Cybersecurity
Category Added in a WPeMatico Campaign
A utility company controlling the water, electricity and internet for a town in eastern Iowa confirmed that a January ransomware attack led to the exposure of sensitive information from nearly all local residents. Muscatine Power and Water — providing the Muscatine and Fruitland area with internet, TV, phone, water, and electric services for more than […]
GitHub push protection – a security feature aimed at preventing secrets such as API keys or tokens getting accidentally leaked online – is being switched on by default for all public repositories. “This means that when a supported secret is detected in any push to a public repository, you will have the option to remove […]
Cybersecurity researchers at Proofpoint have uncovered a new tactic employed by cybercriminal threat actor TA577, shedding light on a lesser-seen objective in their operations. The group was found utilizing an attack chain aimed at stealing NT LAN Manager (NTLM) authentication information. This method could potentially be exploited for sensitive data gathering and facilitating further malicious […]
The JetBrains TeamCity On-Premises CI/CD solution has been found to have two critical vulnerabilities (CVE-2024-27198 and CVE-2024-27199) that can allow remote attackers to take control of the server and modify system settings without authentication.
More than 95% of responding IT and security professionals believe social engineering attacks have become more sophisticated in the last year, according to LastPass. Recent AI advancements, particularly generative AI, have empowered cybercriminals to coordinate social engineering assaults with unprecedented precision and customization. Phishing and other social engineering attacks manipulate people into sharing information they […]
Cybercriminals are using a massive network of hired mules in India and an Android-based money transfer application to launder illicit proceeds, researchers have found. According to an investigation by the Singapore-based cybersecurity company CloudSEK, the money mules — who are recruited to receive and then quickly transfer funds to obscure their origin — are managed […]
Mar 05, 2024NewsroomVulnerability / Network Security A new pair of security vulnerabilities have been disclosed in JetBrains TeamCity On-Premises software that could be exploited by a threat actor to take control of affected systems. The flaws, tracked as CVE-2024-27198 (CVSS score: 9.8) and CVE-2024-27199 (CVSS score: 7.3), have been addressed in version 2023.11.4. They impact […]
Silence Laboratories, a startup that builds infrastructure using multiparty computation (MPC) to help enterprises keep data private and safe, said it has raised a $4.1 million funding round. Pi Ventures and Kira Studio co-led the recent funding, which brings its total raised to $6 million, along with angel investors. The startup will use the funding to scale […]
American Express has issued a data breach notification after one of its service providers experienced unauthorized access to its systems. This has led to the exposure of American Express Card account numbers, names, and card expiration dates.