May 2, 2024 at 09:49AM Former cybersecurity consultant Vincent Cannady, 57, was arrested for allegedly extorting a New York-based IT company. After being terminated, he reportedly used company resources to steal confidential data and demanded $1.5 million, threatening to expose the information. The Department of Justice is pursuing charges that could result in a 20-year … Read more
April 30, 2024 at 02:35PM Google has increased rewards for reporting remote code execution vulnerabilities in select Android apps, now offering up to $450,000. The company aims to focus on flaws leading to data theft, paying $75,000 for such exploits. The changes to the Mobile Vulnerability Rewards Program also include bonuses for exceptional quality reports … Read more
April 30, 2024 at 12:49PM A new Android malware named ‘Wpeeper’ was discovered in unofficial app stores, utilizing compromised WordPress sites as relay points for its command and control servers. The malware, discovered by QAX’s XLab team, had zero detections on Virus Total and infected thousands of devices. It features sophisticated C2 communication and 13 … Read more
April 22, 2024 at 09:21PM Russian spies have leveraged a Windows print spooler vulnerability to deploy GooseEgg, a custom tool, for stealing credentials and elevating privileges in compromised networks. Microsoft’s threat intelligence team revealed exploitation involving the Forest Blizzard group, linked to Russian intelligence. Microsoft patched the vulnerability in October 2022 and provided recommendations for … Read more
April 18, 2024 at 10:14AM A ransomware attack on Michigan-based Cherry Health led to the theft of sensitive data from nearly 185,000 individuals, including health and financial information. The healthcare organization immediately investigated the incident and notified affected individuals, offering 12-24 months of credit monitoring. The attack, similar to recent high-profile incidents, highlights the ongoing … Read more
April 16, 2024 at 10:36AM Russian cybersecurity company, Positive Technologies, revealed that the threat actor TA558 is using steganography to distribute various malware like Agent Tesla, FormBook, and LokiBot. Termed SteganoAmor, the attacks mainly target Latin American sectors but have also impacted companies in Russia, Romania, and Turkey. The group is also deploying Venom RAT … Read more
April 9, 2024 at 07:54AM After paying cybercriminals to prevent the release of stolen data from a ransomware attack, Change Healthcare is being extorted again by a different group, RansomHub. This comes after a previous incident involving the BlackCat ransomware gang. The repeated extortion highlights the risk of paying ransoms and the prevalence of cyber … Read more
April 8, 2024 at 02:12PM Home Depot confirmed a third-party vendor inadvertently exposed some employees’ personal details, including names and email addresses. The retailer’s disclosure follows a data dump by a crook on BreachForums. While the intrusion didn’t affect business operations or customer data, the stolen info could be used for credential theft. The same … Read more
April 1, 2024 at 02:40PM MarineMax, a major yacht retailer, experienced a cyberattack in March that led to the theft of employee and customer data. Although the company claimed not to store sensitive data, a recent filing revealed that personal information was indeed compromised. The attacker, identified as the Rhysida ransomware gang, is attempting to … Read more
April 1, 2024 at 10:52AM Harvard Pilgrim’s healthcare biz discloses a data breach affecting 2.9 million individuals. Personal data, including clinical information, was compromised. Credit monitoring and identity protection services are offered. Cisco faced critical vulnerabilities with potential denial of service attacks. A decade-old worm, TheMoon, resurfaces targeting end-of-life routers and IoT devices. Sellafield Ltd … Read more