Security
US Senator demands feds investigate Microsoft over China email and SolarWinds hack
Oregon Senator Ron Wyden is pushing three federal agencies to hold Microsoft accountable for security failures that led to two major hacking campaigns impacting multiple government offices – a recently discovered Chinese-led cyberespionage campaign and the infamous 2020 SolarWinds hack.
Read more about US Senator demands feds investigate Microsoft over China email and SolarWinds hack
Deloitte joins fellow Big Four MOVEit victims PWC, EY
Big Four financial services firm Deloitte confirms to Cybernews that it's part of the latest round of victims claimed in the MOVEit attacks.
Read more about Deloitte joins fellow Big Four MOVEit victims PWC, EY
DepositFiles exposed config file, jeopardizing user security
DepositFiles, a popular web hosting service, left its environment configuration file accessible, revealing a trove of highly sensitive credentials.
Read more about DepositFiles exposed config file, jeopardizing user security
macOS RedLine Stealer malware found on fake blockchain games
macOS is being abused to create malicious software embedded in bogus games, a malware hunter has disclosed.
Read more about macOS RedLine Stealer malware found on fake blockchain games
Apple extends spyware patch to all devices
Apple has now extended an emergency patch notice, which was recently issued for newer devices, to its entire array of platforms, Sophos cybersecurity firm reports.
Read more about Apple extends spyware patch to all devices
Imagine360 data breach: medical information, Social Security numbers compromised
Imagine360, a health plan solution company based in Pennsylvania, has disclosed a data breach affecting over 130,000 people.
Read more about Imagine360 data breach: medical information, Social Security numbers compromised
Average cost of data breach reaches $4.5M – you’re the one who pays
The frequency and cost of data breaches are increasing. However, companies are reluctant to invest in safeguarding their systems. What’s more, many organizations transfer the cost of the breach to consumers.
Read more about Average cost of data breach reaches $4.5M – you’re the one who pays
Tampa hospital hit hard in cyberattack
Tampa General Hospital (TGH) confirms patient data was compromised during a more than two-week-long cyberattack. Now, multiple ransomware gangs are claiming to possess the stolen data.
Read more about Tampa hospital hit hard in cyberattack
First search result leads to malware: crooks now paying for ads
Cybercriminals are finding new ways to poison search results. They’re filling Google with paid ads using so-called ‘malvertising’ campaigns, which lead unaware users to malicious sites that exploit their data and trust.
Read more about First search result leads to malware: crooks now paying for ads
Nice Suzuki, sport: shame dealer left your data up for grabs
Two Suzuki-authorized dealer websites were found to be leaking sensitive information. Files that should be secure and kept private were left publicly accessible.
Read more about Nice Suzuki, sport: shame dealer left your data up for grabs
Only Fans hacked by Anonymous Sudan
Anonymous Sudan is raising eyebrows again, this time by claiming to have taken down the online adult content subscription service known as Only Fans.
Read more about Only Fans hacked by Anonymous Sudan
Malware risk in AI software packages, warns analyst
ChatGPT’s API program, designed to incorporate artificial intelligence (AI) functionality into pre-existing apps and software, comes with a risk, warns analyst.
Read more about Malware risk in AI software packages, warns analyst
American students bombarded with job scam emails
Threat actors have been impersonating bioscience, healthcare, and biotechnology companies to defraud job seekers in North America.
Read more about American students bombarded with job scam emails
TD Ameritrade, Ernst & Young, PWC MOVEit negotiations fail, data published
The Cl0p ransomware gang is offering more than 3TB of sensitive data for sale – allegedly stolen from TD Ameritrade and Ernst & Young in the MOVEit zero-day attacks – all as retaliation for the companies' lack of negotiation skills. Pricewaterhouse Coopers was also slammed by the gang after it was assigned its very own leak URL containing all of PWC published files.
Read more about TD Ameritrade, Ernst & Young, PWC MOVEit negotiations fail, data published
FIA World Endurance Championship driver passports leaked
Le Mans Endurance Management exposed the data of hundreds of drivers by leaking their IDs and drivers’ licenses, the Cybernews research team has discovered.
Read more about FIA World Endurance Championship driver passports leaked
Criminals launch subscription-based WormGPT without ethical constraints
Cybercriminals are now fluent in the AI-based tool WormGPT, which automates phishing emails and facilitates business email compromise (BEC) attacks using exceptional grammar in multiple languages.
Read more about Criminals launch subscription-based WormGPT without ethical constraints
Linux-friendly email program hit by zero-day bug
Zimbra has issued a warning that its email platform and supporting software are prone to a security glitch that’s being actively exploited by threat actors, a cyber watchdog warned today.
Read more about Linux-friendly email program hit by zero-day bug
Russian cyber gang Armageddon leaves 30 minutes to react
Russian cyber gang Armageddon's current tactics have been revealed in Ukraine.
Read more about Russian cyber gang Armageddon leaves 30 minutes to react
Chart-topping fake Threads app taken down by Apple
Apple has taken down a fake Threads app in Europe, which was topping the charts of the most downloaded apps.
Read more about Chart-topping fake Threads app taken down by Apple
Konstantin Klyagin, QAwerk: “due to ever-more complex software, we expect growth of software testing services"
That complex software includes advancing technologies like AI and ML. Integrating this tech into the workspace has significant potential for...
Read more about Konstantin Klyagin, QAwerk: “due to ever-more complex software, we expect growth of software testing services"
