible for cyber breaches globally. The group uses data stolen before the attack as a threat to demand ransom. Agencies recommend implementing multi-factor authentication, software updates, and recovery...

Impact of Lockbit ransomware on public administration: analysis and perspectivesRepercussions, modus operandi and responses: a detailed look at the attack on Westpole and Digital PAThe article discusses the Lockbit attack which heavily damaged the Italian Public Administration (PA), affecting over a thousand public bodies. The attackers used the Ransomware as a Service (RaaS) crime model, which involves using ransomware to gain monetary gain. PA Digitale is working to mitigate...

MongoDB security breach investigationIllegal access to company systems: MongoDB launches investigations and strengthens security measuresDatabase software company MongoDB said it is under investigation for a security breach. While the exposure of customer data on the MongoDB Atlas cloud platform is unclear, customers are urged to implement multi-factor authentications and regularly change passwords on MongoDB Atlas.

Critical RCE vulnerability discovered in Apache Struts 2: recommendations and fixesTechnical look at the RCE threat: details, implications and how to protect yourselfHackers are attacking Apache Struts 2, which is vulnerable due to a Remote Code Execution (RCE) flaw. The vulnerability, known as CVE-2023-50164, allows an attacker to upload a malicious file, resulting in an attack. Struts users are advised to update to the correct version as soon as possible to avoid...

Kraft Heinz investigation into possible data theft by ransomwareCyber attack under investigation: Kraft Heinz targeted by Snatch ransomware groupGlobal company Kraft Heinz is under investigation for an alleged cyberattack by ransomware group 'Snatch'. The latter included Kraft Foods in their victim list, although without providing concrete evidence of the attack. Kraft Heinz, however, detected no problems in its corporate network. 'Snatch' uses...

Nissan investigation into cyber attackNissan Oceania computer systems affected: potential data compromiseNissan is investigating a cyber attack on its systems in Australia and New Zealand, which could have allowed access to personal data. The company warned customers about the potential data compromise. Nissan is working with security experts to understand the extent of the unauthorized access.

Cyber incursions into US water utilitiesAmerica's water systems under attack: How cyber terrorism hits resource-constrained utilitiesCyber attacks on US water systems by Iran's Revolutionary Guard raise cyber security concerns. While there was no impact on water quality, the event is seen as a warning to organizations that rely on operational technologies. Federal authorities and the EPA are working to strengthen safety, especially...

JAXA under cyber attack. The safety of the space program is a concernThe risk of cyber vulnerability: details of the attack and implicationsThe Japan Aerospace Exploration Agency (JAXA) has suffered a cyberattack due to a Microsoft Active Directory breach, raising concerns about the security of Japan's space program data. According to reports, JAXA has previously been the target of hackers potentially linked to foreign governments. In response...

Cyberattacks and cryptocurrency laundering: North Korea's strategySanction evasion strategies and social engineering techniques adoptedThe North Korea-linked Lazarus Group uses technology to steal cryptocurrencies, bypassing sanctions. They stole around $3 billion in 6 years, taking advantage of DeFi systems to mask their tracks.

Crisis in aviation: Rosaviatsia targeted by cyberattackCyber attack exposes vulnerability of Russian aviation sectorUkrainian intelligence claims to have hit the Russian aeronautical agency Rosaviatsia with a cyberattack, causing problems for the Russian flight sector, already in difficulty due to sanctions that limit maintenance and spare parts.

CyberLink supply chain intrusion by North Korean hackersCyberLink installer compromise: the sophisticated operation of the Lazarus groupNorth Korean hacker group Lazarus attacked Taiwan's CyberLink company, spreading malware through altered company software. Microsoft detected the attack and notified affected users.

Denmark the target of a massive cyber attack by Russian hackersContrast and defense strategies in the era of international cyber offensivesA group of Russian hackers has launched a large-scale cyberattack against Danish infrastructure and institutions, using phishing and advanced malware. Coordinated action for safety and prevention is essential.

Security breach at Toronto librariesCrisis management and post-accident containment measuresToronto libraries have been hit by a ransomware attack, potentially exposing personal data. Authorities and libraries work together to investigate and improve security.

IT crisis in a leading company in the banking sectorThe emergence of new risks for the global financial system following cyber-attacksThe largest bank in the world suffered a cyber attack that forced it to use USB for market operations. This shows the importance of improving IT security in the banking sector.

Cyber-espionage campaign impacts Israeli hi-tech sectorChallenges in cyberspace: the battle to defend Israeli trade secretsA group of Iranian hackers attacked Israel's tech sector, stealing data and putting corporate networks at risk through phishing and malware. The international community is working to counter the threat.

Security breach at Henry County schoolsStrengthening digital defenses in educationA cyber attack threatened the security of Henry County's school network. Measures have been taken to protect the data and the attack is being investigated to improve security.

Response to major digital intrusion at Australian portsEmergency measures and economic impact post-cyber attack in logistics nodesAn Australian port has halted operations due to a cyber attack. The causes are being investigated and security is being strengthened to prevent future damage. This has economic and logistical impacts.

Global banking giant under ransomware attackA look at the ICBC ransomware incident and prevention strategiesICBC Bank was hit by a ransomware attack that put data and financial operations at risk. It responded by activating safety protocols to contain the damage and protect customers.

Mega DDoS attacks target Russian banking sectorIntensification of cyber attacks against Russian financial infrastructureSberbank, the main Russian bank, suffered a large-scale DDoS attack with one million requests per second, a peak never before recorded for the institution. The attack was more sophisticated than previous episodes.

Security alert for Atlassian: the escalation of a critical riskWarning about the consequences of exploits on Atlassian: an urgent call to strengthen defensesWarning: A serious vulnerability (CVE-2023-22518) has been discovered in Atlassian Confluence Server and Data Center with maximum risk. An urgent update is recommended to prevent ransomware attacks.

Cybersecurity on alert: Canadian clinics in checkCyber security at risk: Canadian healthcare faces large-scale data breachesFive Canadian healthcare facilities have been hit by a ransomware attack that caused the leak of sensitive patient and employee data. The Daixin group claimed responsibility for the action. Investigations are underway.

Exponential increase in cyber attacks in IndiaDramatic increase in cyber threats in the Indian nation: a worrying overviewA report by Indusface reveals that India suffered over 1.6 billion cyber attacks in the second quarter of 2023, registering a 70% increase. DDoS attacks have increased with the main victims being India, the United States, Germany and the United Kingdom. The report also highlights over two billion blocked...

LockBit ransomware group targets BoeingAn anti-ransomware defense plan is essential for companies like BoeingHacking group LockBit has targeted Boeing, threatening to release stolen data if they don't pay a ransom. LockBit has hacked many multinationals and earned millions of dollars. Boeing is investigating the situation and promises an update. Previous LockBit attacks may also involve Boeing.

Canadian hospitals under cyber attack: suspected ransomwareAn attack that puts the security of sensitive data and the functioning of crucial healthcare facilities at riskIn a cyberattack, Transform, an IT services provider for hospitals in Ontario, was possibly the victim of a ransomware attack. 5 hospitals, including Windsor Regional Hospital, were severely affected. Cyberattacks in the healthcare sector are increasingly common and companies must protect themselves...

Phishing attacks in the hospitality industry: new research from AkamaiIncreased levels of complexity in hospitality phishing campaignsAkamai research has detected sophisticated phishing attacks in the hospitality industry. Hackers are using DNS exploits to target both staff and customers, stealing data and damaging reservations. Akamai analyzes domains used by attackers to identify patterns and protect users.

Corporate data breach: D-Link responds promptlyD-Link's immediate reaction to corporate data breach reveals details of attack and reassures customersD-Link, Taiwanese company, confirms data breach. The breach was due to a phishing attack on an old, outdated system. Stolen data is few and not sensitive. Company took immediate action.

Serious Equifax security breach fined £11.1mA lesson on personal data management in the digital age: the Equifax caseThe Financial Conduct Authority (FCA) has fined Equifax £11,164,400 for a serious cybersecurity breach. Equifax failed to properly manage the security of UK consumer data, allowing hackers to access millions of personal details. The breach was made worse by Equifax's poor handling of the incident...

Hamas-Israel war: the escalation of virtual operationsThe digital arena: The new frontier in the Hamas-Israel warThe recent conflict between Hamas and Israel has demonstrated the use of digital warfare and disinformation operations to control the narrative and influence public opinion. Involving external actors, such as hackers and Russia, this hybrid warfare requires attention and a coordinated response from the...

Email delivery issues in Exchange Online: Microsoft investigatingLearn more about causes and impactsMicrosoft is investigating email delivery issues in Exchange Online, causing "Server Busy" errors and delays in receiving external emails. The problems could be related to the incorrect application of anti-spam rules. There have also been previous problems accessing email inboxes.

Record DDoS attacks: fixes quickly releasedHTTP2 vulnerability exploited by large-scale DDoS attacks: here are the solutionsWeb server vendors address Rapid Reset vulnerability in HTTP2 protocol that caused DDoS attacks. Fixes have been released for many affected products. Large DDoS attacks have been mitigated thanks to a zero-day vulnerability in the HTTP/2 protocol called HTTP/2 Rapid Reset.

Cyber attack on the Province of Cosenza: the imperative of robust digital securityThe need for advanced cyber defense against ransomware: lessons from the attack on the Province of CosenzaThe provincial administration of Cosenza was hit by a ransomware cyber attack, making data inaccessible and demanding a ransom. Despite the attack, the administration refused to pay, showing determination to recover the encrypted data. We highlight the importance of adopting advanced digital security...

Cloudflare: the incident that caused DNS resolution issuesCloudflare's implications and solutions for the DNS resolution incidentDNS service provider Cloudflare experienced a DNS resolution error that caused internet access issues for many users. The error was caused by an internal software error at Cloudflare and not by an external attack. Cloudflare is working to prevent future errors and apologizes for the incident.

Lyca Mobile services disrupted by cyber attackThe consequences of the attack and the ongoing investigationsA cyber attack has disrupted the services of mobile provider Lyca Mobile, preventing users from accessing services and causing operational problems. The company is investigating possible personal data breaches.

Hacker attack on Sony: threat of data disclosureA new threat to Sony's data security: the tension increasesA Russian hacker group, known as Ransomed.vc, claims to have breached Sony's security systems and is holding sensitive customer data. They threaten to sell the data if a ransom is not paid. Sony is investigating the situation.

Cyber attack paralyzes the Bermuda islands: government working to restore operationsExtensive checks are underway to determine the origin of the sophisticated cyber attack in the governmentBermuda suffered a major cyber attack last week, but there is no evidence of data theft. The government is restoring operations and building a more secure network. Difficulties have been encountered, but everything is expected to return to normal soon.