The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has released new cybersecurity advice that details recent tactics, methods, and procedures (TTPs) associated with North Korean ransomware attacks against public health and other critical infrastructure sectors. The report was produced jointly by the NSA, FBI, CISA, U.S. HHS, and the National Intelligence Service and Defense Security […]

The largest chain of bookstores in Canada, Indigo Books & Music, was the victim of a hack yesterday, forcing the business to restrict online payments to cash and shut down its website for customers. Although the precise nature of the breach is still unknown, Indigo does not rule out the possibility that hackers may have […]

On Sunday night, the popular social platform Reddit was the victim of a cyberattack that granted hackers access to its internal business systems and provided them the chance to obtain sensitive data and source code. The company claims that the hackers used its intranet site as a ruse to lure Reddit employees into a phishing […]

Researchers revealed on Wednesday that hackers had found a means to get beyond ChatGPT’s limitations and are using it to market services that let users produce malware and phishing emails. ChatGPT is a chatbot that imitates human output by using artificial intelligence to respond to inquiries and carry out tasks.  People can use it to […]

There is evidence that hackers with ties to Russia are using new software designed to steal information to launch attacks against Ukraine. This malware, discovered by the Computer Emergency Response Team of Ukraine (CERT-UA) and dubbed Graphiron by Broadcom-owned Symantec, was developed by an espionage group called Nodaria and is known as UAC-0056. According to […]

A data breach at the Weee! Asian and Hispanic meal delivery business exposed the private data of 1.1 million clients. Weee! bills itself as the most prominent Asian and Hispanic supermarket in North America, shipping groceries to all 48 states via its network of warehouses. On Monday, a threat actor named “IntelBroker” started leaking information […]

Security specialists have discovered four malicious Dota 2 game modes that a threat actor used to backdoor the players’ systems. Avast Threat Labs researchers discovered that the unidentified attacker built four game modes for the wildly played Dota 2 multiplayer online battle arena video game and released them on the Steam store to target the […]

According to crowdsourced data examined by CNN, a new worldwide ransomware campaign has affected at least 3,800 people, including hundreds in the US, triggering warnings from European and US cybersecurity experts. However, according to “Ransomwhere,” a network created by cybersecurity researchers to track ransomware assaults, only four victims have paid the ransom so far. It’s […]

A member of the forum going by the name IntelBroker has offered a database containing the personal information of 3.7 million people participating in the Hilton Hotels Honors program. According to the actor who posed a threat, the data in question includes personally identifying information such as name, address, honors ID, and other similar details. […]

A “widespread cyber effort” that employed legitimate remote monitoring and management (RMM) software to spread a phishing scam affected at least two federal departments in the United States. To steal money from victims’ bank accounts through a refund scam, cybercriminals exploited the legal RMM software ScreenConnect (now ConnectWise Control) and AnyDesk, which they downloaded after […]

The company Zacks Investment Research (Zacks) was infiltrated by hackers last year, allowing them access to 820,000 clients’ sensitive and personal data. The 1978-founded business uses cutting-edge financial data analytics systems to assist stock buyers. A threat actor entered the network between November 2021 and August 2022, according to an internal examination of the incident. […]

With the increasing number of cyberattacks targeting large enterprises, many companies have turned to zero-trust security measures to protect their networks and data. However, a recent report from Gartner has raised concerns about the limitations of zero trust as a complete solution to cybersecurity. The report predicts that just 10% of large enterprises will have […]

The US “No Fly” list has 1.5 million entries that have been made public. The US “No Fly List” was made publicly available online by a Swiss hacker who allegedly discovered three private documents on an insecure cloud storage server. The list contains more than 1.5 million entries of people who have been prohibited from […]

Customers of GoTo (previously LogMeIn) are being alerted that threat actors took encrypted backups, including user information and an encryption key for some of that data, when they infiltrated its development environment in November 2022. GoTo offers a platform for cloud-based remote working, collaboration, and communication, in addition to solutions for remote IT management and […]

The year 2022 was a record-breaking year for Distributed Denial of Service (DDoS) attacks in Russia. According to a report released by Russia’s largest internet service provider (ISP), Rostelecom. The company recorded 21.5 million critical web attacks against 600 Russian businesses, including those in the public, financial, retail, and telecom sectors. This highlights the increasing threat […]