Cyber incidents
Russian hackers attack ukrainian infrastructure: Roundcube software is the targetRussian APT group exploits open-source webmail vulnerabilities to infiltrate ukrainian government and military entitiesA well-known Advanced Persistent Attack (APT) group, linked to the Russian government, has been discovered exploiting security vulnerabilities in the open-source email software Roundcube to spy on organizations in Ukraine. These include government institutions and military entities involved in aviation...
ChatGPT credential theft: more than 100,000 cases in 2022-2023Information thieves expose numerous OpenAI ChatGPT credentials on dark web markets, with India and Asia-Pacific particularly affectedIn the period between June 2022 and May 2023, over 101,100 compromised OpenAI ChatGPT credentials were found on illicit dark web marketplaces. India has been particularly affected by this issue, alone accounting for 12,632 stolen credentials. These credentials were traced to information theft records...
Cyber attack in East Asia: malware infiltration for over a yearThe details of the RDStealer malware and its corporate security implicationsA particular IT corporation based in East Asia fell prey to a sophisticated cyber attack meticulously designed and executed over a period exceeding one year. This cyber espionage operation involved deploying a unique piece of malware, RDStealer, coded using the Golang language. The cyber criminals had...
DDoS attack on Microsoft: OneDrive, Azure and Outlook stoppedA mysterious hacktivist collective, Anonymous Sudan, disrupts Microsoft cloud services through a massive DDoS attack. Microsoft responds with security tighteningMicrosoft recently confirmed that a DDoS-type cyberattack caused a number of significant disruptions to its cloud services in early June. These problems have affected the use of popular applications such as Outlook, OneDrive and Azure Cloud. Responsibility for the hack was blamed on an obscure hacktivist...
New frontiers of technological surveillanceBetween state-of-the-art prison monitoring systems and government data collection, privacy is increasingly under siegeA prison in Atlanta, Georgia has introduced a state-of-the-art monitoring system that not only records the whereabouts of inmates, but also their heartbeat. This system, developed by Talitrix, uses hundreds of sensors attached to inmate-wearable bracelets, similar to those of Fitbits. Although prison...
Vulnerability Etag: the anonymity of Tor at riskA recent discovery shows how the Etag HTTP header can be exploited to reveal the hidden IP address of Tor servicesTor is known for providing a higher level of anonymity online, making it difficult for users to be identified and tracked. However, a recent discovery has exposed a possible vulnerability. This comes from the use of an HTTP header called Etag, which can potentially reveal the true IP address of a service.Etag...
Russian group Clop attacks US government agenciesThe Clop emerges as a possible leading actor. The group, active since 2018, targets organizations affected by a specific vulnerabilityYesterday, US Cybersecurity officials said a "small amount" of government agencies have been affected by data breaches as part of an extensive hacking campaign. The culprit is likely Russia-based Clop ransomware group. This group of cybercriminals took advantage of a vulnerability in the MOVEit file...
Louisiana big data breach: personal safety appealAfter massive cybersecurity attack, experts and organizations urge citizens to protect their sensitive information and safeguard their creditDemetrice Rogers, a cybersecurity expert and adjunct professor at Tulane University's School of Professional Advancement, expressed her concern about the sharing of personal data of Louisianans on the dark web, following a large data breach. As public attention focuses on the problem, he urged the public...
US federal agencies in the crosshairs of a global cyberattackA sophisticated cyber-attack exploits software vulnerabilities, targeting critical infrastructure and causing national security concernsSeveral US federal agencies have been hit by a global cyberattack that exploited a software vulnerability, CNN reported. Eric Goldstein, assistant executive director for cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA), said his agency "is providing support to several federal...
Telegram data breach: implications for India's personal data securityCybersecurity experts weigh in on the consequences, the importance of security infrastructure, and why healthcare institutions are primary targetsRecently, an alarming disclosure about a data breach has emerged, purporting that the globally renowned messaging service, Telegram, holds access to private data of Indian citizens, encompassing their Aadhaar and PAN cards. This information leak is attributed to the CoWIN portal, a hub for Covid vaccination...
Outage of Microsoft services attributed to a possible attack by Anonymous SudanRepeated Azure outages raise concern as Microsoft investigates alleged DDoS attackMicrosoft reported a new outage on Friday after customers received error messages while trying to sign in to the Azure portal. Additionally, customers may have had difficulty trying to access the Microsoft Sign in admin center and Microsoft Intune. Despite this, the outages were mitigated within hours.Preliminary...
The geopolitics of cyber extortion: analysis and implications according to Orange CyberdefenseReport 2023: increase in attacks in south-east Asia and Latin America, decline in NATO nations. The crucial role of public-private collaborationCyber threats, especially cyber extortion attacks, have become increasingly common in recent years, putting organizations of all sizes and industries at risk. This is the finding of Orange Cyberdefense, which analyzed the data relating to 6,707 companies confirmed victims. Despite an 8% drop in cyber...
New spectralviper backdoor used in an attack against vietnamese public companiesUsing open source projects as a malware customization strategyA new backdoor named Spectralviper has been used in an attack on Vietnamese public companies. Elastic Security Labs has discovered that it is a previously unknown, highly obscured 64-bit backdoor that provides PE upload and injection, file upload and download, file and directory manipulation, and the...
Microsoft detects multi-stage cyber attacks on banks and financial organizationsNew multi-stage phishing and email compromise are among the top threats reportedMicrosoft has identified a series of multi-stage phishing and corporate email compromise (BEC) cyber-attacks on banks and financial organizations. The attacks were carried out through a compromised trusted provider and followed up with multiple compromise attacks involving multiple organizations. The...
Stealth Soldier espionage malware strikes in North AfricaConstantly evolving highly targeted and personalized attacksA new custom backdoor, called the Stealth Soldier, has been used as part of a set of highly targeted espionage attacks in North Africa. Check Point, a cybersecurity firm, stated in a technical report that the Stealth Soldier malware is an undocumented backdoor that mainly operates on surveillance functions,...
Critical vulnerabilities in Honda's e-commerce platform for selling equipmentThe importance of customer data protection on e-commerce platformsHonda, a well-known automaker, has seen a number of serious vulnerabilities come to light on its e-commerce platform dedicated to the sale of equipment, such as generators, pumps, lawn mowers and boat engines. The discovery was made by an American researcher, Eaton Zveare, who at the beginning of the...
Ransomware tracking in Italy: recent cases and preventionHow cybersecurity can protect Italian companies from ransomware attacks: advice and practical solutions to prevent and manage attacksRansomware, a type of malware that spreads rapidly on a global scale, poses a growing threat to businesses and individuals in Italy. The impact of these attacks can be monitored through a continuously updated dashboard, thanks to which it is possible to examine the claims of cybercriminals related to...
Barracuda networks calls for the replacement of compromised ESG equipmentFollowing a security breach, the company detects a zero-day attack and prompts immediate customer response to prevent further damageBarracuda Networks has urged its customers to promptly replace their compromised Email Security Gateway (ESG) equipment, regardless of installing all available patches. The company identified targeted attacks on its ESG assets on May 18. Within a day, he discovered that the attacks exploited a zero-day...
Verizon 2023: an explosion of ransomware attacks and cyber threatsVerizon data breaches report highlights rising wave of ransomware attacks, rising related costs, and importance of the human rlement in security breachesOn Tuesday, Verizon released its 16th Annual Data Breaches Report (DBIR). This report provides organizations with valuable insights from incidents analyzed by its Threat Research and Advisory Center. The DBIR is among the most anticipated reports in the cybersecurity industry, given the analysis of a...
PostalFurious: new phishing SMS campaign targets users in UAEScam masquerading as postal services and toll operators aims to steal personal data and payment credentials through fake text messagesA Chinese phishing group named PostalFurious has been associated with a new SMS campaign targeting users in the UAE. This campaign is posing as postal services and toll operators, according to Group-IB, a Singapore-based cybersecurity company. The fraudulent tactic used includes sending bogus text messages...
Fighting cybercrime: the 2022 FBI reportDiscover the main types of cyber attacks, their financial impact and web security defense strategiesAccording to the latest cybercrime report released by the FBI, cyber risk is a business risk and cyber security is a national security concern. This notion is backed up by worrying data: In 2022, the FBI's Internet Crime Reporting Center (IC3) received more than 800,000 cybercrime reports, resulting...
New web skimmer attack: Akamai reveals threat to e-commerce sitesAkamai investigation exposes growing harmfulness of e-skimming techniques, putting personal data and credit card information at riskAkamai, a leading cybersecurity company, has recently detected a sophisticated Magecart-style web skimming campaign targeting the theft of Personally Identifiable Information (PII) and credit card data from e-commerce portals. During the operation, attackers use a combination of evasive strategies including...
More severe than expected data breach in San Diego school districtDisclosing Investigation of Last Fal's security incident highlights wider compromise of sensitive student and employee dataThe San Diego unified school district recently admitted that last fall's data breach had more severe and widespread repercussions than previously reported. Dennis Monahan, executive director of the district's risk management services, said the October security incident compromised a wider range of sensitive...
The growing threat of cyberattacks in the automotive sectorModern vehicle technologies accentuate vulnerability to cyber risks, creating urgent safety challenges in the future of motoringIn the digital age, vehicles, especially those with sophisticated electronic systems, are becoming increasingly exposed to the risks of cyber attacks. The threat is not just limited to electric cars, but also extends to modern sedans and utility vehicles, which are capable of being hacked. This danger...
Toyota: prolonged data exposure due to cloud configuration glitchAutomobile giant conducts thorough security checks after years-long customer data breach impacts both domestic and international clientsRenowned Japanese automobile manufacturer Toyota revealed this week that a glitch in its cloud configuration has resulted in a multi-year exposure of its customer data. The security flaw affected environments managed by Toyota Connected Corporation (TC), encompassing a wide range of information including...
Critical vulnerability in Gigabyte motherboard firmware: millions of PCs at riskEclypsium detects a hidden and insecure backdoor in the Taiwanese manufacturer's motherboards, opening the door to potential cyberattacksMillions of PC motherboards have been sold with a backdoor in the firmware, recent studies have revealed. This poses a significant security risk, as it makes the work of cybercriminals easier. In fact, the ability to hide malicious programs in the computer's UEFI firmware, which governs the loading of...
Chatbot and legal practice: when the AI is wrongPossible legal sanctions for the lawyer who used the OpenAI chatbot in the case of a client injured in flightIn the age of artificial intelligence, many people are wondering if this technology could somehow replace humans in the workplace. However, as a recent legal case illustrates, this is not necessarily true of all professions.Schwartz, an attorney at the major law firm, recently enlisted the help of ChatGpt,...
Cybersecurity threats loom over enterprises, with 65% impacted in a yearA report by Netwrix reveals a significant rise in cybersecurity incidents, with large corporations becoming more frequent targets for ransomware and malware attacks, while smaller businesses underestimate...In the corporate world, cybersecurity threats continue to grow at an alarming pace. Over the past year, a staggering 65% of enterprises reported experiencing a cyberattack, mirroring a similar trend observed across businesses of various scales where 68% have fallen victim, as reported by Netwrix. The...
ABB encounters ransomware assault: sensitive data reportedly exfiltratedSwiss industrial powerhouse endures cyber attack: operations maintain continuity despite malware intrusion on select systems. No evidence of customer systems being impactedIn a recent announcement, ABB, the Switzerland-based industrial behemoth, verified its encounter with a ransomware assault. The culprits were reported to have extracted some sensitive information during the cyber attack.The organization circulated an official statement and a set of Frequently Asked Questions...
Cyber warfare: Volt Typhoon's blow to USA securityMicrosoft reports bold cyber attack from China: military powerhouse Guam in Pacific is targeted by cyber espionage operationThe Chinese government-backed Volt Typhoon cyber-gang has carried out a series of cyber attacks on US networks, intending to disrupt lines of communication between Washington and Asia. Such activity has been reported by the United States and Microsoft, and below we present the known details and potential...