The cyber threat landscape continues to evolve as researchers from Trend Micro report that the perpetrators behind the RedLine and Vidar information stealers are shifting their tactics to include ransomware attacks. This alarming trend has been facilitated through phishing campaigns that distribute malware utilizing Extended Validation (EV) code signing certificates,…
Data Breach at MIT Technology Review Exposes User Records In a significant data breach incident, hackers have reportedly compromised the MIT Technology Review Magazine, accessing nearly 290,000 user records through a third-party contractor. The alleged perpetrator, known as Intel Broker, has disseminated the leaked information on Breach Forums, a platform…
DDoS Attack Disrupts Three UK Councils: NoSensitive Data Compromised In a recent cybersecurity incident, three councils in the United Kingdom—Salford, Portsmouth, and Middlesbrough—experienced significant disruptions due to a Distributed Denial of Service (DDoS) attack. These attacks led to temporary outages, rendering the councils’ websites inaccessible to users and hampering public…
Finance & Banking, Industry Specific, Next-Generation Technologies & Secure Development Summit on Nov. 7 to Address Evolving Cyber Risks in Finance Chris Riotta (@chrisriotta) • November 4, 2024 Leading cybersecurity professionals will gather on November 7 for ISMG’s Financial Services Summit to address financial sector vulnerabilities. (Image: Shutterstock) The 2024…
CrushFTP Users Urged to Update Following Newly Discovered Vulnerability The CrushFTP enterprise file transfer software has been hit by a security vulnerability that is reportedly being exploited in active attacks. In a recent advisory, CrushFTP informed its users that versions of the software prior to 11.1 are susceptible to a…
Case Overview A pivotal legal confrontation is looming as the U.S. Supreme Court gears up to hear arguments in a high-profile case involving Facebook, now known as Meta. The lawsuit revolves around the company’s alleged failure to properly disclose a substantial data breach related to Cambridge Analytica, a scandal that…
New Wi-Fi Vulnerability Exposed: SSID Confusion Attack Poses Risk to All Networks Recent research has uncovered a significant security flaw related to the IEEE 802.11 Wi-Fi standard, identified as the SSID Confusion attack (CVE-2023-52424). This vulnerability can manipulate users into connecting to less secure wireless networks, enabling potential attackers to…
A recent analysis by Phylum has uncovered a series of malicious packages, pointing to an IP address affiliated with a notable threat actor: This investigation reveals that, while the attackers aimed to obscure their infrastructure for second-stage infections, their strategy inadvertently left a digital breadcrumb trail of previously utilized…
Regulators Urge Enhanced Security for Third-Party Services Following CrowdStrike Outage In light of the significant disruption caused by a cybersecurity incident involving CrowdStrike, the U.K. Financial Conduct Authority (FCA) has issued a directive urging financial institutions to bolster their preparedness against similar outages. This follows a global incident in July…
