AI DevwWrld Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Cyber ​​incidents

Cyber threat to the Italian Ministry of Defense: critical access for sale on underground forumsRisks and implications of selling compromised access in cybercrimeAn Initial Access Broker has offered RCE access for sale to the Italian Ministry of Defense's "Difesa IT" website. IABs sell access to cybercriminals, who use them for attacks such as ransomware. Cyber threat intelligence is essential to prevent these threats.

Breach of cloud services: large-scale attack against Snowflake customersInvestigations detect large-scale cyber attacks leveraging compromised credentials and advanced intrusion toolsA security breach on Snowflake affected over 165 companies, including Ticketmaster and Santander, with sensitive data stolen. Hackers exploited stolen credentials via malware. The lack of multi-factor authentication contributed to the compromise.

Investigation into Facebook data breach and Akira ransomwareCybersecurity challenges: from the latest Facebook breach to the Akira ransomware threatThe article discusses a recent data breach at Facebook that compromised millions of profiles, the FBI's warning of an increase in Akira ransomware cases, and the importance of multi-layered strategies for companies and international collaboration to counter cyber threats .

NotPetya: the cyber attack that changed the face of cyber securityThe global devastation of the NotPetya cyberattack: Analysis of a borderless cyber conflictIn 2017, the NotPetya cyber attack, originating from Russia and targeting Ukraine, infected MeDoc software, affecting vital sectors and causing global damage. It turned out to be destructive and not for the purpose of redemption. Russian GRU unit 74455 was held responsible.

Data breach: 560 million users involvedHow to protect yourself from the consequences of a major data breachShinyHunters hacked Ticketmaster-Live Nation, stealing 1.3 terabytes of data from 560 million users, now for sale on the Darkweb. The stolen data includes personal and payment information. Users risk spam and phishing attacks. We recommend using 2FA and monitoring your data.

Ransomware attack on Synnovis: London health services in crisisSevere disruption to pathology and diagnostic services in LondonA ransomware attack has hit Synnovis, a diagnostic services provider in London, disrupting clinical services at major NHS hospitals. The incident primarily impacted blood transfusions and caused postponements of scheduled appointments.

Google cloud error wipes out $135 billion in accountsImplications and countermeasures of a Google cloud configuration errorRecently Google Cloud accidentally deleted the account of the UniSuper pension fund, which manages $135 billion, due to human error. UniSuper had to restore the data with external backups. Google has improved security systems to prevent future incidents.

DDoS attacks and legal challenges test the Internet ArchiveThe technical and legal challenges faced by the Internet Archive: between cybersecurity and copyright battlesThe Internet Archive is under DDoS attack, causing disruptions to services such as the Wayback Machine. Despite the disruptions, the data is safe. The attacks come at a critical time for the organization, which is already embroiled in legal disputes over alleged copyright violations.

Microsoft services crisis: causes, impacts and recovery strategiesRecent technical issues trigger a reliability and continuity crisis for essential Microsoft servicesRecent technical issues have affected Microsoft services like Bing and ChatGPT, causing significant outages. The cause may be a network or configuration error. Microsoft is working to resolve and improve the resilience of services, also involving third parties such as DuckDuckGo.

Google vs. Microsoft: cybersecurity battle intensifiesCompetition between giants: Google denounces Microsoft's vulnerabilities and proposes Workspace as a more secure solutionGoogle criticized Microsoft's security after a hack, promoting its own Workspace as an alternative. It also launched aggressive offers to attract customers. Microsoft responded with the "Secure Future" initiative to improve security and regain trust.

LockBit: infiltration into the systems of the University of SienaAn overview of the cyber attack on the University of Siena and the implications for academic securityLockBit attacked the University of Siena, compromising sensitive data and threatening to disclose it if their demands are not met. This highlights the need to improve cybersecurity, especially in academic institutions that handle valuable data.

Severe cyber attack on WebTPA exposes sensitive data of millions of usersThe incident puts the privacy and security of millions of people, including customers and business partners, at riskA data breach hit WebTPA, exposing the personal information of 2.4 million people. The company is working to resolve the issue and offers credit monitoring services. Victims should check their finances and update passwords for safety.

Black Basta hits Synlab: analysis of the attack and cybersecurity lessons for the healthcare sectorCyber defense strategies: how to protect healthcare infrastructures from ransomwareA hacker group called Black Basta stole and published health data from Synlab, a large medical company in Italy. Using ransomware and phishing, they have caused serious risks to patients. Synlab has decided not to pay ransoms and is notifying affected patients.

Leak of sensitive data from Europol according to hacker claimsArtificial intelligence and preventive measures at the center of the cybersecurity debateA hacker hacked Europol data and put it up for sale on an online forum. Confidential data was exposed, including employee personal details and internal documents.

Large-scale data leak for Dell: impacts and responsesData of 49 million users exposed: IT security and privacy concernsDell suffered a cyber attack that exposed the data of 49 million customers, including names and addresses. The information was sold online. Dell advises customers to be vigilant for suspicious activity.

BogusBazaar: millions stolen through fraudulent e-commerceDeciphered the system of large-scale scams, with the use of advanced technologies for theft of financial dataThe article describes the case of "BogusBazaar", a network of 75,000 fake online shops that defrauded via sites that stole credit card data, with ongoing investigations and advice to avoid similar frauds.

Make it critical in Dropbox's e-signature serviceViolation of the electronic signature system exposes sensitive dataDropbox suffered a security breach that exposed sensitive user data of its Dropbox Sign service, including emails, phone numbers and passwords. Measures have been taken to mitigate the problem.

Massive data theft in Argentina: millions of driving licenses compromisedLarge-scale data breach shakes Argentina: privacy and national security at riskA hacker breached Argentina's driving license database, exposing data on 5.7 million citizens, including senior officials. He demands a ransom to return the data, highlighting serious flaws in the country's cybersecurity.

The complexity of the fight against digital piracy in ItalyTechnical and legal challenges in blocking online piracy using IP and CDN filtering systems in ItalyThe article discusses the technical and legal issues of the Piracy Shield anti-piracy tool, highlighting how blocking CDN IPs can limit access to legitimate content. It offers more precise filtering methodologies.

Hacker attack impacts Microsoft and US federal agenciesNational security implications and strategic responses to credential theftHackers linked to Russia stole Microsoft credentials, risking the security of US agencies. CISA called for immediate action. The attack is linked to the Midnight Blizzard group. Analysis underway to mitigate damage.

Preventing phishing attacks: crucial insight from the LastPass teamAn attentive employee averts an advanced phishing attempt through vigilance and alertnessLastPass employee foiled a phishing attack that used an audio deepfake of the CEO. Caution and critical thinking are essential against cyber fraud and the use of deepfakes.

iPhone security alert: new spyware foundApple tightens security measures for iPhone usersApple has warned iPhone users in 92 countries about spyware attacks that try to compromise devices remotely. They recommend keeping iOS up to date, using Lockdown Mode, and offer support through Amnesty International.

Security alert for gamers: cyberattacks on Activision platformsActivision players in the crosshairs: the alert is growing for infiltration and data theft through third-party softwareRecently, Activision gamers have been victims of hackers through malware spread via third-party software, such as game cheats. Breaches include credential theft and cryptocurrency. Activision supports the victims and says its servers are safe.

Piracy Shields code revealed: amidst criticism and vulnerabilityPiracy Shields cybersecurity under attack reveals critical issues and sparks debate about web censorshipPiracy Shields, Agcom's anti-piracy tool, has been hacked and its source code published on GitHub. This raises controversy about censorship and security. Radical measures required to protect users.

Significant transaction on Tornado Cash after cyber attackMarket dynamics and security: current evolution in cryptocurrencies and online gamblingThe article discusses a major Ethereum transfer to Tornado Cash after a hack, raising security questions. He also talks about the success of the innovative Scorpion Casino in the world of online gambling and calls for greater security and transparency in the cryptocurrency industry.

Security alert: hacker attack on Discord botsAn in-depth analysis of vulnerabilities and countermeasures in the context of cyber attackRecently, a popular Discord bot portal suffered a hacker attack that put users' security at risk by injecting malicious code into the bots. The platform reacted quickly to protect users and improve security.

Firebase: 19 million credentials exposed due to a simple errorA large-scale misconfiguration puts the personal information of millions of users at riskA breach in Firebase exposed 19 million passwords and 125 million sensitive data. Analyzing over 5 million domains, 916 vulnerable platforms were found with 223 million records at risk. Only 1% of the companies contacted responded. The urgency of improving security measures is highlighted.

Cybersecurity challenges and strategies: the CISA case and vulnerability managementVulnerabilities, updates and training: key components in the fight against cyber attacksThe article discusses the importance of proactive cybersecurity management, highlighted by an attack on CISA due to outdated Ivanti systems. It highlights the need for timely updates, staff training and constant monitoring.

Cyber intrusion by a russian group: Microsoft in the crosshairsSecurity compromised: Microsoft faces attack from notorious russian cybercrime cellMicrosoft has been hit by a cyberattack from Midnight Blizzard, linked to Russia. Hackers have access to source code and company data, but without compromising customer services. Microsoft is notifying affected customers and taking security measures.

Cyber-attack hits the iconic Duvel MoortgatNightly barrage of cyberattacks brings the Belgian brewing giant to its knees, taking radical cybersecurity measuresDuvel Moortgat has been hit by a cyber attack, causing production to be suspended. The attack was claimed by Stormous. The company is working to resume operations and prevent future attacks, highlighting the importance of cybersecurity.

Mogilevich's double game in the shadow of Epic GamesThe veil is lifted on Epic Games' data hoaxA group called Mogilevich simulated a ransomware attack against Epic Games, pretending to have stolen data. In reality, they wanted to scam other hackers, not Epic Games.

Lazarus: sophisticated battle exploits zero-day security flaw in WindowsAnalysis and response to critical vulnerability revealed in WindowsThe Lazarus hacker group exploited a zero-day vulnerability in Windows to carry out attacks. Microsoft has released a patch to fix the problem. Experts recommend updates and vigilance for IT security.

Cyberespionage revealed: China's extended digital surveillanceMassive digital surveillance and influencing operation operated by Chinese entities discoveredA leak has revealed that China uses sophisticated surveillance and propaganda methods against dissidents, spending heavily to spread false information and spy via malware.

LockBit's response to FBI actionsLockBit's technological revenge: post-attack updates and awarenessThe LockBit organization, after being attacked, reveals that it had a security flaw due to an outdated version of PHP and urges systems to be updated.

LockBit's tenacious activity despite global investigationsChallenges and countermeasures in the war against the LockBit cyber criminal groupLockBit, a cybercriminal group, continues to launch attacks despite international legal action. Security specialists have discovered new vulnerabilities exploited by the group and Trend Micro analyzes an advanced version of their malware.

New series of DDoS attacks hit Italian IT infrastructuresCyber attacks persist: CNS and main infrastructures targeted by hacktivistsThe hacktivists of NoName057(16) hit Italian services such as CNS, airports and transport with DDoS attacks. Anonymous Italia reacts with "deface" to the sites. Hacktivists act for ideals, but take legal risks.

Ransomware paralyzes over 100 hospitals in RomaniaImpact of the cyberattack on the national healthcare system and actions takenA ransomware attack hit the Hipocrate platform in Romania, paralyzing over 100 hospitals. The criminals demanded a ransom of 3.5 BTC (~$100,000). Authorities recommend not paying and isolating infected systems.

Data integrity compromised in known VPNSecurity and data privacy implications of vulnerabilities in ExpressVPNA flaw in ExpressVPN's software caused user data to be leaked. The vulnerability was promptly patched and the company reaffirmed its commitment to privacy. The incident highlights the importance of security in VPNs.

National security breached: chinese hackers infiltrate Dutch MODThe cyber incursion undermines the integrity of Dutch systems and raises global security issuesChinese hackers used malware called "Coathanger" to infiltrate Dutch Ministry of Defense systems through Fortinet devices, but the attack was limited.

California state worker union data breachSuspected unauthorized access to confidential SEIU member dataThe state workers union SEIU Local 1000 in California was hit by a ransomware attack that potentially exposed sensitive data of approximately 96,000 workers. The attack was attributed to the LockBit 3.0 group.

Cyber attack on Cloudflare by alleged state APTEmergency intervention and investigation into the operations of an APT against the network security giantCloudflare suffered an advanced cyberattack that breached its Atlassian systems, resulting in the theft of documents and source code. They responded by replacing credentials and isolating systems.

Security incident for AnyDesk softwareStrengthened security and preventative actions following the AnyDesk cyber breachRemote desktop service AnyDesk suffered a cyber attack following an internal audit. The company is taking action with security measures, such as certificate cancellation and replacement, and advises users to change passwords and update software.

CERT-UA alert: PurpleFox outbreak in UkraineUnder attack: measures to combat PurpleFox's infiltration into UkraineThe Ukrainian CERT-UA has detected a wide spread of PurpleFox malware, recommending updating systems and using antivirus to identify and remove the virus.

Critical vulnerability for Mercedes-Benz: GitHub token exposureInadvertent exposure of a company token puts Mercedes-Benz's IT security to the testMercedes-Benz faced a data leak because an employee exposed a GitHub token, allowing access to important source code. The company responded by revoking the token and strengthening security measures.

HP Enterprise data breach: Nobelium investigatedIn-depth analysis of the recent cyber attack on HP Enterprise and possible connections with past episodesHP Enterprise suffered a cyber attack where data was stolen from its emails, probably by Midnight Blizzard, a group linked to Russian intelligence. The connection with other similar attacks is being investigated.

Massive data exposure: global breach discoveredIncredible security incident: 26 billion data exposedA 12 terabyte database with 26 billion sensitive records has been exposed online. Researchers recommend strong passwords and multi-factor authentication to protect yourself.

Data leak: 71 million online credentials exposedThe serious security breach reveals the need for enhanced protective measures for usersA hacker has leaked 71 million user credentials online from major platforms such as Facebook and Roblox. The data includes emails and 25 million unencrypted passwords. We recommend using strong passwords and two-factor authentication.

Security alert: Ivanti Connect Secure VPN under attackIncrease in attacks on Ivanti VPN systems highlights critical issues in corporate cybersecurityTwo serious vulnerabilities, CVE-2023-46805 and CVE-2024-21887, affected Ivanti VPNs, with attacks starting in December 2023. It is estimated that there are over 18,000 devices at risk globally. Ivanti has provided safety guidelines.

Cybercrime in Ukraine: cryptojacking operation dismantledInternational operation against illegal cryptocurrency miningA 29-year-old man who illegally created a million virtual servers to generate cryptocurrencies, earning $2 million, has been arrested in Ukraine. Europol and local police worked together to stop him after reports of suspicious activity.

AsyncRAT: a large-scale cyber breachInfiltration and evasive strategies: the RAT that threatens digital securityAsyncRAT, a remote access tool for Windows, was used in a cyberattack to infiltrate and steal data from systems, targeting critical infrastructure in the US.