Cybersecurity
Category Added in a WPeMatico Campaign
While examining a previous bypass mitigation, Akamai Technologies discovered two new Windows vulnerabilities that could allow an attacker to create a zero-click exploit against Microsoft Outlook clients. In a two-part report published Monday, Akamai researcher Ben Barnea detailed the discovery of two new Windows vulnerabilities, tracked as CVE-2023-35384 and CVE-2023-36710, that were reported to and […]
A man facing extradition to the United States for his alleged role as a LockBit ransomware administrator is up against new cybercrime charges in Ontario. Mikhail Vasiliev, a 33-year-old Canadian-Russian dual national, was first arrested in October 2022 at his home in Bradford, Ontario as part of an international operation involving European, American and Canadian […]
One of the largest mortgage loan servicers in the U.S. said the information of nearly 14.7 million people was leaked during a previously reported cyberattack in October. Mr. Cooper — which says it has more than 4.3 million customers and manages a servicing portfolio of $937 billion — filed breach notification documents with regulators in […]
Dec 19, 2023NewsroomCryptojacking / Cyber Threat The threat actors associated with the 8220 Gang have been observed exploiting a high-severity flaw in Oracle WebLogic Server to propagate their malware. The security shortcoming is CVE-2020-14883 (CVSS score: 7.2), a remote code execution bug that could be exploited by authenticated attackers to take over susceptible servers. “This […]
Dec 19, 2023NewsroomRansomware / Threat Intelligence The threat actors behind the Play ransomware are estimated to have impacted approximately 300 entities as of October 2023, according to a new joint cybersecurity advisory from Australia and the U.S. “Play ransomware actors employ a double-extortion model, encrypting systems after exfiltrating data and have impacted a wide range […]
A new influence campaign that has gained substantial traction is pushing pro-China and anti-United States narratives on YouTube, researchers have found. According to a report released this week by the Australian Strategic Policy Institute (ASPI), the videos garnered substantial views and subscribers — a rarity in the world of social media influence operations. Named Shadow […]
ALPHV was the second-most leveraged ransomware strain in North America and Europe between January 2022 and October 2023, just before the reported takedown of the group’s website, according to ZeroFox research. The analysis found that ALPHV, aka BlackCat, accounted for around 11% of all ransomware and digital extortion (R&DE) attacks in North America over the […]
Dec 18, 2023NewsroomEmail Security / Vulnerability Technical details have emerged about two now-patched security flaws in Microsoft Windows that could be chained by threat actors to achieve remote code execution on the Outlook email service sans any user interaction. “An attacker on the internet can chain the vulnerabilities together to create a full, zero-click remote […]
Over the past few years, SaaS has developed into the backbone of corporate IT. Service businesses, such as medical practices, law firms, and financial services firms, are almost entirely SaaS based. Non-service businesses, including manufacturers and retailers, have about 70% of their software in the cloud. These applications contain a wealth of data, from minimally […]