Fidelity Investments Life Insurance Company (FILI) faces another data breach challenge as it discloses a breach affecting a significant number of individuals. The breach, linked to third-party service provider Infosys McCamish (IMS), heightens worries over data security in today’s digital landscape. Approximately 28,268 individuals have been notified by Fidelity regarding the breach.…
Read More Category: Cyber Attack
South St. Paul Public Schools recently alerted families to ongoing technology disruption, shedding light on potential disruptions to online platforms, emails, and other digital services. In a note on Monday, the district acknowledged technical difficulties and later revealed the presence of “unauthorized activity” within its computer network. …
Read More
TA577 has been identified as a notorious threat actor who orchestrated a sophisticated phishing campaign, according to researchers at security firm Proofpoint. Currently, the group is utilizing a new method of phishing involving ZIP archive attachments. This tactic is geared towards pilfering the hash data of NT LAN Manager (NTLM) users.…
Read More Microsoft has confirmed a new, significant intrusion by the persistent Russia-based hacking group Midnight Blizzard (NOBELIUM). The threat actors leveraged information exfiltrated during a January cyberattack to gain recent, unauthorized access to Microsoft’s internal network, including source code repositories.
Microsoft traced the breach back to a January cyberattack where Midnight Blizzard leveraged a common but dangerous method – a password spray attack.…
The US Justice Department has charged a former Google software engineer with stealing artificial intelligence-related trade secrets from the company, with an eye to using it at two AI-related firms he was associated with in China.
If convicted, Linwei Ding, aka Leon Ding, faces up to 10 years in prison and a fine of $250,000 on each of the four counts of trade secrets theft on which he has been indicted.…
Scans on the public web show that approximately 150,000 Fortinet FortiOS and FortiProxy secure web gateway systems are vulnerable to CVE-2024-21762, a critical security issue that allows executing code without authentication.
America’s Cyber Defense Agency CISA confirmed last month that attackers are actively exploiting the flaw by adding it to its Known Exploited Vulnerabilities (KEV) catalog.…
QNAP warns of vulnerabilities in its NAS software products, including QTS, QuTS hero, QuTScloud, and myQNAPcloud, that could allow attackers to access devices.
The Taiwanese Network Attached Storage (NAS) device maker disclosed three vulnerabilities that can lead to an authentication bypass, command injection, and SQL injection.
While the last two require the attackers to be authenticated on the target system, which significantly lessens the risk, the first (CVE-2024-21899) can be executed remotely without authentication and is marked as “low complexity.”…
A team of researchers has developed a self-replicating computer worm designed to target AI-powered applications like Gemini Pro, ChatGPT 4.0, and LLaVA. The aim of this project was to showcase the vulnerabilities in AI-enabled systems, particularly how interconnections between generative-AI platforms can facilitate the spread of malware.…
Read More Microsoft says the Russian ‘Midnight Blizzard’ hacking group recently accessed some of its internal systems and source code repositories using authentication secrets stolen during a January cyberattack.
In January, Microsoft disclosed that Midnight Blizzard (aka NOBELIUM) had breached corporate email servers after conducting a password spray attack that allowed access to a legacy non-production test tenant account.…
The increasing prevalence of programmable logic controllers (PLCs) featuring embedded web servers has opened avenues for potential catastrophic remote attacks on operational technology (OT) within industrial control systems (ICS) in critical infrastructure sectors. Researchers from the Georgia Institute of Technology have developed malware that could enable adversaries to remotely access embedded web servers in PLCs, potentially leading to manipulation of output signals, falsification of sensor readings, disabling safety systems, and other actions with severe consequences, including loss of life.…
Read More HP announced on Thursday that several of its business PCs now benefit from protection against quantum computer attacks thanks to a new security chip.
The tech giant said the 5th generation of its Endpoint Security Controller (ESC) chip, which is built into some of its computers, can protect the integrity of the device’s firmware using quantum-resistant cryptography. …
Mar 08, 2024The Hacker NewsSecrets Management / Access Control
In the realm of cybersecurity, the stakes are sky-high, and at its core lies secrets management — the foundational pillar upon which your security infrastructure rests. We’re all familiar with the routine: safeguarding those API keys, connection strings, and certificates is non-negotiable.…
The National Cyber Security Centre (NCSC) published a data analysis report on the data breach resulting from the ransomware attack on the IT services provider Xplain. The attack took place on May 23, 2023 and the Play ransomware gang claimed responsibility for the data breach.
In early June, Swiss police launched an investigation into the cyberattack that targeted the Bernese IT company Xplain.…
PRESS RELEASE
SINGAPORE – 29th February 2024 — In the modern age, large companies are wrestling to leverage their customers’ data to provide ever-better AI-enhanced experiences but a key barrier to leveraging this opportunity is mounting public concern around data privacy, as ever-greater data processing poses risks of data leaks by hackers and malicious insiders.Silence…
The National Cyber Security Centre (NCSC) of Switzerland has released a report on its analysis of a data breach following a ransomware attack on Xplain, disclosing that the incident impacted thousands of sensitive Federal government files.
Xplain is a Swiss technology and software solutions provider for various government departments, administrative units, and even the country’s military force.…
The volume of cyberattacks and online throats continually growing is helping to make getting cyber insurance the norm for many organizations. While insurance has typically been something the organization’s board of directors worked on with the CFO, the technical nature of cyber risk means the CISO is increasingly being asked to be part of the conversation.…
Change Healthcare breach
There is evidence that the ransomware group behind the Change Healthcare breach, which has caused chaos for hospitals and pharmacies attempting to handle prescriptions, may have received $22 million from UnitedHealth Group.
Researchers studying security issues discovered a post made by an associate member claiming to be a member of the ALPHV/Blackcat ransomware group in a Russian forum used by cybercriminals.…
The U.S. Department of Justice (DoJ) has announced the unsealing of an indictment against Linwei (Leon) Ding, 38, a former software engineer at Google, suspected of stealing Google AI trade secrets for Chinese companies.
The charges allege that Ding stole proprietary information about Google’s artificial intelligence (AI) technologies and transferred it to two companies based in China, where he secretly worked.…
The FBI’s Internet Crime Complaint Center (IC3) has published its annual report for 2023, which reveals that the number of cybercrime complaints received by the agency increased by nearly 10% compared to the previous year.
Cybercrime victims in the United States filed more than 880,000 complaints with the FBI in 2023, with reported losses totaling over $12.5 billion, which represents a 22% increase from 2022. …
Cisco on Wednesday announced patches for two high-severity vulnerabilities in Secure Client, the enterprise VPN application that also incorporates security and monitoring capabilities.
The first issue, tracked as CVE-2024-20337, impacts the Linux, macOS, and Windows versions of Secure Client and could be exploited remotely, without authentication, in carriage return line feed (CRLF) injection attacks.…