Cyber incidents
Citrix in the crosshairs: IT security on alert for a zero-day attackCritical infrastructure compromise: understanding and addressing the impact of zero-day vulnerability on CitrixNetwork and cloud services provider Citrix has been hit by a very serious zero-day vulnerability. Tens of thousands of Citrix servers have been compromised, putting vast sensitive data and related infrastructure at risk. In response, emergency patches were released and the importance of risk management...
The security of the CoWin portal in the eye of the storm: investigations in progressImplications for the vaccination program following the alleged data breachThe security incident on the CoWin portal, a key tool for India's vaccination programme, is under investigation. Although user data has been exposed, Minister of Information and Technology, Rajeev Chandrasekhar, assures that there is no evidence of data compromise. This matter is being handled by CERT-In,...
PokerStars security breach: over 110,000 user data exposedDetails of the PokerStars hack and advice from IT security expertsPopular online poker site, PokerStars, fell victim to a massive hack that exposed the data of more than 110,000 users, including credentials such as usernames and passwords. IT security experts recommend changing passwords immediately and using two-factor authentication.
Operation intrusion: North Korea targets crypto firmsRevealed how North Korean attackers bypassed JumpCloud securityCyberseason's report revealed a cyber attack on JumpCloud, a digital identity management platform, carried out by hackers linked to North Korea. They exploited the JumpCloud vulnerability to attack cryptocurrency companies, using phishing techniques and a piece of malware called "RokRat". JumpCloud responded...
Digital sabotage on pakistani soil: analysis of a sophisticated cyber attackIn-depth looks at the Pakistan cyber attackThe article reports a sophisticated cyber attack against important entities in Pakistan, carried out via spear phishing and thanks to an unprecedented malware. This malicious software stole sensitive data, causing severe data security and operational impact. The organizations involved are implementing...
The emergence of serious vulnerabilities in Adobe ColdFusion softwareUnder attack: how Adobe's software flaws put companies' IT security at riskThe article talks about the serious vulnerabilities discovered in Adobe ColdFusion software, which can be exploited to conduct cyber attacks. Emphasize the importance of installing the security patches released by Adobe to address these issues, to reduce the risk of attacks. Indicates the need for proactive...
Microsoft security in danger: leaked encryption keys and government interventionCybersecurity highlights: the Microsoft encryption key incident and its repercussionsMicrosoft lost access to its product encryption keys, leaving user data security vulnerable. This has raised concerns about potential government intervention. Cyber security experts work to fix the problem, aiming to strengthen future security measures.
The hidden fire: Docker Hub images reveal private keys and authentication secretsSecurity issues using Docker Hub: an unexpected risk for companiesThe article highlights an issue related to computer security. In the Docker Hub, a Docker image hosting service, sensitive data leaks (authentication secrets and private keys) have been detected due to careless practices. This situation can lead to cyber attacks harmful to companies and customers. To...
Cybersecurity overview: attacks, vulnerabilities and future challengesAttacks through Microsoft Teams, law firm under siege by hackers, the highly anticipated release of CVSS 4.0 and the complex future challenge of cyber securityThe article discusses various topics related to cyber security. It includes a recent malware attack via Microsoft Teams, cyberattacks on law firms, the upcoming release of the new vulnerability scoring system (CVSS 4.0), and future cybersecurity challenges.
Vulnerability of the AIOSEO plugin: over a million WordPress sites at riskFrom SEO to SOV: how a trick can turn into a cybersecurity threatThe article talks about a vulnerability discovered in the WordPress plugin "All in One SEO Pack", which recorded passwords in clear text, exposing users to possible hacker attacks. AIOSEO fixed the issue with an update, but the issue underscores the importance of keeping plugins up-to-date and robust...
Security camera malfunctions: a threat to privacyVulnerability of video surveillance systems: privacy at risk and responsibility of manufacturersSecurity cameras manufactured by the Chinese Hikvision malfunctioned, allowing unauthorized access to the recordings. Hikvision's belated response raises questions about the company's ability to protect data. The violation of privacy, especially of minors, is under the attention of the Guarantor Authority...
Municipality of Ferrara victim of Rhysida ransomwareCybersecurity under siege: the italian Municipality resists the incursionThe Municipality of Ferrara has been the victim of a cyber attack orchestrated using Rhysida ransomware, a dangerous encrypting malware. The damage seems contained thanks to the protection systems, but the investigation is still ongoing. Mayor Fabbri shows determination, rejecting the threats and proposing...
Shimizu Port ransomware attack: a lesson in cyber resilienceAnalysis and implications of the cyber attack on the Japanese strategic nodeThe article chronicles a recent ransomware attack on the Japanese port of Shimizu, which is causing significant disruption in its operations and hurting the local economy. The act highlights the importance of critical infrastructure resilience to cyber threats and the need to invest in advanced security,...
Chinese hackers infiltrate email accounts of several organizations, claims MicrosoftStorm-0558 cyber-espionage culprits: tracking the tactics and repercussionsMicrosoft alleges that a chinese cyber-espionage group, Storm-0558, hacked around 25 organizations' email accounts, including some government agencies. The White House confirms the breach of Microsoft's cloud security, where the hackers used a vulnerability in Azure to forge authentication tokens and...
Major ransomware attack reveals data from Swiss football hooligansCybersecurity at Risk: A disturbing look at the dark web's exploding black marketThe article talks about a major ransomware attack that exposed sensitive data of alleged Swiss hooligans on the dark web. The stolen data ended up on the black market, becoming attractive prey for hackers and cybercriminals. The authorities are investigating to understand how the event could have occurred...
Massive data breach: 11 million HCA Healthcare patients affectedThe personal information of millions of patients is at risk following a cyber attack targeting healthcare giant, HCA HealthcareHCA Healthcare has reported a data breach where personal information of roughly 11 million patients was stolen. This did not include any medical, payment, or sensitive data. The information was reportedly taken from an external storage location used for email formatting. Despite the breach, HCA's operations...
Razer in the target of hackers: new alleged data theftGaming firm faces another potential data leak: hacker demands $100,000 in Monero cryptocurrencyA member of a specialist forum claimed to have hacked popular gaming company Razer and stolen significant data. The alleged hacker demanded a $100,000 ransom in Monero cryptocurrency. This comes a year after a security incident where Razer's unencrypted customer database was discovered, though no sensitive...
Ransomware Clop affects the main global legal companies: the risk is massive data theftLinked to Clop, attackers exploited MOVEit software vulnerabilities, strike during Memorial Day holidayTrecenti società globali, tra cui le tre più grandi ditte legali americane, sono state colpite dal gruppo di hacker noto con il nome Clop, attraverso una vulnerabilità nel software MOVEit, utilizzato per il trasferimento di file. L'attacco, avvenuto nel weekend del Memorial Day, potrebbe aver messo a...
Impact of LockBit's cyber attack on Nagoya cargo port: a detailed analysisLockBit 3.0, the new threat in cybersecurity: the details of the recent attack on the port of NagoyaThe Nagoya cargo port, crucial to logistics operations of major auto manufacturers like Toyota, was recently hit by a cyberattack. Russian-speaking hacking group, Lockbit, demanded a ransom, resulting in considerable disruption and delays. This version of LockBit, 3.0, introduces a bug-hunting platform...
Charming Kitten: the evolution of cyber-attacks and new digital security threatsGorjolEcho and NokNok: the new cyber-espionage tools of the well-known Iranian groupThe US think tank was recently targeted by an Iranian cyber-espionage group, Charming Kitten, using a macOS PowerShell malware named GorjolEcho. This was distributed via a password-protected archive shared via Dropbox, designed to exfiltrate information from the infected system. A subsequent infection,...
JumpCloud responds promptly to a cybersecurity incidentRepercussions of the incident and protective measures implemented by the JumpCloudJumpCloud, a cloud-based identity solutions provider, experienced a cybersecurity incident impacting some clients. In response, the company reset the API keys of affected customers, breaking some features temporarily. JumpCloud is offering support and resources to help customers manage the API key reset....
Massive data breach at Pepsi Bottling Ventures: 28,000 individuals at riskA sophisticated cyber attack compromised the personal, financial and health information of thousands of employees and contractorsPepsi Bottling Ventures, an independent bottler, experienced a significant data breach impacting 28,000+ individuals. The breach exposed personal, financial, and health records, triggering an enterprise-wide password reset and increased network security measures. The company alerted those affected to...
Ransomware hits the Luigi Vanvitelli hospital: ACN at workThe national cybersecurity agency mobilizes to restore the systems of the Neapolitan hospital, the target of a cyber attackThe Luigi Vanvitelli hospital in Naples, Italy suffered a ransomware attack in early July, prompting the National Cybersecurity Agency (ACN) to deploy a specialist team for damage assessment and system restoration. With healthcare being the fifth most cyber-attacked sector, ACN Director General Bruno...
Electric vehicle charging stations: new target for hackersAs the electric car industry grows, new challenges emerge: the safety of charging stations becomes a pressing issueThe increase in electric vehicle usage is causing new security issues, notably hacking of charging stations. Cybersecurity experts warn these hacks could access personal data or manipulate the power supply, causing grid instabilities. Responsibility for security lies primarily with station manufacturers,...
Cyber breach at HWL Ebsworth: sensitive data releasedA russian ransomware group targets well-known australian law firm, putting government and personal information at riskA russian ransomware group called ALPHV/Blackcat breached the Australian law firm HWL Ebsworth and leaked around 1.1TB of sensitive government and personal data it had stolen. The national cybersecurity coordinator is working on understanding the full scope of the incident, which could potentially affect...
Ransomware attacks schools: privacy and security disaster for students and parentsRansomware criminals compromise the privacy of children in the United States by spreading highly sensitive school files onlineThe US school systems are increasingly becoming targets of ransomware attacks, leading to sensitive information disclosure when ransom demands are not paid. The leaks can include abuse reports, medical records, and other deeply personal details. Schools are often ill-equipped to defend against such attacks,...
Serious breach of data security at Acque VeronesiTheft of sensitive data: the controversial story that hit the companyAcque Veronesi, a major water management company in Verona, recently experienced a severe data breach. The incident potentially compromised user information including names, emails, phone numbers, and social security numbers. Despite robust security precautions, the breach occurred, prompting action...
Microsoft denies cyber attack and theft of 30 million accountsThe company rejects Anonymous Sudan's claims and reassures users about the safety of its online servicesIn response to recent claims by hacktivist group Anonymous Sudan of hacking into Microsoft's servers, stealing more than 30 million account information, the company led by Satya Nadella released a press statement. In it, Microsoft categorically denied the reports that appeared in some sections of the...
RBI record fine: Bank fined 65 lakhs for lack of cyber securityCooperative bank AP Mahesh penalized for serious cybersecurity shortcomings, highlighted by a breach that cost Rs 12.48 croreIndia's central banking institution, the Reserve Bank of India (RBI), has fined Hyderabad-based AP Mahesh urban cooperative bank Rs 65 lakh. The disciplinary action was taken following a cybersecurity breach which saw hackers infiltrate the bank's systems via phishing emails, stealing Rs 12.48 crore...
Dublin airport staff data breach: global implicationsCybersecurity breach at Aon exposes salary data for nearly 2,000 airport employees, including agencies and companies in the US and UKA recent cybersecurity breach affected Aon, a professional services contractor that manages payroll data for Dublin Airport staff. The Dublin Airport Authority (DAA) has confirmed that the financial information of some of its employees was compromised in the attack. The crash had a significant impact,...
Serious cybersecurity flaw in a US institute: the OPRF case and the lessons learnedIncorrect password management exposes thousands of students to security risks. What does the Oak Park and River Forest High School incident teach us?Cyber security in educational institutions is a topic of growing importance not only in Italy, but globally. In recent years, discussions about how to improve and standardize safety protocols in schools have multiplied. However, a recent incident in the United States has raised new concerns about current...
Fujitsu reprimanded by japanese government for insufficient cybersecurity measuresJapanese tech giant faces severe criticism for handling data breaches affecting 1,700 businesses and government agenciesFujitsu, the Japanese IT giant, has recently come under fire from Japanese authorities because of its weak cybersecurity measures that have led to data breaches affecting at least 1,700 companies and government agencies. Authorities on Friday asked Fujitsu to implement corrective measures to address...
Mysterious cyber attack disables DozorAnonymous hackers vandalize russian websites, incite Wagner mercenaries and promise more cyberattacksLate wednesday night, an anonymous group of cyberattackers claimed they had struck Dozor, a satellite telecommunications provider with a diverse clientele including oil fields, power lines, russian military units, and the Federal Security Service (FSB). According to a message posted on Telegram, the...
Cyber attack cripples Suncor Energy, one of Canada's largest energy companiesCyber security is put to the test: over 1500 service stations involved, the importance of critical infrastructure is in the spotlightSuncor Energy, Canada's leading integrated energy company, disclosed earlier this week that it had suffered a cybersecurity incident. This caused technical problems at its subsidiary, Petro-Canada, affecting the operation of more than 1,500 gas stations across the country. As a result, these stations...
The rise of Midnight Blizzard's cyber attacks: Microsoft alertsA dramatic increase in intrusions conducted by the Russian hacker group is reported; the techniques used become increasingly sophisticated and disguisedMicrosoft has revealed a dramatic increase in credential-stealing attacks perpetrated by the state-affiliated Russian hacker group known as the Midnight Blizzard. These attacks use residential proxy services to mask the source IP address, targeting governments, IT service providers, NGOs, defense sectors...
Financial scam: courier companies in the crosshairsNew online threat: Zerodha CEO reveals alarming fraud exploiting FedEx and Blue Dart namesFinancial fraud, increasingly sophisticated in the age of the pervasive internet, has become a regular phenomenon. The latest in chronological order involves courier companies, with a scam that is rapidly spreading.Under the name of FedEx: a worrying example from the CEO of ZerodhaNithin Kamath, co-founder...
Russian hackers attack ukrainian infrastructure: Roundcube software is the targetRussian APT group exploits open-source webmail vulnerabilities to infiltrate ukrainian government and military entitiesA well-known Advanced Persistent Attack (APT) group, linked to the Russian government, has been discovered exploiting security vulnerabilities in the open-source email software Roundcube to spy on organizations in Ukraine. These include government institutions and military entities involved in aviation...
ChatGPT credential theft: more than 100,000 cases in 2022-2023Information thieves expose numerous OpenAI ChatGPT credentials on dark web markets, with India and Asia-Pacific particularly affectedIn the period between June 2022 and May 2023, over 101,100 compromised OpenAI ChatGPT credentials were found on illicit dark web marketplaces. India has been particularly affected by this issue, alone accounting for 12,632 stolen credentials. These credentials were traced to information theft records...
Cyber attack in East Asia: malware infiltration for over a yearThe details of the RDStealer malware and its corporate security implicationsA particular IT corporation based in East Asia fell prey to a sophisticated cyber attack meticulously designed and executed over a period exceeding one year. This cyber espionage operation involved deploying a unique piece of malware, RDStealer, coded using the Golang language. The cyber criminals had...
DDoS attack on Microsoft: OneDrive, Azure and Outlook stoppedA mysterious hacktivist collective, Anonymous Sudan, disrupts Microsoft cloud services through a massive DDoS attack. Microsoft responds with security tighteningMicrosoft recently confirmed that a DDoS-type cyberattack caused a number of significant disruptions to its cloud services in early June. These problems have affected the use of popular applications such as Outlook, OneDrive and Azure Cloud. Responsibility for the hack was blamed on an obscure hacktivist...
New frontiers of technological surveillanceBetween state-of-the-art prison monitoring systems and government data collection, privacy is increasingly under siegeA prison in Atlanta, Georgia has introduced a state-of-the-art monitoring system that not only records the whereabouts of inmates, but also their heartbeat. This system, developed by Talitrix, uses hundreds of sensors attached to inmate-wearable bracelets, similar to those of Fitbits. Although prison...
Vulnerability Etag: the anonymity of Tor at riskA recent discovery shows how the Etag HTTP header can be exploited to reveal the hidden IP address of Tor servicesTor is known for providing a higher level of anonymity online, making it difficult for users to be identified and tracked. However, a recent discovery has exposed a possible vulnerability. This comes from the use of an HTTP header called Etag, which can potentially reveal the true IP address of a service.Etag...
Russian group Clop attacks US government agenciesThe Clop emerges as a possible leading actor. The group, active since 2018, targets organizations affected by a specific vulnerabilityYesterday, US Cybersecurity officials said a "small amount" of government agencies have been affected by data breaches as part of an extensive hacking campaign. The culprit is likely Russia-based Clop ransomware group. This group of cybercriminals took advantage of a vulnerability in the MOVEit file...
Louisiana big data breach: personal safety appealAfter massive cybersecurity attack, experts and organizations urge citizens to protect their sensitive information and safeguard their creditDemetrice Rogers, a cybersecurity expert and adjunct professor at Tulane University's School of Professional Advancement, expressed her concern about the sharing of personal data of Louisianans on the dark web, following a large data breach. As public attention focuses on the problem, he urged the public...
US federal agencies in the crosshairs of a global cyberattackA sophisticated cyber-attack exploits software vulnerabilities, targeting critical infrastructure and causing national security concernsSeveral US federal agencies have been hit by a global cyberattack that exploited a software vulnerability, CNN reported. Eric Goldstein, assistant executive director for cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA), said his agency "is providing support to several federal...
Telegram data breach: implications for India's personal data securityCybersecurity experts weigh in on the consequences, the importance of security infrastructure, and why healthcare institutions are primary targetsRecently, an alarming disclosure about a data breach has emerged, purporting that the globally renowned messaging service, Telegram, holds access to private data of Indian citizens, encompassing their Aadhaar and PAN cards. This information leak is attributed to the CoWIN portal, a hub for Covid vaccination...
Outage of Microsoft services attributed to a possible attack by Anonymous SudanRepeated Azure outages raise concern as Microsoft investigates alleged DDoS attackMicrosoft reported a new outage on Friday after customers received error messages while trying to sign in to the Azure portal. Additionally, customers may have had difficulty trying to access the Microsoft Sign in admin center and Microsoft Intune. Despite this, the outages were mitigated within hours.Preliminary...
The geopolitics of cyber extortion: analysis and implications according to Orange CyberdefenseReport 2023: increase in attacks in south-east Asia and Latin America, decline in NATO nations. The crucial role of public-private collaborationCyber threats, especially cyber extortion attacks, have become increasingly common in recent years, putting organizations of all sizes and industries at risk. This is the finding of Orange Cyberdefense, which analyzed the data relating to 6,707 companies confirmed victims. Despite an 8% drop in cyber...
New spectralviper backdoor used in an attack against vietnamese public companiesUsing open source projects as a malware customization strategyA new backdoor named Spectralviper has been used in an attack on Vietnamese public companies. Elastic Security Labs has discovered that it is a previously unknown, highly obscured 64-bit backdoor that provides PE upload and injection, file upload and download, file and directory manipulation, and the...
Microsoft detects multi-stage cyber attacks on banks and financial organizationsNew multi-stage phishing and email compromise are among the top threats reportedMicrosoft has identified a series of multi-stage phishing and corporate email compromise (BEC) cyber-attacks on banks and financial organizations. The attacks were carried out through a compromised trusted provider and followed up with multiple compromise attacks involving multiple organizations. The...