ASEC Blog publishes Ransom & Dark Web Issues Week 2, January 2025 Anonymous Sudan announces return as a new hacktivist group New ransomware gang Morpheus Data from South Korean ICT prototype...
This report comprehensively covers actual cyber threats and security issues that have occurred in the financial industry in South Korea and abroad. This includes the analysis of malware and...
Overview AhnLab SEcurity intelligence Center (ASEC) posts information about malware distributed through phishing emails on a weekly basis on the ASEC Blog under the title “Weekly Phishing Email...
Russian internet service provider Nodex confirmed on Tuesday that its network was "destroyed" in a cyberattack claimed by Ukrainian hacktivists part of the Ukrainian Cyber Alliance [...]
SonicWall is emailing customers urging them to upgrade their firewall's SonicOS firmware to patch an authentication bypass vulnerability in SSL VPN and SSH management that is "susceptible to...
Ivanti disclosed two vulnerabilities in its Connect Secure, Policy Secure and Neurons for ZTA gateway devices, including one flaw that was exploited in the wild as a zero-day.BackgroundOn January...
The Bain Capital-owned edtech giant says hackers accessed its customer support portal using a "compromised credential." © 2024 TechCrunch. All rights reserved. For personal use only.
Fortinet uncovers a new PayPal phishing scam exploiting legitimate platform features. Learn how this sophisticated attack works and how to protect yourself from falling victim.
A new PayPal phishing scam used genuine money requests, bypassing security checks to deceive recipients
Written by: John Wolfram, Josh Murchie, Matt Lin, Daniel Ainsworth, Robert Wallace, Dimiter Andonov, Dhanesh Kizhakkinan, Jacob Thompson Note: This is a developing campaign under active analysis...
Hackers are trying to exploit CVE-2024-52875, a critical CRLF injection vulnerability that leads to 1-click remote code execution (RCE) attacks in GFI KerioControl firewall product. [...]
The EU court said the bloc's executive authority violated a citizen's rights by transferring some of his personal data to the U.S. without proper safeguards. © 2024 TechCrunch. All rights...
The U.S. Federal Communications Commission (FCC) has urged the adoption of rules to enable a spectrum auction, aiming... The post FCC pushes spectrum auction to oust Huawei, ZTE gear amid rising...
A critical Microsoft Windows Lightweight Directory Access Protocol (LDAP) vulnerability has been discovered, identified as CVE-2024-49112. The flaw has a CVSS severity score of 9.8, representing a...
ICAO said that a previously reported data breach involved "approximately 42,000 recruitment application data records from April 2016 to July 2024."
Over 4,000 abandoned but still active web backdoors were hijacked and their communication infrastructure sinkholed after researchers registered expired domains used for commanding them. [...]
Medusind, a leading billing provider for healthcare organizations, is notifying hundreds of thousands of individuals of a data breach that exposed their personal and health information more than...
SUMMARY Cybersecurity researchers at Group-IB have discovered a sophisticated refund scam where scammers are using remote access tools…
Electronics firm Casio revealed that ransomware attackers have leaked the personal data of employees, customers and business partners
The Japanese electronics giant says it did not negotiate with the hackers responsible for the attack. © 2024 TechCrunch. All rights reserved. For personal use only.
A newly identified Mirai botnet exploits over 20 vulnerabilities, including zero-days, in industrial routers and smart home devices
Phishing is a form of social engineering where attackers try to get you to reveal your sensitive information through malicious links, SMS, QR codes, and more. Here's how to protect yourself in...
American football team Green Bay Packers says cybercriminals stole the credit card data of over 8,500 customers after hacking its official Pro Shop online retail store in a September breach. [...]
Initial Access Brokers (IABs) are specialized cybercriminals that break into corporate networks and sell stolen access to other attackers. Learn from Specops Software about how IABs operate and...
Millions of email servers worldwide remain alarmingly vulnerable to cyberattacks due to a critical security oversight: the absence of Transport Layer Security (TLS) encryption.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three flaws impacting Mitel MiCollab and Oracle WebLogic Server to its Known Exploited Vulnerabilities (KEV)...
Group-IB has observed scammers impersonating government officials to trick disaffected consumers into divulging card details
ICAO says compromised data includes job applicants' names, email addresses and employment history © 2024 TechCrunch. All rights reserved. For personal use only.
Critical security vulnerabilities have been found in Moxa cellular routers and network security appliances. Learn about CVE-2024-9138 &…
The United Nations' International Civil Aviation Organization (ICAO) has confirmed that a threat actor has stolen approximately 42,000 records after hacking into its recruitment database. [...]