Hacker Groups Exploit Misconfigured AWS S3 Buckets to Inject Malicious Code into Websites In a stark reminder of ongoing cybersecurity threats, various hacking groups are increasingly exploiting vulnerabilities in misconfigured Amazon S3 data storage buckets to infiltrate websites with malicious code. This tactic is primarily aimed at capturing sensitive information,…
In a significant cybersecurity breach, hackers have compromised a large portion of Norway’s healthcare system, potentially affecting over half of the nation’s population. The attack targeted the Health South-East Regional Health Authority (RHF), resulting in the theft of personal information and medical records belonging to approximately 2.9 million individuals out…
In an era where technology is deeply integrated into healthcare, the introduction of smart eyewear, such as the Meta-AI Ray-Ban glasses, has sparked significant privacy and security concerns. Garrett Zickgraf, a cybersecurity expert with LBMC, highlighted that these glasses are equipped with microphones and cameras, enabling them to connect to…
Recent research has unveiled a series of critical security vulnerabilities within the firmware of 5G mobile network modems manufactured by major semiconductor companies, notably MediaTek and Qualcomm. These vulnerabilities affect a range of devices, including USB and Internet of Things (IoT) modems, as well as hundreds of smartphone models operating…
Recent advancements in cybersecurity have unveiled an alarming technique capable of remote eavesdropping using standard light bulbs as conduits. Researchers have demonstrated that by observing variations in the light emitted by a bulb in a room, they can effectively intercept conversations from a nearby location. This innovative method, termed “Lamphone,”…
Orbitz Data Breach Exposes Nearly 880,000 Payment Card Numbers Orbitz, a Chicago-based online travel agency and a subsidiary of Expedia, has disclosed a significant data breach affecting its legacy website. Approximately 880,000 payment card numbers have been compromised, potentially exposing customers’ sensitive financial information. Founded as a travel fare aggregator,…
New Machine-Led Security Approach Aims to Enhance Cyber Defense In the wake of increasing cyber threats, security teams find themselves grappling with an overwhelming amount of data noise, hindering their ability to focus on genuine threats. This operational complexity, combined with the evolving sophistication of adversaries who leverage artificial intelligence,…
A fraudulent website posing as Bangladesh’s official e-apostille platform has compromised sensitive data belonging to over 1,100 individuals, raising alarms among cybersecurity experts. This incident is being characterized as one of the most significant failures in digital governance in recent years. Documents that have surfaced online include national identification cards,…
The Lazarus Group, a North Korean cybercriminal entity, has launched a significant global campaign leveraging vulnerabilities in Log4j to facilitate the deployment of previously unknown remote access trojans (RATs). This operation, termed “Operation Blacksmith” by Cisco Talos, employs a range of malware families written in DLang, notably including a RAT…
