Recent Security News
-
CISA Warns of Actively Exploited JetBrains TeamCity Vulnerability
March 8, 2024 at 02:09AM The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw in JetBrains TeamCity On-Premises software to its Known Exploited Vulnerabilities catalog due to active exploitation by threat actors. The vulnerability allows for complete server compromise and has been weaponized to deliver ransomware. Users are urged to…
-
Nigerian National Pleads Guilty of Conspiracy in BEC Operation
March 8, 2024 at 02:06AM Echefu, a Nigerian man involved in a business email compromise scheme, has pleaded guilty to conspiracy charges in the US. Alongside his co-conspirators from South Africa, he gained unauthorized access to email accounts to orchestrate wire fraud and money laundering. Echefu faces up to 20 years in prison and must…
-
‘The Weirdest Trend in Cybersecurity’: Nation-States Returning to USBs
March 7, 2024 at 04:26PM Nation-state cyber threat groups are using USBs to infiltrate government and critical infrastructure. Check Point’s Maya Horowitz highlighted USBs as the primary infection vector for major threats, including China’s Camaro Dragon and Russia’s Gamaredon. Instances of USB attacks at a power company and a UK hospital underscore the danger. Organizations…
-
Switzerland: Play ransomware leaked 65,000 government documents
March 7, 2024 at 03:32PM The NCSC of Switzerland reported a data breach at Xplain caused by a ransomware attack, impacting thousands of sensitive government files. The Swiss government confirmed 65,000 leaked documents, with the majority affecting the Federal Department of Justice and Police. An investigation is ongoing, with results and cybersecurity recommendations expected to…
-
Flipper Zero WiFi phishing attack can unlock and steal Tesla cars
March 7, 2024 at 02:49PM The Flipper Zero device, when used in a phishing attack, can compromise Tesla accounts and enable attackers to unlock and start cars. By creating a fake “Tesla Guest” WiFi network, the attacker tricks victims into inputting their Tesla account credentials, enabling them to add a new Phone Key and take…