Security

A Korean IT company developing and selling enterprise software has leaked over 50 million sensitive records.

With numerous global cyber intrusions from Norway to China, espionage, surveillance, and disruptive actions, Appin Security Group, mercenary hackers from India, demonstrated a successful criminal business model that was unstoppable without global cooperation.

Anonymous Sudan supposedly hit ChatGPT at almost the same time it introduced a new botnet. Experts say the gang is commercializing to enhance operational resources.

The North American Electric Reliability Corp (NERC) concluded a two-day simulation with power sector entities to stress-test their emergency response and recovery plans for physical and cybersecurity attacks.

The FBI is warning organizations to guard against the Scattered Spider ransom group, responsible for the recent MGM and Caesars hacks, plus dozens more ransomware attacks across the US this year.

Hive, one of the world’s most dangerous ransomware groups, disappeared from the scene after being infiltrated by the FBI. Hunters International, a new kid on the block using similar code, has recently emerged in its place. However, the gang claims to be unrelated.

Vietnam Post Corporation, a Vietnamese government-owned postal service, left its security logs and employee email addresses accessible to outside cyber snoopers, Cybernews researchers have discovered. The exposed sensitive data could spell trouble if accessed by malicious actors.

Singapore picks two local companies that will collaborate with Toshiba to build Southeast Asia’s first quantum-safe network to future-proof its systems.

Security researchers are blaming a now-patched Citrix zero-day vulnerability for a recent spate of November ransomware attacks, said to be carried out by the notorious LockBit gang – and warn more are coming.

A threat actor targeting West Asian governments now uses a labyrinthine infection chain based on delivering a new initial access downloader dubbed IronWind, cybersecurity company Proofpoint has observed.

Software written in the past few years is less error-prone on the whole and therefore more resistant to cyberattacks.

One of the biggest online casinos in Mexico has exposed sensitive user data, including home addresses and the amounts of money they spent on gambling. The data was likely compromised by unauthorized actors.

Royal Ransomware, which emerged in early 2022, already has at least 350 known victims under its belt, added since September 2022. Its ransom demands have exceeded $275 million, an updated CISA and FBI advisory reveals. And now, the gang is operating under a new name: Blacksuit.

Cyber assaults on the aviation sector carry more serious repercussions than mere data theft or DDoS attacks.

A threat actor copied a legitimate Windows news website to deliver an infostealer for the CPU-Z processor tool.

The most popular platform for chess players, Chess.com, has had some of its user data leaked in a fresh scraping attempt.

Top global law firm Allen & Overy (A&O) said some of its systems have been impacted due to a “data incident” claimed by the LockBit ransomware group.

Most Americans would opt for a one-time root canal over a year of scam messages, according to a new study from McAfee.

Dolly.com, an on-demand moving and delivery platform, allegedly paid attackers not to publish stolen customer data.

The tech giants have formally partnered to improve app security across ecosystems under a newly formed structure.