Recent Security News
-
The Week in Ransomware – January 12th 2024 – Targeting homeowners’ data
January 12, 2024 at 05:13PM Ransomware gangs are targeting mortgage lenders, with recent attacks on loanDepot, Mr. Cooper, and title insurance companies. The Toronto Zoo and Tigo Business were also hit. In a positive turn, a Dutch police operation led to the arrest of a ransomware operator. The week also saw the discovery of new…
-
Hyundai MEA X Account Hacked, Followed by Crypto Promotion
January 12, 2024 at 04:05PM Hyundai MEA’s social media account was briefly taken over to distribute cryptocurrency promotions, with the account impersonating a role-playing game backed by Binance’s venture capital arm. The takeover resulted in changed text and images, promoting registration for cryptocurrency offers. Hyundai MEA regained control and removed the offending posts. Netgear and…
-
Cybersecurity Incidents Consistently Increase in UAE
January 12, 2024 at 03:31PM A recent study by Kaspersky reveals that 87% of UAE-based businesses have encountered cybersecurity incidents over the past two years, with 25% attributed to staff malice. Malicious insider threats are deemed particularly dangerous by experts, presenting a growing concern for businesses. Furthermore, many companies in the region lack adequate defense…
-
Exploit for under-siege SharePoint vuln reportedly in hands of ransomware crew
January 12, 2024 at 02:49PM Security experts have warned about a ransomware group exploiting a critical Microsoft SharePoint vulnerability, CVE-2023-29357, which can lead to remote code execution. This vulnerability was added to the US’s must-patch list, giving agencies three weeks to patch it. The exploit chain has been a concern, and patching is crucial to…
-
CISA: Critical Microsoft SharePoint bug now actively exploited
January 12, 2024 at 02:47PM CISA warned of active exploitation of critical Microsoft SharePoint vulnerabilities, including CVE-2023-29357, which allows attackers to gain admin privileges using spoofed JWT tokens. When chained with another bug, remote code execution is possible. These exploits have gained attention after a successful demo at the Pwn2Own contest, leading to the release…