Dec 18, 2023NewsroomSoftware Security / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is urging manufacturers to get rid of default passwords on internet-exposed systems altogether, citing severe risks that could be exploited by malicious actors to gain initial access to, and move laterally within, organizations. In an alert published last week, the agency […]
Dec 17, 2023NewsroomCyber Attack / Data Security MongoDB on Saturday disclosed it’s actively investigating a security incident that has led to unauthorized access to “certain” corporate systems, resulting in the exposure of customer account metadata and contact information. The American database software company said it first detected anomalous activity on December 13, 2023, and that […]
The central bank of southern African country Lesotho is facing severe outages due to a cyberattack that was discovered earlier this week. The bank released multiple statements confirming that a recent incident affected several systems. The landlocked mountainous country is encircled by South Africa and has a population of more than 2 million. “The Central […]
Dec 16, 2023NewsroomCyber Security / Incident Response China’s Ministry of Industry and Information Technology (MIIT) on Friday unveiled draft proposals detailing its plans to tackle data security events in the country using a color-coded system. The effort is designed to “improve the comprehensive response capacity for data security incidents, to ensure timely and effective control, […]
A popular library in Ontario, Canada was forced to shut down most of its services this week due to a cyberattack — the latest library to face issues after hackers infiltrated its systems. The London Public Library, which services the Canadian city’s 422,000 residents, posted an alert on Wednesday afternoon warning that several branches would […]
Delta Dental of California and its affiliates have suffered a data breach, affecting almost seven million patients. The breach occurred through a vulnerability in the MOVEit Transfer software, allowing unauthorized access by threat actors.
During this past year, we have seen an increase in the use of malicious ads (malvertising) and specifically those via search engines, to drop malware targeting businesses. In fact, browser-based attacks overall have been a lot more common if we include social engineering campaigns. Criminals have found success in acquiring new victims thanks to search […]
Dec 16, 2023NewsroomOnline Security / Cybercrime Microsoft is warning of an uptick in malicious activity from an emerging threat cluster it’s tracking as Storm-0539 for orchestrating gift card fraud and theft via highly sophisticated email and SMS phishing attacks against retail entities during the holiday shopping season. The goal of the attacks is to propagate […]
Imperva Threat Research has detected previously undocumented activity from the 8220 gang, which is known for the mass deployment of malware using a variety of continuously evolving TTPs. This threat actor has been known to target both Windows and Linux web servers with cryptojacking malware. In this blog, we will detail recent activity, attack vectors […]