Security
Russia unleashes dangerous new wiper
Russia is using a new malware variant with expanded capabilities to target Ukrainian telecommunication networks, cybersecurity threat intelligence platform SentinelLabs has discovered. The launch coincides with enduring disruptions experienced by the country’s internet service providers (ISPs).
Read more about Russia unleashes dangerous new wiper
Anti-scam firm exposes OpenAI API key
Certy AI’s anti-scam moderation system left an exposed environment file and revealed sensitive information such as its OpenAI API key, Cybernews researchers have discovered.
Read more about Anti-scam firm exposes OpenAI API key
North Korean hackers use “nuclear lure” to trick and run new attack
North Korea’s nuclear threats are now being exploited by North Korean hackers known as Kimsuky as a lure for victims to open malicious payloads. Here’s how the threat actor updated their playbook.
Read more about North Korean hackers use “nuclear lure” to trick and run new attack
US officials warn of hackers disrupting the “critical lifeline” of drinking water
China and Iran-linked threat actors are targeting water and wastewater systems throughout the United States. Cyberattacks on infrastructure can disrupt “the critical lifeline of clean and safe drinking water, as well as impose significant costs on affected communities,” officials from the Environmental Protection Agency (EPA) and the White House have warned.
Read more about US officials warn of hackers disrupting the “critical lifeline” of drinking water
Famous Indian brands exposed in massive marketing firm data leak
Customers of Swiggy, Redbus, Nykaa, BigBasket, TataMotors, ICICIPruLife, Axis Direct, and other brands in India have been put at risk. Cybersecurity neglect resulted in a tremendous amount of their personal data being exposed.
Read more about Famous Indian brands exposed in massive marketing firm data leak
Keyboard strokes may reveal your password – research
Keyboard keystroke sounds can be exploited to reveal sensitive user data. For example, it can reveal text that users are typing into a password box.
Read more about Keyboard strokes may reveal your password – research
US vs TikTok: could VPNs be the answer
TikTok faces a total ban from the US market after the company was told to sever ties with Chinese owner ByteDance.
Read more about US vs TikTok: could VPNs be the answer
Most UK orgs vulnerable to attacks – Microsoft
A large majority of UK organizations are entering the age of artificial intelligence but are woefully unprepared for new attack vectors that AI provides.
Read more about Most UK orgs vulnerable to attacks – Microsoft
TV company exposes over 100K records
Zapping.com, a Chilean online television company, has leaked sensitive data.
Read more about TV company exposes over 100K records
Another English city, another cyberattack, British gov to blame say critics
A British National Security report warns of ‘a catastrophic ransomware attack that could take down the government at any moment – this as another English city authority struggles to recover after a week-long cyberattack.
Read more about Another English city, another cyberattack, British gov to blame say critics
Data leak at Spanish home rental service exposes three million customers
Privacy in a countryside getaway is no longer a guarantee. Escapada Rural, a local Spanish short-term rental service akin to Airbnb, left large amounts of private customer data exposed for half a year. Hackers got hold of the data and posted it on BreachForums, an illicit marketplace.
Read more about Data leak at Spanish home rental service exposes three million customers
Massive data leak in Irish Health Service Executive uncovered
The Health Service Executive (HSE) in Ireland accidentally exposed the private information of an estimated one million citizens in December 2021, a researcher has shared. The leak happened seven months after a major ransomware attack on the same organization.
Read more about Massive data leak in Irish Health Service Executive uncovered
Financial company leaks user passports
IKF Finance, an Indian non-banking finance company, leaked over three terabytes of sensitive customer and employee data, potentially exposing its entire user base.
Read more about Financial company leaks user passports
China biotech firms amass Americans' genetic data, lawmakers warn
US Senators on Capital Hill are pushing a vote to restrict US business dealings with Chinese biotech companies over fears that the sensitive health data of Americans will be used for nefarious purposes by Beijing.
Read more about China biotech firms amass Americans' genetic data, lawmakers warn
Researcher found millions 2FA codes spilling online for tech giants
Millions of two-factor authentication (2FA) codes, sent as SMS messages by tech giants, were being leaked online to anyone without any authentication, a security researcher Anurag Sen found.
Read more about Researcher found millions 2FA codes spilling online for tech giants
Large online dictionary leaks nearly 7M records
Glosbe, the biggest online dictionary, left a server exposed to the public, revealing personal data, encrypted passwords, social media identifiers, and other details of nearly seven million users.
Read more about Large online dictionary leaks nearly 7M records
Chinese-made cars may pose national security risk, US launches probe
A new White House investigation will determine if Chinese vehicle imports and connected car technologies pose a threat to national security and need to be restricted.
Read more about Chinese-made cars may pose national security risk, US launches probe
Biden bans brokers selling Americans' private data for espionage
A new executive order, signed by US President Joe Biden on Wednesday, aims to prevent Americans’ private data from being sold to countries considered a threat to national security.
Read more about Biden bans brokers selling Americans' private data for espionage
Cybercriminals obtain data of 2M customers leaked by delivery company
The delivery company has leaked information about deliveries and the home addresses of millions of its customers.
Read more about Cybercriminals obtain data of 2M customers leaked by delivery company
Iranian hackers impersonate Boeing and DJI, post fake job offers
Iranian cyberespionage hackers, posing as recruiters from Boeing or drone manufacturer DJI among other phishing efforts, are targeting the aerospace, aviation, and defense industries, the latest Mandiant report warns.
Read more about Iranian hackers impersonate Boeing and DJI, post fake job offers
