November 15, 2023 at 01:36PM Researchers at Bitdefender have identified weaknesses in Google Workspace that could potentially lead to ransomware attacks, data exfiltration, and password decryption. These vulnerabilities could also be used to access Google Cloud Platform with custom permissions and propagate from one machine to another. Google has stated that these weaknesses are outside … Read more
November 15, 2023 at 12:51PM The FBI and CISA issued a warning about the Rhysida ransomware gang, which has been targeting organizations across various sectors. Rhysida gained notoriety after breaching the Chilean Army and targeting healthcare organizations. The advisory provides indicators of compromise and tactics used by Rhysida. The gang utilizes ransomware-as-a-service (RaaS) and exploits … Read more
November 14, 2023 at 01:45PM Britain’s cybersecurity agency has stated that artificial intelligence is a threat to the country’s next national election. The agency also highlighted the growing number of cyberattacks by hostile countries and their proxies, making it harder to track these attacks. The report emphasized the emergence of state-aligned actors as a new … Read more
November 14, 2023 at 09:27AM The Royal ransomware gang has targeted over 350 organizations worldwide, demanding over $275 million in ransom. The cybercriminals are potentially planning to rebrand their operation, according to the US cybersecurity agency CISA and the FBI. The gang has attacked entities in critical infrastructure, education, healthcare, and manufacturing sectors, demanding payments … Read more
November 10, 2023 at 11:23AM Hacktivists with pro-Iranian affiliations have falsely claimed the success of cyberattacks against Israel in its conflict with Hamas, according to Microsoft. The tech giant states that allegations of pre-planned cyberattacks by Iranian state-sponsored attackers timed with Hamas’ terror attack on October 7th are also untrue. Microsoft’s Threat Intelligence Center reports … Read more
November 8, 2023 at 06:39AM The FBI has warned about ransomware operators using third-party vendors and services to gain initial access to victim environments. Threat actors exploit vulnerabilities in vendor-controlled remote access and legitimate system management tools to elevate permissions in victim networks. The FBI urges organizations to take measures such as creating backups, reviewing … Read more
November 7, 2023 at 01:55PM Active cyberattacks targeting unpatched Atlassian Confluence Data Center and Server technology have increased the vulnerability’s CVSS score from 9.1 to 10, the most critical rating. All versions of Atlassian Confluence Data Center and Server are affected, except for cloud instances. The attacks exploit an improper authorization flaw, allowing unauthorized access … Read more
November 6, 2023 at 01:00PM QNAP has released security updates to address two critical vulnerabilities in its operating system. The first vulnerability, tracked as CVE-2023-23368, is a command injection bug affecting QTS, QuTS hero, and QuTScloud. The second vulnerability, CVE-2023-23369, is a command injection flaw in QTS, Multimedia Console, and Media Streaming add-on. Users are … Read more
November 3, 2023 at 05:10PM Ransomware attacks have been on the rise recently, with various organizations falling victim, including the Toronto Public Library, ACE Hardware, Mr. Cooper, and the British Library. In response, a coalition of 40 countries will pledge to stop paying ransom demands. Microsoft also commits to enhancing security through its ‘Secure Future’ … Read more
October 31, 2023 at 06:56PM Top White House officials are working to secure an agreement among nearly 50 countries to not pay ransoms to cybercriminals. This initiative is being discussed at the Counter Ransomware Initiative (CRI) summit in Washington DC. The summit also focuses on leveraging artificial intelligence to track cryptocurrency payments, enhancing information sharing, … Read more