Cybersecurity
Category Added in a WPeMatico Campaign
A former Dutch cybersecurity professional named Pepijn Van der Stap has been sentenced to four years in prison for hacking and blackmailing more than a dozen companies. He also infiltrated networks and stole sensitive information.
The company discovered suspicious activity in employee email accounts in January 2023 and determined that the breach occurred between December 2022 and January 2023. The stolen data includes names, SSNs, and financial account information.
Nov 04, 2023NewsroomData Breach / Cyber Attack Identity and authentication management provider Okta on Friday disclosed that the recent support case management system breach affected 134 of its 18,400 customers. It further noted that the unauthorized intruder gained access to its systems from September 28 to October 17, 2023, and ultimately accessed HAR files containing […]
The American Airlines pilot union is working to restore its systems following a ransomware attack, the latest in a rash of cyber incidents affecting the aviation industry. The union, which represents more than 15,000 of the airline’s pilots, posted a notice on its website explaining it first discovered the cyberattack on October 30. The unnamed […]
Nov 04, 2023NewsroomMobile Security / Android Google is rolling out an “Independent security review” badge in the Play Store’s Data safety section for Android apps that have undergone a Mobile Application Security Assessment (MASA) audit. “We’ve launched this banner beginning with VPN apps due to the sensitive and significant amount of user data these apps […]
ZDI discloses four zero-day flaws in Microsoft Exchange Pierluigi Paganini November 03, 2023 Researchers disclosed four zero-day flaws in Microsoft Exchange that can be remotely exploited to execute arbitrary code or disclose sensitive information on vulnerable installs. Trend Micro’s Zero Day Initiative (ZDI) disclosed four zero-day vulnerabilities in Microsoft Exchange that can be remotely exploited […]
Nov 03, 2023NewsroomCloud Security / Linux The threat actors linked to Kinsing have been observed attempting to exploit the recently disclosed Linux privilege escalation flaw called Looney Tunables as part of a “new experimental campaign” designed to breach cloud environments. “Intriguingly, the attacker is also broadening the horizons of their cloud-native attacks by extracting credentials […]
Authored by Lakshya Mathur & Vignesh Dhatchanamoorthy AsyncRAT, short for “Asynchronous Remote Access Trojan,” is a sophisticated piece of malware designed to compromise the security of computer systems and steal sensitive information. What sets AsyncRAT apart from other malware strains is its stealthy nature, making it a formidable adversary in the world of cybersecurity. McAfee […]
Summary In the past month, the Netskope Threat Labs team observed a considerable increase of SharePoint usage to deliver malware caused by an attack campaign abusing Microsoft Teams and SharePoint to deliver a malware named DarkGate. DarkGate (also known as MehCrypter) is a malware that was first reported by enSilo (now Fortinet) in 2018 and […]