A former Dutch cybersecurity professional named Pepijn Van der Stap has been sentenced to four years in prison for hacking and blackmailing more than a dozen companies. He also infiltrated networks and stole sensitive information.
The company discovered suspicious activity in employee email accounts in January 2023 and determined that the breach occurred between December 2022 and January 2023. The stolen data includes names, SSNs, and financial account information.
Nov 04, 2023NewsroomData Breach / Cyber Attack Identity and authentication management provider Okta on Friday disclosed that the recent support case management system breach affected 134 of its 18,400 customers. It further noted that the unauthorized intruder gained access to its systems from September 28 to October 17, 2023, and ultimately accessed HAR files containing […]
The American Airlines pilot union is working to restore its systems following a ransomware attack, the latest in a rash of cyber incidents affecting the aviation industry. The union, which represents more than 15,000 of the airline’s pilots, posted a notice on its website explaining it first discovered the cyberattack on October 30. The unnamed […]
Nov 04, 2023NewsroomMobile Security / Android Google is rolling out an “Independent security review” badge in the Play Store’s Data safety section for Android apps that have undergone a Mobile Application Security Assessment (MASA) audit. “We’ve launched this banner beginning with VPN apps due to the sensitive and significant amount of user data these apps […]
ZDI discloses four zero-day flaws in Microsoft Exchange Pierluigi Paganini November 03, 2023 Researchers disclosed four zero-day flaws in Microsoft Exchange that can be remotely exploited to execute arbitrary code or disclose sensitive information on vulnerable installs. Trend Micro’s Zero Day Initiative (ZDI) disclosed four zero-day vulnerabilities in Microsoft Exchange that can be remotely exploited […]
Oct 05, 2023NewsroomZero Day / Vulnerability Apple on Wednesday rolled out security patches to address a new zero-day flaw in iOS and iPadOS that it said has come under active exploitation in the wild. Tracked as CVE-2023-42824, the kernel vulnerability could be abused by a local attacker to elevate their privileges. The iPhone maker said […]
Oct 05, 2023NewsroomZero Day / Vulnerability Atlassian has released fixes to contain an actively exploited critical zero-day flaw impacting publicly accessible Confluence Data Center and Server instances. The vulnerability, tracked as CVE-2023-22515, is remotely exploitable and allows external attackers to create unauthorized Confluence administrator accounts and access Confluence servers. It does not impact Confluence versions […]
Mozilla issued a warning this week over malicious websites offering Thunderbird downloads after a ransomware group was caught using this technique to deliver malware. Cybersecurity journalist Brian Krebs reported last week that a website where the Snatch ransomware group names victims had been leaking data, including visitor IPs and information on internal operations. According to […]