Items tagged with cybersecurity
by
Ryan Whitwam - Mon, Apr 03, 2023
Storage heavyweight Western Digitial announced over the weekend that it has suffered a "network security incident," which is a less alarming way to say its systems have been hacked by unknown threat actors. The company says it is currently...
Read more...
by
Nathan Ord - Sat, Apr 01, 2023
No April Fools here; only April vulnerabilities abound with the popular WordPress addon Elementor, used by millions of websites worldwide. Adding insult to injury, threat actors are now exploiting this vulnerability to tweak settings and...
Read more...
by
Aaron Leong - Tue, Mar 21, 2023
Famed automaker Ferrari announced yesterday that the company suffered a data breach involving personal information of its clients, without any impact on its operations.
A hacker or hackers were recently able to gain access to the...
Read more...
by
Nathan Wasson - Tue, Feb 14, 2023
Mortal Kombat has a reputation for being brutal, but rather than exacting excessive violence on video game characters, unknown threat actors are brazenly brutalizing their victims’ finances in a Mortal Kombat-themed ransomware campaign...
Read more...
by
Nathan Wasson - Mon, Feb 13, 2023
Pepsi Bottling Ventures (PBV) has suffered a major data breach, with hackers making off with a trove of sensitive information. The company has begun notifying affected individuals of this incident, but the details remain sparse. According...
Read more...
by
Nathan Wasson - Fri, Feb 03, 2023
Last year saw a rise in threat actors abusing Microsoft Office macros to infect their victims’ systems with malware, prompting Microsoft to block macros embedded in documents downloaded from the internet. In response, threat actors have...
Read more...
by
Nathan Wasson - Thu, Feb 02, 2023
We often report on phishing campaigns involving fraudulent customer support agents who trick victims into giving up sensitive information or installing malware on their systems. However, sometimes threat actors flip this script, instead...
Read more...
by
Nathan Wasson - Wed, Feb 01, 2023
The password manager KeePass is currently the subject of a debate concerning whether or not a particular design decision should be considered a security vulnerability. At the center of this debate is KeePass’ support of triggers, one of...
Read more...
by
Nathan Wasson - Mon, Jan 30, 2023
Earlier this month, a Swiss hacker who goes by the name maia arson crimew exfiltrated a copy the US government’s No Fly List from an insecure server. This list, which names individuals who are forbidden from flying anywhere within US...
Read more...
by
Nathan Ord - Sat, Jan 28, 2023
In 2022, the National Security Agency, in conjunction with the U.K’s National Cyber Security Centre, reported a critical vulnerability in the Windows CryptoAPI to Microsoft. While this was patched in August of 2022 and published in October...
Read more...
by
Nathan Wasson - Fri, Jan 27, 2023
Last November, two weeks after the Biden administration held the second International Counter Ransomware Summit, the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of...
Read more...
by
Nathan Wasson - Thu, Jan 26, 2023
Yesterday, the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) published a joint cybersecurity advisory warning network...
Read more...
by
Nathan Wasson - Wed, Jan 25, 2023
TA444 is an advanced persistent threat (APT) group believed to be associated with the North Korean government. However, rather than receiving financial backing from its government, the group seems to bring in revenue for the government...
Read more...
by
Nathan Wasson - Tue, Jan 24, 2023
Over the past week, Gmail users have been reporting abuse of the Google Ads platform. However, rather than conducting ad fraud or placing ads that distribute malware, the actors behind this recent activity are leveraging the Google Ads...
Read more...
by
Nathan Wasson - Tue, Jan 24, 2023
A massive ad fraud campaign has shut down after undergoing mitigation efforts organized by HUMAN, cybersecurity firm that works to distinguish human beings from bots for the purpose of disrupting cybercrime. The ad fraud campaign, dubbed...
Read more...
by
Nathan Wasson - Fri, Jan 20, 2023
Yesterday, T-Mobile, one of the big three mobile internet service providers in the US, announced that it recently fell victim to a data breach. The company disclosed this information in both a news release and a filing with the Securities...
Read more...
by
Nathan Wasson - Thu, Jan 19, 2023
This past July, we wrote about a report published by Coverware that found that the dollar value of the median ransomware payment was on a downward trajectory beginning in Q1 2022 and continuing in Q2 of the same year. However, we weren’t...
Read more...
by
Nathan Wasson - Tue, Jan 17, 2023
Among the requirements for installing Windows 11 are two security features: Trusted Platform Module (TPM) version 2.0 and Secure Boot. As we’ve documented before, it’s possible to sidestep these requirements and force a Windows 11 install...
Read more...
by
Nathan Wasson - Mon, Jan 16, 2023
The Liquor Control Board of Ontario (LCBO), a government organization that sells alcoholic beverages within Ontario, Canada, has published a statement notifying customers of a cybersecurity incident affecting the retailer’s online store...
Read more...
by
Nathan Wasson - Thu, Jan 12, 2023
A new report claims that a law enforcement app leaked the personal details of suspects and police officers involved in major police operations going all the way back to 2011. SweepWizard, the app in question, was developed by ODIN...
Read more...
by
Nathan Wasson - Wed, Jan 11, 2023
It's no secret that cyberattacks have been on the rise lately, but a series of failures today may raise some eyebrows. The United States, Canada, and the United Kingdom have all experienced critical service disruptions today, and the root...
Read more...
by
Nathan Wasson - Tue, Jan 10, 2023
Those who follow cybersecurity news will know that both security researchers and threat actors alike are frequently discovering security vulnerabilities, prompting developers to create and release patches for these vulnerabilities. While...
Read more...