Sites

Ascension: Health data of 5.6 million stolen in ransomware attack

14 14 new

Ascension, one of the largest private U.S. healthcare systems, is notifying over 5.6 million patients and employees that their personal and health data was stolen in a May cyberattack linked to the Black Basta ransomware operation.

#idx #cysec #News #infosec #security #healthcare #BleepingComputer

on Fri, 1PM

US charges Russian-Israeli as suspected LockBit ransomware coder

10 10 new

The US Department of Justice has charged a Russian-Israeli dual-national for his suspected role in developing malware and managing the infrastructure for the notorious LockBit ransomware group.

#cti #doj #News #cysec #lockbit #cybercrime #cybersecurity #rostislavpanev #BleepingComputer #cyberthreatintelligence

20h ago

Malicious Rspack, Vant packages published using stolen NPM tokens

9 9 new

Three popular npm packages, @rspack/core, @rspack/cli, and Vant, were compromised through stolen npm account tokens, allowing threat actors to publish malicious versions that installed cryptominers.

#News #cysec #rspack #ceptbiro #vantpackages #cybersecurity #stolennpmtokens #BleepingComputer #infosec #cryptocurrency

19h ago

Sophos Firewall vulnerable to critical remote code execution flaw

9 9 new

Sophos has addressed three vulnerabilities in its Sophos Firewall product that could allow remote unauthenticated threat actors to perform SQL injection, remote code execution, and gain privileged SSH access to devices.

#News #cysec #infosec #BleepingComputer #security

22h ago

LiteSpeed Cache bug exposes 6 million WordPress sites to takeover attacks

9 9 new

Yet, another critical severity vulnerability has been discovered in LiteSpeed Cache, a caching plugin for speeding up user browsing in over 6 million WordPress sites.

#cysec #litespeed #wordpress #prattohome #cybersecurity #infosec #BleepingComputer #security

on Sep 5

Google says new scam protection feature in Chrome uses AI

8 8 new

Google is planning to use "AI" in Chrome to detect scams when you browse random web pages.

#News #cysec #infosec #BleepingComputer #google #software

16h ago

Russian military hackers linked to critical infrastructure attacks

8 8 new

The United States and its allies have linked a group of Russian hackers (tracked as Cadet Blizzard and Ember Bear) behind global critical infrastructure attacks to Unit 29155 of Russia's Main Directorate of the General Staff of the Armed Forces (also known as GRU).

#cysec #infosec #StopPutin #sendthef16s #ArmUkraineNow #BleepingComputer #security

on Sep 5

Krispy Kreme breach, data theft claimed by Play ransomware gang

7 7 new

The Play ransomware gang has claimed responsibility for a cyberattack that impacted the business operations of the U.S. doughnut chain Krispy Kreme in November.

#cysec #infosec #BleepingComputer #security

on Fri, 2PM

Microsoft removes revenge porn from Bing search using new tool

7 7 new

Microsoft announced today that it has partnered with StopNCII to proactively remove harmful intimate images and videos from Bing using digital hashes people create from their sensitive media.

#cysec #infosec #prattohome #security #Technology #BleepingComputer #artificialintelligence

on Sep 5

From thehackernews.com

Veeam Releases Security Updates to Fix 18 Flaws, Including 5 Critical Issues

7 7 new

Veeam releases updates fixing 18 security flaws, including critical remote code execution vulnerabilities. Users urged to update software to prevent p

#it #cysec #privacy #hackernews #News #infosec #cybersecurity

on Sep 5

Sophos discloses critical Firewall remote code execution flaw

6 6 new

#News #cysec #infosec #BleepingComputer #security

11h ago

Google Chrome uses AI to analyze pages in new scam detection feature

6 6 new

Google is using artificial intelligence to power a new Chrome scam protection feature that analyzes brands and the intent of pages as you browse the web.

#News #cysec #infosec #BleepingComputer #google #software

11h ago

Judge rules NSO Group is liable for spyware hacks targeting 1,400 WhatsApp user devices

6 6 new

The precedent-setting ruling from a Northern California federal judge could lead to massive damages against NSO Group, whose notorious spyware has been reportedly used by various governments worldwide.

#NSO #News #Pegasus #hacking #infosec #malware #security #Technology #cybersecurity #privacy

12h ago

Apache fixes critical OFBiz remote code execution vulnerability

6 6 new

Apache has fixed a critical security vulnerability in its open-source OFBiz (Open For Business) software, which could allow attackers to execute arbitrary code on vulnerable Linux and Windows servers.

#cysec #infosec #BleepingComputer #security

on Sep 5

LockBit Ransomware Developer Arrested in Israel

5 5

Dual Russian-Israeli national Rostislav Panev was arrested last August and is facing extradition to the US for playing a critical role in LockBit's RaaS activities, dating back to the ransomware gang's origins.

#cysec #infosec #Technology #darkreading

18h ago

From hackaday.com

Hackaday Podcast Episode 301: Hacking NVMe Into Raspberry Pi, Lighting LEDs With Microwaves, And How To Keep Your Fingers

5 5

Twas the week before Christmas when Elliot and Dan sat down to unwrap a pre-holiday bundle of hacks. We kicked things off in a seasonally appropriate way with a PCB Christmas card that harvests pow…

#nvme #hacking #infosec #podcast #ceptbiro #hackaday #projects #security #microwaves #raspberrypi

19h ago

TP-Link Router Ban Is Mostly About Politics

4 4

While a number of threat groups have used TP-Link bugs to infiltrate networks, a proposed ban of the company's popular routers is more about geopolitics than actual cybersecurity — and that may not be a bad thing.

#USpol #cysec #infosec #darkreading

19h ago

From 404media.co

Behind the Blog: Posting Through It

4 4

This is Behind the Blog, where we share our behind-the-scenes thoughts about how a few of our top stories of the week came together. This week, we discuss our top games of the year, air traffic control, and posting through it.

#News #hacking #infosec #privacy #security #Technology #cybersecurity

20h ago

Ukraine’s state registers hit with one of Russia’s largest cyberattacks, officials say

4 4

Ukraine's state registers — which store multiple types of official records — were disrupted by a major cyberattack that officials suspect was Russian in origin.

#News #hacking #infosec #privacy #security #Technology #cybersecurity

on Fri, 2PM

From thehackernews.com

Apache OFBiz Update Fixes High-Severity Flaw Leading to Remote Code Execution

4 4

Apache OFBiz vulnerability CVE-2024-45195 patched, preventing unauthenticated remote code execution on Linux and Windows.

#News #cysec #privacy #hackernews #infosec #cybersecurity

on Sep 6

Nearly 6 million people were impacted by ransomware attack on Ascension Health

3 3

A cyberattack against the massive health system in May had an even larger impact than previous reported, leading to the exposure of sensitive information belonging to millions of people.

#News #hacking #infosec #privacy #security #Technology #cybersecurity

17h ago

From engadget.com

The US Consumer Financial Protection Bureau sues Zelle and four of its partner banks

3 3

The government agency sued Zelle’s operating company and four of its partner banks (JPMorgan Chase, Bank Of America and Wells Fargo). The CFPB says the service hasn’t done enough to protect consumers from fraud.

#infosec #cybersecurity

19h ago

Romanian Netwalker ransomware affiliate sentenced to 20 years in US prison

3 3

Daniel Christian Hulea admitted to earning up to $21.5 million from attacks carried out by Netwalker, a group known for targeting the healthcare sector during the COVID-19 pandemic.

#News #hacking #infosec #privacy #security #Technology #cybersecurity

20h ago

From gizmodo.com

Feds Warn SMS Authentication Is Unsafe After ‘Worst Hack in Our Nation’s History’

3 15

Even the U.S. government is telling Americans to use encrypted apps.

#2fa #sms #Hack #News #tech #China #infosec #privacy #Technology #security

20h ago

US unseals complaint against Russian-Israeli accused of working for LockBit

3 3

Rostislav Panev is facing 40 counts for allegedly working for the cybercrime group as a software developer from 2019 up until February 2024 — the same month that law enforcement disrupted the LockBit scheme by seizing its darknet website and infrastructure.

#News #hacking #infosec #privacy #security #Technology #cybersecurity

21h ago

Massive live sports piracy ring with 812 million yearly visits taken offline

3 10

The Alliance for Creativity and Entertainment (ACE) has taken down one of the world's largest live sports streaming piracy rings, with over 821 million visits last year.

#News #crime #piracy #sports #ceptbiro #security #Streaming #livesports #cybersecurity #BleepingComputer

on Fri, 12PM

From techcrunch.com

Bluesky adds mentions tab in the notifications screen and username squatting protection | TechCrunch

3 10

Social network Bluesky has released a new update to its app that includes a separate mentions tab in notifications, protections against username

#AI #bluesky #infosec #cybersecurity

on Fri, 11AM

BeyondTrust says hackers breached Remote Support SaaS instances

3 11

Privileged access management company BeyondTrust suffered a cyberattack in early December after threat actors breached some of its Remote Support SaaS instances.

#News #saas #infosec #databreach #beyondtrust #cybersecurity #remotesupport #BleepingComputer

on Thu, 3PM

Russian hackers use RDP proxies to steal data in MiTM attacks

3 14

The Russian hacking group tracked as APT29 (aka "Midnight Blizzard") is using a network of 193 remote desktop protocol proxy servers to perform man-in-the-middle (MiTM) attacks to steal data and credentials and to install malicious payloads.

#rdp #News #mitm #Russia #infosec #cybersecurity #BleepingComputer

on Wed, 11PM

From thehackernews.com

Critical Security Flaw Found in LiteSpeed Cache Plugin for WordPress

3 3

WordPress LiteSpeed Cache plugin vulnerability could allow unauthenticated account takeover. Update now to fix the issue.

#it #News #cysec #infosec #hackernews #cybersecurity

on Sep 6

#cysec #infosec #research #cyberwire #cybersecurity

Quishing for trouble.

2 2

Adam Khan, VP of Security Operations at Barracuda, joins to discuss his team's work on "The evolving use of QR codes in phishing attacks." Cybercriminals are evolving phishing tactics by embedding QR codes, or “quishing,” into PDF documents attached to emails, tricking recipients into scanning...

7h ago

CISA issues security guidance for highly targeted individuals amid Salt Typhoon hacks.

2 2

Biden Administration moves to ban China Telecom from US networks. US considers a ban on Chinese-made TP-Link routers. Threat actors stole $2.2 billion worth of cryptocurrency in 2024.

#News #cysec #infosec #cyberwire #cybersecurity

8h ago

From cybersecuritynews.com

Authorities Arrested LockBit Ransomware Developer & Team Core Member

2 2

U.S. authorities have unveiled charges against Rostislav Panev, a dual Russian-Israeli national, for his alleged role as a key developer of the notorious LockBit ransomware group. Panev, 51, was arrested in Israel in August and is currently awaiting extradition to the United States.

#infosec #lockbit #ceptbiro #security #cybernews #developer #Authorities #cyberattack #teamcoremember #CyberSecurityNews

10h ago

Ukraine’s fight to restore critical data.

2 2

Russian hackers attack Ukraine’s state registers. NotLockBit is a new ransomware strain targeting macOS and Windows. Sophos discloses three critical vulnerabilities in its Firewall product. The BadBox botnet infects over 190,000 Android devices. BeyondTrust patches two critical vulnerabilities....

#News #cysec #infosec #cyberwire #cybersecurity

16h ago

From digitalitnews.com

2025 AI Predictions: What the Experts Have to Say

2 2

It’s that time of year again! Dive into this article to explore expert AI predictions and gain valuable insights to guide your 2025 business decisions.

#AI #infosec #cybersecurity #artificialintelligence

16h ago

How to Protect Your Environment from the NTLM Vulnerability

2 2

This Tech Tip outlines what enterprise defenders need to do to protect their enterprise environment from the new NTLM vulnerability.

#cysec #infosec #darkreading

18h ago

Threat actors stole $2.2 billion worth of cryptocurrency in 2024.

2 2

Hacker leaks data allegedly stolen from Cisco. Mirai botnet operators are targeting Juniper Networks routers using default passwords. Raccoon Infostealer operator sentenced to 60 months in prison.

#News #cysec #infosec #cyberwire #cybersecurity

19h ago

From malwarebytes.com

Our Santa wishlist: Stronger identity security for kids

2 2

The personal information of children is leaked by trusted institutions which can lead to identity fraud and identity theft

#santa #hacking #infosec #children #security #education #Technology #IdentityTheft #cybersecurity #identityfraud

20h ago

From youtube.com

- YouTube

2 2

Bekijk je favoriete video's, luister naar de muziek die je leuk vindt, upload originele content en deel alles met vrienden, familie en anderen op YouTube.

#ITSec #infosec #demoscene

20h ago

How Nation-State Cybercriminals Are Targeting the Enterprise

2 2

Combating nation-state threat actors at the enterprise level requires more than just cyber readiness and investment — it calls for a collaborative effort.

#cysec #infosec #darkreading

21h ago

From sophos.com

Cybersecurity as a Service Delivered | Sophos

2 2

We Deliver Superior Cybersecurity Outcomes for Real-World Organizations Worldwide with a Broad Portfolio of Advanced Security Products and Services.

#cve #sophos #firewall #vulnerability #infosec #cybersecurity

22h ago

Managing Threats When Most of the Security Team Is Out of the Office

2 2

During holidays and slow weeks, teams thin out and attackers move in. Here are strategies to bridge gaps, stay vigilant, and keep systems secure during those lulls.

#cysec #infosec #darkreading

23h ago

From forbes.com

Google App To Delete All iOS Passwords In 1 Click—But Why?

2 2

The latest experimental version of the Chrome iOS app has code to delete all passwords in one click—but why? Here’s what you need to know.

#infosec

23h ago

From infosecurity-magazine.com

LockBit Admins Tease a New Ransomware Version

2 2

The LockBitSupp persona said LockBit 4.0 will be launched in February 2025

#infosec #Ransomware #cybersecurity

on Fri, 2PM

From malwarebytes.com

'Fix It' social-engineering scheme impersonates several brands

2 2

Criminals are luring victims looking to download software and tricking them into running a malicious command.

#News #hacking #infosec #malware #privacy #clickfix #security #Technology #cloudflare #cybercrime

on Fri, 2PM

From securelist.com

Kaspersky discovers C++ version of BellaCiao malware

2 4

While investigating an incident involving the BellaCiao .NET malware, Kaspersky researchers discovered a C++ version they dubbed "BellaCPP".

#cti #ioc #Iran #irgc #apt35 #apt42 #malware #threatintel #mintsandstorm #charmingkitten

on Fri, 12PM

Bipartisan bills to protect car owners’ privacy introduced in House and Senate

2 5

The Auto Data Privacy and Autonomy Act would require automakers to create opt-in mechanisms for vehicle data collection and would bar manufacturers from sharing, selling or leasing customer data without explicit consent

#infosec #privacy #cybersecurity

on Thu, 10PM