[ad_1] UK water supplier Southern Water has confirmed that it suffered a data breach after the Black Basta ransomware group appeared to leak customer data held by the firm. The utilities company, which serves around 4.6 million customers across Southern England, admitted in a post... Continue reading
Return to previous page
Page 67
[ad_1] Russia-linked APT group Midnight Blizzard hacked Hewlett Packard Enterprise (HPE) Pierluigi Paganini January 25, 2024 Hewlett Packard Enterprise (HPE) revealed that Russia-linked APT group Midnight Blizzard gained access to its Microsoft Office 365 email system. Hewlett Packard Enterprise (HPE) revealed that alleged Russia-linked cyberespionage... Continue reading
[ad_1] Threat actors could soon strike after a proof-of-concept exploit was published for a critical vulnerability in managed file transfer (MFT) software Fortra GoAnywhere MFT yesterday. Horizon3 published details on how to exploit CVE-2024-0204, a critical authentication bypass vulnerability which was patched by Fortra on... Continue reading
[ad_1] Akira ransomware attack on Tietoevry disrupted the services of many Swedish organizations Pierluigi Paganini January 24, 2024 A ransomware attack against the Finnish IT services provider Tietoevry disrupted the services of some Swedish government agencies and shops. The online services of multiple Swedish government... Continue reading
[ad_1] Security researchers have observed a 198% increase in browser-based phishing attacks during the latter half of 2023 compared to the first half, with a corresponding 206% rise in evasive attacks. The findings, outlined in Menlo Security’s recently released 2023 State of Browser Security Report,... Continue reading
[ad_1] CISA adds Atlassian Confluence Data Center bug to its Known Exploited Vulnerabilities catalog Pierluigi Paganini January 25, 2024 U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Atlassian Confluence Data Center and Server Template Injection bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and... Continue reading
[ad_1] Security researchers have observed a notable surge in dark web discussions regarding the illicit use of ChatGPT and other Large Language Models (LLMs), according to findings from Kaspersky’s Digital Footprint Intelligence service in 2023. Nearly 3000 dark web posts were identified, focusing on a... Continue reading
[ad_1] 5379 GitLab servers vulnerable to zero-click account takeover attacks Pierluigi Paganini January 24, 2024 Thousands of GitLab servers are vulnerable to zero-click account takeover attacks exploiting the flaw CVE-2023-7028. GitLab has recently released security updates to address two critical vulnerabilities impacting both the Community... Continue reading
[ad_1] The emergence of cybercrime-as-a-service (RaaS) has lowered the entry barrier into cybercrime by allowing cybercriminals to specialize in only one aspect of the attack supply chain. This can be coding malware, developing phishing kits, crafting initial access methods, releasing vulnerability exploits, or sharing data... Continue reading
[ad_1] Experts released PoC exploit for Fortra GoAnywhere MFT flaw CVE-2024-0204 Pierluigi Paganini January 24, 2024 Researchers released PoC exploit code for a recently disclosed critical authentication bypass flaw in Fortra’s GoAnywhere MFT (Managed File Transfer). Researchers with cybersecurity firm Horizon3’s Attack Team published technical details of... Continue reading