Recent Security News
-
Subway’s data torpedoed by LockBit, ransomware gang claims
January 22, 2024 at 09:08AM LockBit ransomware gang claims to have breached Subway’s database, accessing sensitive financial data. Subway has yet to respond publicly but is investigating the allegations. LockBit demands Subway to protect the data or face a potential sale to competitors. The ransomware gang may seek tens of millions of dollars, and Subway’s…
-
Hackers start exploiting critical Atlassian Confluence RCE flaw
January 22, 2024 at 08:45AM Security researchers detect exploitation attempts for the critical CVE-2023-22527 vulnerability affecting older Atlassian Confluence servers, potentially exposing them to remote code execution. Atlassian provides fixes for affected versions and reports multiple attempts to exploit the flaw, mainly from Russian IP addresses. Server administrators are advised to update to a secure…
-
Owner of Cybercrime Website BreachForums Sentenced to Supervised Release
January 22, 2024 at 07:18AM Owner of cybercrime website BreachForums, Conor Brian Fitzpatrick, is sentenced to time served and 20 years supervised release for conspiracy to commit device fraud, access device fraud, and possession of child pornography. Despite a recommendation of 188 months in prison, he’ll serve first 2 years under home arrest, with restrictions…
-
52% of Serious Vulnerabilities We Find are Related to Windows 10
January 22, 2024 at 07:18AM Orange Cyberdefense analyzed 2.5 million vulnerabilities in their customer’s assets. The Security Navigator 2024 report details 129,395 incidents and 25,076 breaches, offering insights into digital threats and trends. The majority of findings are rated ‘High’ or ‘Medium’, with some remaining unresolved for over 150 days. Download the report for in-depth…
-
NS-STEALER Uses Discord Bots to Exfiltrate Your Secrets from Popular Browsers
January 22, 2024 at 07:18AM Cybersecurity researchers have uncovered a new Java-based information stealer, NS-STEALER, which uses a Discord bot to extract sensitive data from compromised systems. The malware disguises itself as cracked software within ZIP archives and exfiltrates data to a Discord Bot channel. The threat actors behind the Chaes malware have released an…