The Breach News

Vercel Breach Linked to Context AI Hack Reveals Restricted Customer Credentials

Vercel Reports Security Breach Following Compromise of AI Tool Vercel, a prominent provider of web infrastructure, has recently revealed a security breach that compromised “certain” internal systems, allowing unauthorized access to its operations. The incident arose from a vulnerability in Context.ai, a third-party artificial intelligence tool utilized by one of…

Read MoreVercel Breach Linked to Context AI Hack Reveals Restricted Customer Credentials

KDE Linux Desktops Vulnerable to Hacks Without Interacting with Malicious Files

Recent developments have surfaced significant cybersecurity concerns surrounding the KDE desktop environment utilized by numerous Linux distributions including Manjaro, openSUSE, and Kubuntu. A cybersecurity researcher has publicly disclosed a critical zero-day vulnerability that remains unpatched, emphasizing the urgent need for caution among users. This vulnerability allows perpetrators to execute arbitrary…

Read MoreKDE Linux Desktops Vulnerable to Hacks Without Interacting with Malicious Files

Researchers Uncover ZionSiphon Malware Aiming at Israeli Water and Desalination Operational Technology Systems

Recent cybersecurity assessments have identified a new malware strain, dubbed ZionSiphon, explicitly targeting water treatment and desalination infrastructures in Israel. This malware, discovered by cybersecurity firm Darktrace, showcases advanced capabilities such as establishing persistence, altering local configuration files, and scanning for operational technology (OT)-specific services within local networks. The emergence…

Read MoreResearchers Uncover ZionSiphon Malware Aiming at Israeli Water and Desalination Operational Technology Systems

Ransomware Negotiator Admits Guilt in Facilitating BlackCat Attacks in 2023

A Florida man has admitted to his role in orchestrating ransomware attacks against U.S. companies in 2023. Angelo Martino, 41, of Land O’Lakes, collaborated with the BlackCat ransomware group to escalate the financial demands placed on multiple victims. Martino was identified as a ransomware negotiator who divulged sensitive details about…

Read MoreRansomware Negotiator Admits Guilt in Facilitating BlackCat Attacks in 2023

Canon DSLR Cameras Vulnerable to Remote Ransomware Attacks

Recent findings from Check Point, a cybersecurity firm, underscore an escalating threat associated with ransomware, extending its reach from traditional computers to smart devices, including digital cameras. Researchers have illustrated a method by which hackers can remotely infect Canon DSLR cameras with ransomware, effectively extorting users by holding their private…

Read MoreCanon DSLR Cameras Vulnerable to Remote Ransomware Attacks

FBI Seeks Immediate Access to U.S. License Plate Readers

Title: Recent Cybersecurity Incidents: Breaches and Legislative Developments Recent activities in the realm of cybersecurity unveil significant incidents that highlight the ongoing risks facing businesses and governmental agencies. Notably, GitHub, a widely-used code repository owned by Microsoft, experienced a data breach attributed to the cybercrime group known as TeamPCP. This…

Read MoreFBI Seeks Immediate Access to U.S. License Plate Readers

SystemBC C2 Server Exposes Over 1,570 Victims in The Gentlemen Ransomware Scheme

The Gentlemen ransomware-as-a-service (RaaS) group has been implicated in deploying the proxy malware SystemBC, marking a significant escalation in their operations. According to recent research from Check Point, this malware’s command-and-control (C2) server has led to the identification of over 1,570 victims worldwide. SystemBC is capable of establishing SOCKS5 network…

Read MoreSystemBC C2 Server Exposes Over 1,570 Victims in The Gentlemen Ransomware Scheme

Google Reveals 20-Year-Old Unfixed Vulnerability Impacting All Windows Versions

In a significant cybersecurity development, a Google security researcher has uncovered a critical vulnerability that has remained unaddressed for two decades in Microsoft Windows. This flaw, tracked as CVE-2019-1162, affects all versions of the operating system, from Windows XP to the latest iteration, Windows 10. Following the recent patch Tuesday…

Read MoreGoogle Reveals 20-Year-Old Unfixed Vulnerability Impacting All Windows Versions

RondoDox Botnet Takes Advantage of 2018 Vulnerability to Compromise ASUS Routers

Recent research from cybersecurity firm VulnCheck has unveiled that cybercriminals are increasingly targeting outdated models of ASUS routers by exploiting a software vulnerability identified back in 2018, classified as CVE-2018-5999. This security flaw represents a critical unauthenticated configuration update vulnerability, boasting a CVSS score of 9.8 out of 10, enabling…

Read MoreRondoDox Botnet Takes Advantage of 2018 Vulnerability to Compromise ASUS Routers