The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has released new cybersecurity advice that details recent tactics, methods, and procedures (TTPs) associated with North Korean ransomware attacks against public health and other critical infrastructure sectors. The report was produced jointly by the NSA, FBI, CISA, U.S. HHS, and the National Intelligence Service and Defense Security […]

The largest chain of bookstores in Canada, Indigo Books & Music, was the victim of a hack yesterday, forcing the business to restrict online payments to cash and shut down its website for customers. Although the precise nature of the breach is still unknown, Indigo does not rule out the possibility that hackers may have […]

On Sunday night, the popular social platform Reddit was the victim of a cyberattack that granted hackers access to its internal business systems and provided them the chance to obtain sensitive data and source code. The company claims that the hackers used its intranet site as a ruse to lure Reddit employees into a phishing […]

Researchers revealed on Wednesday that hackers had found a means to get beyond ChatGPT’s limitations and are using it to market services that let users produce malware and phishing emails. ChatGPT is a chatbot that imitates human output by using artificial intelligence to respond to inquiries and carry out tasks.  People can use it to […]

There is evidence that hackers with ties to Russia are using new software designed to steal information to launch attacks against Ukraine. This malware, discovered by the Computer Emergency Response Team of Ukraine (CERT-UA) and dubbed Graphiron by Broadcom-owned Symantec, was developed by an espionage group called Nodaria and is known as UAC-0056. According to […]

A data breach at the Weee! Asian and Hispanic meal delivery business exposed the private data of 1.1 million clients. Weee! bills itself as the most prominent Asian and Hispanic supermarket in North America, shipping groceries to all 48 states via its network of warehouses. On Monday, a threat actor named “IntelBroker” started leaking information […]

The digital age is engulfed with the issue of data privacy. With more personal data exchanged online, organizations need to have a plan in place to protect sensitive data. In this article, we’ll outline the steps that organizations can take to plan and implement data privacy measures.  It’s important to note that data privacy is […]

Vulnerability scanning is the process of using automated tools to identify potential security weaknesses and vulnerabilities in an organization’s infrastructure. It is an essential step in maintaining the security of a system as it helps identify any potential points of attack or entry for malicious actors. In 2023, vulnerability scanning will be more essential than […]

Security specialists have discovered four malicious Dota 2 game modes that a threat actor used to backdoor the players’ systems. Avast Threat Labs researchers discovered that the unidentified attacker built four game modes for the wildly played Dota 2 multiplayer online battle arena video game and released them on the Steam store to target the […]

According to crowdsourced data examined by CNN, a new worldwide ransomware campaign has affected at least 3,800 people, including hundreds in the US, triggering warnings from European and US cybersecurity experts. However, according to “Ransomwhere,” a network created by cybersecurity researchers to track ransomware assaults, only four victims have paid the ransom so far. It’s […]

A member of the forum going by the name IntelBroker has offered a database containing the personal information of 3.7 million people participating in the Hilton Hotels Honors program. According to the actor who posed a threat, the data in question includes personally identifying information such as name, address, honors ID, and other similar details. […]

A “widespread cyber effort” that employed legitimate remote monitoring and management (RMM) software to spread a phishing scam affected at least two federal departments in the United States. To steal money from victims’ bank accounts through a refund scam, cybercriminals exploited the legal RMM software ScreenConnect (now ConnectWise Control) and AnyDesk, which they downloaded after […]

The company Zacks Investment Research (Zacks) was infiltrated by hackers last year, allowing them access to 820,000 clients’ sensitive and personal data. The 1978-founded business uses cutting-edge financial data analytics systems to assist stock buyers. A threat actor entered the network between November 2021 and August 2022, according to an internal examination of the incident. […]

With the increasing number of cyberattacks targeting large enterprises, many companies have turned to zero-trust security measures to protect their networks and data. However, a recent report from Gartner has raised concerns about the limitations of zero trust as a complete solution to cybersecurity. The report predicts that just 10% of large enterprises will have […]

Endpoint protection is a critical aspect of cybersecurity that helps organizations protect their endpoints (computers, laptops, mobile devices, servers, IoT devices, etc.) from potential threats. With the increasing use of technology in businesses, endpoints have become a prime target for cybercriminals looking to steal sensitive information or disrupt operations. As a result, it is essential […]

The US “No Fly” list has 1.5 million entries that have been made public. The US “No Fly List” was made publicly available online by a Swiss hacker who allegedly discovered three private documents on an insecure cloud storage server. The list contains more than 1.5 million entries of people who have been prohibited from […]

In today’s digital environment, endpoint protection is more critical than ever. With the increasing use of mobile devices, laptops, and cloud services, endpoint devices are becoming the primary target for cyber-attacks. Endpoint protection is the process of securing organizational assets and data on endpoint devices, such as laptops, mobile devices, and servers. It includes a […]

Customers of GoTo (previously LogMeIn) are being alerted that threat actors took encrypted backups, including user information and an encryption key for some of that data, when they infiltrated its development environment in November 2022. GoTo offers a platform for cloud-based remote working, collaboration, and communication, in addition to solutions for remote IT management and […]

Only one-third of UK organisations have a validated plan in place to handle cyberwarfare; and 57% have stalled or stopped digital transformation projects due to the threat of cyberwarfare Armis, the leading asset visibility and security company, today announced preliminary findings from the Armis State of Cyberwarfare Report, which measures global IT and security professionals’ […]