News in the Security category

Germany takes down cybercrime market with over 180,000 users

The Düsseldorf Police in Germany have seized Crimemarket, a massive German-speaking illicit trading platform with over 180,000 users, arresting six people, including one of its operators.
- Bill Toulas
- March 01, 2024
- 11:45 AM
- 0
U.S. charges Iranian for hacks on defense orgs, offers $10M for info

The U.S. Department of Justice (DoJ) has unveiled an indictment against Alireza Shafie Nasab, a 39-year-old Iranian national, for his role in a cyber-espionage campaign targeting U.S. government and defense entities.
- Bill Toulas
- March 01, 2024
- 09:47 AM
- 0
Golden Corral restaurant chain data breach impacts 183,000 people

The Golden Corral American restaurant chain disclosed a data breach after attackers behind an August cyberattack stole the personal information of over 180,000 people.
- Sergiu Gatlan
- February 29, 2024
- 05:14 PM
- 0
New Bifrost malware for Linux mimics VMware domain for evasion

A new Linux variant of the Bifrost remote access trojan (RAT) employs several novel evasion techniques, including the use of a deceptive domain that was made to appear as part of VMware.
- Bill Toulas
- February 29, 2024
- 04:36 PM
- 0
Brave browser launches privacy-focused AI assistant on Android

Brave Software is the next company to jump into AI, announcing a new privacy-preserving AI assistant called "Leo" is rolling out on the Android version of its browser through the latest release, version 1.63.
- Bill Toulas
- February 29, 2024
- 03:42 PM
- 0
CISA cautions against using hacked Ivanti VPN gateways even after factory resets

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed today that attackers who hack Ivanti VPN appliances using one of multiple actively exploited vulnerabilities may be able to maintain root persistence even after performing factory resets.
- Sergiu Gatlan
- February 29, 2024
- 03:35 PM
- 1
GitHub enables push protection by default to stop secrets leak

GitHub has enabled push protection by default for all public repositories to prevent accidental exposure of secrets such as access tokens and API keys when pushing new code.
- Sergiu Gatlan
- February 29, 2024
- 01:57 PM
- 0
20 million Cutout.Pro user records leaked on data breach forum

AI service Cutout.Pro has suffered a data breach exposing the personal information of 20 million members, including email addresses, hashed and salted passwords, IP addresses, and names.
- Bill Toulas
- February 29, 2024
- 10:56 AM
- 0
Anycubic 3D printers hacked worldwide to expose security flaw

According to a wave of online reports from Anycubic customers, someone hacked their 3D printers to warn that the devices are exposed to attacks.
- Sergiu Gatlan
- February 28, 2024
- 06:06 PM
- 0
Malicious AI models on Hugging Face backdoor users’ machines

At least 100 instances of malicious AI ML models were found on the Hugging Face platform, some of which can execute code on the victim's machine, giving attackers a persistent backdoor.
- Bill Toulas
- February 28, 2024
- 05:12 PM
- 1
New executive order bans mass sale of personal data to China, Russia

U.S. President Joe Biden has signed an executive order that aims to ban the bulk sale and transfer of Americans' private data to "countries of concern" such as China, Russia, Iran, North Korea, Cuba, and Venezuela.
- Sergiu Gatlan
- February 28, 2024
- 03:50 PM
- 8
Rhysida ransomware wants $3.6 million for children’s stolen data

The Rhysida ransomware gang has claimed the cyberattack on Lurie Children's Hospital in Chicago at the start of the month.
- Bill Toulas
- February 28, 2024
- 03:37 PM
- 0
Kali Linux 2024.1 released with 4 new tools, UI refresh

Kali Linux has released version 2024.1, the first version of 2024, with four new tools, a theme refresh, and desktop changes.
- Lawrence Abrams
- February 28, 2024
- 02:47 PM
- 2
Ransomware gang claims they stole 6TB of Change Healthcare data

The BlackCat/ALPHV ransomware gang has officially claimed responsibility for a cyberattack on Optum, a subsidiary of UnitedHealth Group (UHG), which led to an ongoing outage affecting the Change Healthcare platform.
- Sergiu Gatlan
- February 28, 2024
- 02:33 PM
- 0
LockBit ransomware returns to attacks with new encryptors, servers

The LockBit ransomware gang is once again conducting attacks, using updated encryptors with ransom notes linking to new servers after last week's law enforcement disruption.
- Lawrence Abrams
- February 28, 2024
- 01:31 PM
- 0
Lazarus hackers exploited Windows zero-day to gain Kernel privileges

North Korean threat actors known as the Lazarus Group exploited a flaw in the Windows AppLocker driver (appid.sys) as a zero-day to gain kernel-level access and turn off security tools, allowing them to bypass noisy BYOVD (Bring Your Own Vulnerable Driver) techniques.
- Bill Toulas
- February 28, 2024
- 12:24 PM
- 1
Epic Games: "Zero evidence" we were hacked by Mogilevich gang

Epic Games said they found zero evidence of a cyberattack or data theft after the Mogilevich extortion group claimed to have breached the company's servers.
- Lawrence Abrams
- February 28, 2024
- 11:14 AM
- 0
Japan warns of malicious PyPi packages created by North Korean hackers

Japan's Computer Security Incident Response Team (JPCERT/CC) is warning that the notorious North Korean hacking group Lazarus has uploaded four malicious PyPI packages to infect developers with malware.
- Bill Toulas
- February 28, 2024
- 10:04 AM
- 0
Sponsored Content
Need to Know: Key Takeaways from the Latest Phishing Attacks

This article takes a look at some lessons from recent phishing attacks and highlights actionable tips to limit the risks of phishing affecting your company.
- Sponsored by Blink Ops
- February 28, 2024
- 10:01 AM
- 0
Savvy Seahorse gang uses DNS CNAME records to power investor scams

A threat actor named Savvy Seahorse is abusing CNAME DNS records Domain Name System to create a traffic distribution system that powers financial scam campaigns.
- Bill Toulas
- February 28, 2024
- 09:00 AM
- 0