September 11, 2024 at 05:12PM North Korean hacker group Lazarus is using a phishing campaign to target Python developers, posing as recruiters and luring them with coding test projects for password management products containing malware. The VMConnect campaign was detected in 2023, and ReversingLabs reports that the malicious projects are hosted on GitHub. Job candidates … Read more
August 13, 2024 at 11:31AM Ivanti urged customers to patch critical authentication bypass vulnerability affecting Ivanti Virtual Traffic Manager (vTM) appliances. The flaw, tracked as CVE-2024-7593, allows remote unauthenticated attackers to create rogue administrator accounts. Ivanti advises restricting access to vTM management interface and upgrading to the latest patched versions to mitigate the risk. Key … Read more
July 17, 2024 at 04:45AM Pharmacy chain Rite Aid discloses a data breach involving 2.2 million people, with ransomware group threatening to leak stolen data. The breach, involving compromised credentials, occurred between June 6, 2017, and July 30, 2018. No Social Security or financial information was affected; affected individuals offered 12 months of free credit … Read more
July 3, 2024 at 02:11PM Australian authorities warn travelers about the risks of using public Wi-Fi, following the arrest of a man accused of setting up malicious networks to steal data during airline flights. The suspect was found with devices and evidence of similar activity at other airports. Travelers are advised to be cautious and … Read more
June 27, 2024 at 02:35PM TeamViewer disclosed a breach in its corporate IT environment due to an APT hacking group. They are working with global cybersecurity experts to investigate and address the irregularity. Although there’s no evidence of product or customer data compromise, the breach raises concerns due to TeamViewer’s extensive use in consumer and … Read more
May 8, 2024 at 05:33PM Ascension, a major U.S. nonprofit health system with 140 hospitals and 40 senior care facilities across 19 states and the District of Columbia, has detected a cybersecurity event, prompting the organization to advise business partners to suspend connections to its systems. The incident has disrupted clinical operations, and an investigation … Read more
April 18, 2024 at 11:00AM LastPass warns of a malicious campaign targeting users with the CryptoChameleon phishing kit, tied to cryptocurrency theft and combining social engineering tactics. The kit previously targeted FCC employees and cryptocurrency platforms, impersonating various services. LastPass discovered its inclusion in the phishing kit and urges vigilance against suspicious communications, advising not … Read more
April 17, 2024 at 03:31PM OpenMetadata’s open source metadata repository has been actively exploited since April, allowing threat actors to execute cyberattacks against unpatched Kubernetes clusters. Researchers identified five vulnerabilities affecting versions preceding v1.3.1. Cybercriminals are leveraging these vulnerabilities for cryptocurrency mining and may engage in further malicious activities. OpenMetadata administrators are urged to update … Read more
January 19, 2024 at 03:28PM Many Payoneer users in Argentina woke up to find their 2FA-protected accounts hacked, with funds stolen after receiving SMS OTP codes while sleeping. Suspected hacking methods include a potential Movistar data leak or a breached SMS provider. Payoneer has not provided specific answers but acknowledged the fraud and advised users … Read more
January 9, 2024 at 11:47AM Researchers from Cisco Talos and the Dutch police obtained a decryption tool for the Tortilla variant of Babuk ransomware, leading to the arrest of the operator. This variant emerged after the original malware leaked. The threat actor targeted Microsoft Exchange servers using ProxyShell exploits. Avast released a decrypter for Babuk … Read more