CardX released a data leak notification impacting their customers in Thailand Pierluigi Paganini September 17, 2023 One of Thailand’s major digital financial platforms, CardX, recently disclosed a data leak that affected their customers. According to the statement published on the CardX official website on September 15th, the company experienced a cybersecurity incident that exposed personal […]
Fortinet has released patches for a high-severity cross-site scripting (XSS) vulnerability impacting multiple FortiOS and FortiProxy versions. Tracked as CVE-2023-29183 (CVSS score of 7.3), the security defect is described as an “improper neutralization of input during web page generation”. Successful exploitation of the bug, Fortinet explains in an advisory, may allow an authenticated attacker to […]
FBI hacker USDoD leaks highly sensitive TransUnion data Pierluigi Paganini September 18, 2023 Researchers from vx-underground reported that FBI hacker ‘USDoD‘ leaked sensitive data from consumer credit reporting agency TransUnion. TransUnion is an American consumer credit reporting agency. TransUnion collects and aggregates information on over one billion individual consumers in over thirty countries, including “200 million files […]
Hong Kong-based cryptocurrency exchange platform, CoinEx, has seen the loss of US$70 million in cryptocurrency following a cyber attack. The cryptocurrency exchange platform made users aware of the cyber attack on September 12 via a post on social media site X (formerly Twitter). In the post, the company explained that the cyber attack was discovered after its […]
Clop gang stolen data from major North Carolina hospitals Pierluigi Paganini September 17, 2023 Researchers at healthcare technology firm Nuance blame the Clop gang for a series of cyber thefts at major North Carolina hospitals. The Microsoft-owned healthcare technology firm Nuance revealed that the Clop extortion gang has stolen personal data on major North Carolina hospitals as part […]
TikTok is flooded by a surge of fake cryptocurrency giveaways posted to the video-sharing platform, with almost all of the videos pretending to be themes based on Elon Musk, Tesla, or SpaceX.
Sep 18, 2023THNCloud Security / Cryptocurrecy A novel cloud-native cryptojacking operation has set its eyes on uncommon Amazon Web Services (AWS) offerings such as AWS Amplify, AWS Fargate, and Amazon SageMaker to illicitly mine cryptocurrency. The malicious cyber activity has been codenamed AMBERSQUID by cloud and container security firm Sysdig. “The AMBERSQUID operation was able […]
Sep 18, 2023The Hacker NewsIdentity Threat / Attack Surface When you roll out a security product, you assume it will fulfill its purpose. Unfortunately, however, this often turns out not to be the case. A new report, produced by Osterman Research and commissioned by Silverfort, reveals that MFA (Multi-Factor Authentication) and PAM (Privileged Access Management) […]
Google says that starting in 2024, all Chromebooks released after 2021 will automatically qualify for ten years of security updates, delivered automatically to the device every four weeks.