Recent Security News
-
Iranian cyberspies target US defense orgs with a brand new backdoor
December 23, 2023 at 07:54AM Iranian cyberspies, identified as Peach Sandstrom by Microsoft, are targeting defense industrial base organizations with a new backdoor called FalseFont. APT33, which Mandiant tracks as Iran-backed, engages in strategic cyberespionage against organizations in the US, Saudi Arabia, and South Korea. Additionally, 443 online shops have been compromised by cyber crooks…
-
Mint Mobile discloses new data breach exposing customer data
December 22, 2023 at 08:35PM Mint Mobile, a subsidiary of T-Mobile, has confirmed a data breach exposing customer information. The breach notification assured customers that credit card numbers and passwords were not affected, but disclosed that names, phone numbers, email addresses, and other account details were compromised. The company has resolved the breach and is…
-
Cisco Bets Big on Multicloud Security With Isovalent Deal
December 22, 2023 at 03:43PM Cisco is closing a busy year of acquisitions with a new deal to enhance multicloud networking and security capabilities, announcing its intention to acquire cloud-native security and networking startup, Isovalent. The acquisition will build on Cisco’s “Security Cloud” platform and plans to continue offering and building on open source projects.…
-
Ransomware Attackers Abuse Multiple Windows CLFS Driver Zero-Days
December 22, 2023 at 03:14PM Attackers have exploited five vulnerabilities, including four zero-days, in a sensitive Windows kernel-level driver, exposing a systemic issue in Windows CLFS. The high-performance logging system, favored by hackers for low-level system privileges, suffers from design flaws, leading to a series of easily exploited bugs. Without redesign, it poses ongoing security…
-
Ubisoft says it’s investigating reports of a new security breach
December 22, 2023 at 01:18PM French video game publisher Ubisoft is investigating a potential breach after images of its internal software and developer tools were leaked online. Security research collective VX-Underground shared screenshots suggesting unauthorized access to Ubisoft’s internal services. The threat actor claimed to have accessed various platforms and attempted to steal user data…