Cybersecurity
Category Added in a WPeMatico Campaign
A Chinese state-sponsored APT called BlackTech has been caught hacking into network edge devices and using firmware implants to stay hidden and silently hop around the corporate networks of U.S. and Japanese multinational companies. According to a high-powered joint advisory from the NSA, FBI, CISA and Japan’s NISC, BlackTech has been observed modifying router firmware […]
By Raphael Satter and Zeba Siddiqui WASHINGTON (Reuters) -Chinese hackers who breached Microsoft’s email platform this year managed to steal tens of thousands of emails from U.S. State Department accounts, a Senate staffer told Reuters on Wednesday. The staffer, who attended a briefing by State Department IT officials, said the officials told lawmakers that 60,000 […]
Sep 28, 2023The Hacker NewsBrowser Security / Cybersecurity The landscape of browser security has undergone significant changes over the past decade. While Browser Isolation was once considered the gold standard for protecting against browser exploits and malware downloads, it has become increasingly inadequate and insecure in today’s SaaS-centric world. The limitations of Browser Isolation, such […]
The ransomware gang, known as Dark Angels, has demanded a $51 million ransom and claimed to have stolen over 27 TB of corporate data from the network of Johnson Controls.
The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has found. The leaked data suggest that Snatch is one of several ransomware groups using paid ads on Google.com to trick people into installing […]
Apple on Tuesday announced the release of macOS 14 Sonoma. A security advisory published by the tech giant shows that the latest version of the operating system patches more than 60 vulnerabilities. The flaws can be exploited to obtain potentially sensitive information (location, calendar, contacts, photos, credentials), execute arbitrary code with elevated privileges, escape the […]
Sep 28, 2023THNMalware / Cyber Threat Government and telecom entities have been subjected to a new wave of attacks by a China-linked threat actor tracked as Budworm using an updated malware toolset. The intrusions, targeting a Middle Eastern telecommunications organization and an Asian government, took place in August 2023, with the adversary deploying an improved […]
A trial lawyer who secured a nearly $90 million verdict against Monsanto filed suit against H&R Block on Wednesday, alleging the tax preparation firm collaborated with Meta and Google to embed “spyware” on its website to make money from scraped tax return data. The class-action suit alleges the three companies’ joint conduct should be considered […]
Two new security flaws in the popular Simple Membership plugin for WordPress, affecting versions 4.3.4 and below, have been identified, leading to potential privilege escalation issues. With over 50,000 active installations, the plugin developed by smp7 and wp.insider is widely used for custom membership management on WordPress sites. The flaws identified by Patchstack security researchers include […]