AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Cyber ​​incidents

Carderbee cyber attacks rock Hong KongHong Kong businesses need to strengthen their cyber defenses to protect themselvesHong Kong targeted by Carderbee's cyber attacks Carderbee, a dangerous group of hackers specializing in carding and financial identity theft, has pressured the cyber defenses of numerous companies and financial institutions in Hong Kong, causing serious financial damage. Authorities work together to...

Tesla sues former employees for disclosing user data to a german newspaperLawsuit against former Tesla employees for violation of customer privacyTesla filed a lawsuit against two former employees who allegedly disclosed sensitive data of more than 75,000 users to a german newspaper. This invasion of privacy could damage Tesla's reputation and put your safety at risk. The company took the incident seriously and will take all necessary legal steps...

Haker accuses Bolsonaro of commissioning vote hacking in 2022Investigation called after allegations of violation of voting system in 2022 Brazilian electionsBrazilian hacker says Bolsonaro is involved in an alleged violation of the voting system of the 2022 election. The accusation has raised concerns about the security and integrity of the election. A thorough investigation is required to ensure transparency of the electoral process and strengthen cyber...

Ransomware attack shocks Postel Spa: detailsFight against Medusa Locker: Postel Spa refuses to give in to blackmailThe article reports that Postel Spa, an affiliate of Poste Italiane, was hit by a ransomware attack by the hacker group Medusa Locker. Company data was stolen and the group demanded a $500,000 ransom. Postel Spa reacted promptly by launching investigations and working to restore services.

Data protection breach in Ireland: serious vulnerabilities in the systemThe urgency of resilient protection and preventive solutionsSerious personal data breach in Northern Ireland raises concerns about the security of information handled by relevant authorities in the country. The data protection system is being examined and measures are being taken to avoid further violations. Collaboration and ongoing vigilance are key to addressing...

The virtual siege of APT38: russian institutions targeted by north korean hackersAttack tactics and the growing need for cyber securityThe North Korean hacker group Lazarus Group, also known as APT38, has been targeting Russian institutions using advanced techniques such as spear-phishing. This activity generated great international interest, highlighting the importance of global cooperation on cyber security.

FBI alert: scammers playing the robe of NFT developersScam methods and protective measures in the emerging NFT marketFBI warns of scammers posing as NFT developers to steal users' cryptographic data. They use techniques such as phishing and outright deception. Digital awareness is key to preventing these scams. Security bodies, the crypto community and NFT developers should come together to fight digital crime.

Cyber assault from the Kremlin: phishing via Microsoft TeamsCybersecurity under siege: lines of defense and geopolitical implicationsThe article discusses a phishing attack staged by Russian hackers on government organizations using fake invitations to Microsoft Teams. Emphasize the importance of employee training, advanced cybersecurity, and awareness of this threat. Finally, the article links the incident to international politics,...

Wave of hack attacks: over 640 compromised Citrix serversThe insidious technique of web shells: this is how hackers compromise Citrix serversThe article discusses the persistence of hacker attacks on Citrix servers, with over 640 servers compromised through the use of web shells. These attacks, predominantly in the Netherlands and Germany, highlight the importance of continually updating cyber defense strategies. Finally, it proposes preventive...

Facebook faces phishing attack: the critical role of the Salesforce flawSecurity countermeasure measure: how Facebook fought back a huge phishing attempt via SalesforceSecurity researchers have identified a phishing attack on Facebook, exploiting a flaw in the Salesforce platform. The attackers changed the email details to look legitimate and bypass Facebook's security filters. Facebook responded promptly, reporting the vulnerability to Salesforce and emphasizing the...

Malfunctions at Israel's largest refinery: grappling with potential cyberattacksCybersecurity and the oil industry: scenarios and reflections on the Bazan Group caseIsrael's largest oil refinery, Bazan Group, has encountered problems with its computer system that have raised suspicions of a possible cyber-attack. The national security agency Shin Bet is investigating the case, despite Bazan Group's assurances that its operations have not been disrupted. The incident...

The Mirai botnet attack on Apache Tomcat serversUnmasking the cyberattack chain: infiltration, execution, and countermeasuresThe article discusses a cyberattack campaign targeted towards poorly protected Apache Tomcat servers, aiming to distribute Mirai botnet malware and cryptocurrency miners. The attack involves the use of a web shell script known as "neww", which gains unauthorized access to make changes on the server....

Zero-day bug: Ivanti's action in fixing MobileIronIvanti's readiness to respond to MobileIron vulnerability: the importance of security updatesMobileIron software, used by many large corporations and government organizations, recently fell victim to a hacker attack due to a "remote code execution" vulnerability. This vulnerability allowed hackers to execute malicious code remotely, compromising system security. Ivanti, the parent company of...

Norwegian government networks affected by DDoS attack: incident analysisNorwegian cyber security under attack: the importance of defense against DDoS threatsThe article discusses a recent DDoS attack on twelve Norwegian government sites that disrupted several key services. The Cyber Security Center of Norway has launched an investigation to identify the perpetrators. The incident underscores the importance of global cybersecurity measures.

Citrix in the crosshairs: IT security on alert for a zero-day attackCritical infrastructure compromise: understanding and addressing the impact of zero-day vulnerability on CitrixNetwork and cloud services provider Citrix has been hit by a very serious zero-day vulnerability. Tens of thousands of Citrix servers have been compromised, putting vast sensitive data and related infrastructure at risk. In response, emergency patches were released and the importance of risk management...

The security of the CoWin portal in the eye of the storm: investigations in progressImplications for the vaccination program following the alleged data breachThe security incident on the CoWin portal, a key tool for India's vaccination programme, is under investigation. Although user data has been exposed, Minister of Information and Technology, Rajeev Chandrasekhar, assures that there is no evidence of data compromise. This matter is being handled by CERT-In,...

PokerStars security breach: over 110,000 user data exposedDetails of the PokerStars hack and advice from IT security expertsPopular online poker site, PokerStars, fell victim to a massive hack that exposed the data of more than 110,000 users, including credentials such as usernames and passwords. IT security experts recommend changing passwords immediately and using two-factor authentication.

Operation intrusion: North Korea targets crypto firmsRevealed how North Korean attackers bypassed JumpCloud securityCyberseason's report revealed a cyber attack on JumpCloud, a digital identity management platform, carried out by hackers linked to North Korea. They exploited the JumpCloud vulnerability to attack cryptocurrency companies, using phishing techniques and a piece of malware called "RokRat". JumpCloud responded...

Digital sabotage on pakistani soil: analysis of a sophisticated cyber attackIn-depth looks at the Pakistan cyber attackThe article reports a sophisticated cyber attack against important entities in Pakistan, carried out via spear phishing and thanks to an unprecedented malware. This malicious software stole sensitive data, causing severe data security and operational impact. The organizations involved are implementing...

The emergence of serious vulnerabilities in Adobe ColdFusion softwareUnder attack: how Adobe's software flaws put companies' IT security at riskThe article talks about the serious vulnerabilities discovered in Adobe ColdFusion software, which can be exploited to conduct cyber attacks. Emphasize the importance of installing the security patches released by Adobe to address these issues, to reduce the risk of attacks. Indicates the need for proactive...

Microsoft security in danger: leaked encryption keys and government interventionCybersecurity highlights: the Microsoft encryption key incident and its repercussionsMicrosoft lost access to its product encryption keys, leaving user data security vulnerable. This has raised concerns about potential government intervention. Cyber security experts work to fix the problem, aiming to strengthen future security measures.

The hidden fire: Docker Hub images reveal private keys and authentication secretsSecurity issues using Docker Hub: an unexpected risk for companiesThe article highlights an issue related to computer security. In the Docker Hub, a Docker image hosting service, sensitive data leaks (authentication secrets and private keys) have been detected due to careless practices. This situation can lead to cyber attacks harmful to companies and customers. To...

Cybersecurity overview: attacks, vulnerabilities and future challengesAttacks through Microsoft Teams, law firm under siege by hackers, the highly anticipated release of CVSS 4.0 and the complex future challenge of cyber securityThe article discusses various topics related to cyber security. It includes a recent malware attack via Microsoft Teams, cyberattacks on law firms, the upcoming release of the new vulnerability scoring system (CVSS 4.0), and future cybersecurity challenges.

Vulnerability of the AIOSEO plugin: over a million WordPress sites at riskFrom SEO to SOV: how a trick can turn into a cybersecurity threatThe article talks about a vulnerability discovered in the WordPress plugin "All in One SEO Pack", which recorded passwords in clear text, exposing users to possible hacker attacks. AIOSEO fixed the issue with an update, but the issue underscores the importance of keeping plugins up-to-date and robust...

Security camera malfunctions: a threat to privacyVulnerability of video surveillance systems: privacy at risk and responsibility of manufacturersSecurity cameras manufactured by the Chinese Hikvision malfunctioned, allowing unauthorized access to the recordings. Hikvision's belated response raises questions about the company's ability to protect data. The violation of privacy, especially of minors, is under the attention of the Guarantor Authority...

Municipality of Ferrara victim of Rhysida ransomwareCybersecurity under siege: the italian Municipality resists the incursionThe Municipality of Ferrara has been the victim of a cyber attack orchestrated using Rhysida ransomware, a dangerous encrypting malware. The damage seems contained thanks to the protection systems, but the investigation is still ongoing. Mayor Fabbri shows determination, rejecting the threats and proposing...

Shimizu Port ransomware attack: a lesson in cyber resilienceAnalysis and implications of the cyber attack on the Japanese strategic nodeThe article chronicles a recent ransomware attack on the Japanese port of Shimizu, which is causing significant disruption in its operations and hurting the local economy. The act highlights the importance of critical infrastructure resilience to cyber threats and the need to invest in advanced security,...

Chinese hackers infiltrate email accounts of several organizations, claims MicrosoftStorm-0558 cyber-espionage culprits: tracking the tactics and repercussionsMicrosoft alleges that a chinese cyber-espionage group, Storm-0558, hacked around 25 organizations' email accounts, including some government agencies. The White House confirms the breach of Microsoft's cloud security, where the hackers used a vulnerability in Azure to forge authentication tokens and...

Major ransomware attack reveals data from Swiss football hooligansCybersecurity at Risk: A disturbing look at the dark web's exploding black marketThe article talks about a major ransomware attack that exposed sensitive data of alleged Swiss hooligans on the dark web. The stolen data ended up on the black market, becoming attractive prey for hackers and cybercriminals. The authorities are investigating to understand how the event could have occurred...

Massive data breach: 11 million HCA Healthcare patients affectedThe personal information of millions of patients is at risk following a cyber attack targeting healthcare giant, HCA HealthcareHCA Healthcare has reported a data breach where personal information of roughly 11 million patients was stolen. This did not include any medical, payment, or sensitive data. The information was reportedly taken from an external storage location used for email formatting. Despite the breach, HCA's operations...

Razer in the target of hackers: new alleged data theftGaming firm faces another potential data leak: hacker demands $100,000 in Monero cryptocurrencyA member of a specialist forum claimed to have hacked popular gaming company Razer and stolen significant data. The alleged hacker demanded a $100,000 ransom in Monero cryptocurrency. This comes a year after a security incident where Razer's unencrypted customer database was discovered, though no sensitive...

Ransomware Clop affects the main global legal companies: the risk is massive data theftLinked to Clop, attackers exploited MOVEit software vulnerabilities, strike during Memorial Day holidayTrecenti società globali, tra cui le tre più grandi ditte legali americane, sono state colpite dal gruppo di hacker noto con il nome Clop, attraverso una vulnerabilità nel software MOVEit, utilizzato per il trasferimento di file. L'attacco, avvenuto nel weekend del Memorial Day, potrebbe aver messo a...

Impact of LockBit's cyber attack on Nagoya cargo port: a detailed analysisLockBit 3.0, the new threat in cybersecurity: the details of the recent attack on the port of NagoyaThe Nagoya cargo port, crucial to logistics operations of major auto manufacturers like Toyota, was recently hit by a cyberattack. Russian-speaking hacking group, Lockbit, demanded a ransom, resulting in considerable disruption and delays. This version of LockBit, 3.0, introduces a bug-hunting platform...

Charming Kitten: the evolution of cyber-attacks and new digital security threatsGorjolEcho and NokNok: the new cyber-espionage tools of the well-known Iranian groupThe US think tank was recently targeted by an Iranian cyber-espionage group, Charming Kitten, using a macOS PowerShell malware named GorjolEcho. This was distributed via a password-protected archive shared via Dropbox, designed to exfiltrate information from the infected system. A subsequent infection,...

JumpCloud responds promptly to a cybersecurity incidentRepercussions of the incident and protective measures implemented by the JumpCloudJumpCloud, a cloud-based identity solutions provider, experienced a cybersecurity incident impacting some clients. In response, the company reset the API keys of affected customers, breaking some features temporarily. JumpCloud is offering support and resources to help customers manage the API key reset....

Massive data breach at Pepsi Bottling Ventures: 28,000 individuals at riskA sophisticated cyber attack compromised the personal, financial and health information of thousands of employees and contractorsPepsi Bottling Ventures, an independent bottler, experienced a significant data breach impacting 28,000+ individuals. The breach exposed personal, financial, and health records, triggering an enterprise-wide password reset and increased network security measures. The company alerted those affected to...

Ransomware hits the Luigi Vanvitelli hospital: ACN at workThe national cybersecurity agency mobilizes to restore the systems of the Neapolitan hospital, the target of a cyber attackThe Luigi Vanvitelli hospital in Naples, Italy suffered a ransomware attack in early July, prompting the National Cybersecurity Agency (ACN) to deploy a specialist team for damage assessment and system restoration. With healthcare being the fifth most cyber-attacked sector, ACN Director General Bruno...

Electric vehicle charging stations: new target for hackersAs the electric car industry grows, new challenges emerge: the safety of charging stations becomes a pressing issueThe increase in electric vehicle usage is causing new security issues, notably hacking of charging stations. Cybersecurity experts warn these hacks could access personal data or manipulate the power supply, causing grid instabilities. Responsibility for security lies primarily with station manufacturers,...

Cyber breach at HWL Ebsworth: sensitive data releasedA russian ransomware group targets well-known australian law firm, putting government and personal information at riskA russian ransomware group called ALPHV/Blackcat breached the Australian law firm HWL Ebsworth and leaked around 1.1TB of sensitive government and personal data it had stolen. The national cybersecurity coordinator is working on understanding the full scope of the incident, which could potentially affect...

Ransomware attacks schools: privacy and security disaster for students and parentsRansomware criminals compromise the privacy of children in the United States by spreading highly sensitive school files onlineThe US school systems are increasingly becoming targets of ransomware attacks, leading to sensitive information disclosure when ransom demands are not paid. The leaks can include abuse reports, medical records, and other deeply personal details. Schools are often ill-equipped to defend against such attacks,...

Serious breach of data security at Acque VeronesiTheft of sensitive data: the controversial story that hit the companyAcque Veronesi, a major water management company in Verona, recently experienced a severe data breach. The incident potentially compromised user information including names, emails, phone numbers, and social security numbers. Despite robust security precautions, the breach occurred, prompting action...

Microsoft denies cyber attack and theft of 30 million accountsThe company rejects Anonymous Sudan's claims and reassures users about the safety of its online servicesIn response to recent claims by hacktivist group Anonymous Sudan of hacking into Microsoft's servers, stealing more than 30 million account information, the company led by Satya Nadella released a press statement. In it, Microsoft categorically denied the reports that appeared in some sections of the...

RBI record fine: Bank fined 65 lakhs for lack of cyber securityCooperative bank AP Mahesh penalized for serious cybersecurity shortcomings, highlighted by a breach that cost Rs 12.48 croreIndia's central banking institution, the Reserve Bank of India (RBI), has fined Hyderabad-based AP Mahesh urban cooperative bank Rs 65 lakh. The disciplinary action was taken following a cybersecurity breach which saw hackers infiltrate the bank's systems via phishing emails, stealing Rs 12.48 crore...

Dublin airport staff data breach: global implicationsCybersecurity breach at Aon exposes salary data for nearly 2,000 airport employees, including agencies and companies in the US and UKA recent cybersecurity breach affected Aon, a professional services contractor that manages payroll data for Dublin Airport staff. The Dublin Airport Authority (DAA) has confirmed that the financial information of some of its employees was compromised in the attack. The crash had a significant impact,...

Serious cybersecurity flaw in a US institute: the OPRF case and the lessons learnedIncorrect password management exposes thousands of students to security risks. What does the Oak Park and River Forest High School incident teach us?Cyber security in educational institutions is a topic of growing importance not only in Italy, but globally. In recent years, discussions about how to improve and standardize safety protocols in schools have multiplied. However, a recent incident in the United States has raised new concerns about current...

Fujitsu reprimanded by japanese government for insufficient cybersecurity measuresJapanese tech giant faces severe criticism for handling data breaches affecting 1,700 businesses and government agenciesFujitsu, the Japanese IT giant, has recently come under fire from Japanese authorities because of its weak cybersecurity measures that have led to data breaches affecting at least 1,700 companies and government agencies. Authorities on Friday asked Fujitsu to implement corrective measures to address...

Mysterious cyber attack disables DozorAnonymous hackers vandalize russian websites, incite Wagner mercenaries and promise more cyberattacksLate wednesday night, an anonymous group of cyberattackers claimed they had struck Dozor, a satellite telecommunications provider with a diverse clientele including oil fields, power lines, russian military units, and the Federal Security Service (FSB). According to a message posted on Telegram, the...

Cyber attack cripples Suncor Energy, one of Canada's largest energy companiesCyber security is put to the test: over 1500 service stations involved, the importance of critical infrastructure is in the spotlightSuncor Energy, Canada's leading integrated energy company, disclosed earlier this week that it had suffered a cybersecurity incident. This caused technical problems at its subsidiary, Petro-Canada, affecting the operation of more than 1,500 gas stations across the country. As a result, these stations...

The rise of Midnight Blizzard's cyber attacks: Microsoft alertsA dramatic increase in intrusions conducted by the Russian hacker group is reported; the techniques used become increasingly sophisticated and disguisedMicrosoft has revealed a dramatic increase in credential-stealing attacks perpetrated by the state-affiliated Russian hacker group known as the Midnight Blizzard. These attacks use residential proxy services to mask the source IP address, targeting governments, IT service providers, NGOs, defense sectors...

Financial scam: courier companies in the crosshairsNew online threat: Zerodha CEO reveals alarming fraud exploiting FedEx and Blue Dart namesFinancial fraud, increasingly sophisticated in the age of the pervasive internet, has become a regular phenomenon. The latest in chronological order involves courier companies, with a scam that is rapidly spreading.Under the name of FedEx: a worrying example from the CEO of ZerodhaNithin Kamath, co-founder...