Akshay JoshiHead of Industry and Partnerships, Centre for Cybersecurity, World Economic Forum 1. US warns of huge cyber-espionage campaign targeting critical infrastructure One of the largest known cyber-espionage campaigns has hit companies running critical US infrastructure, according to Western intelligence agencies and Microsoft. Microsoft analysts say the group, which it is calling Volt Typhoon, appears […]
By Sergiu Gatlan | March 9. 2023 “AT&T is notifying roughly 9 million customers that some of their information was exposed after a marketing vendor was hacked in January. “Customer Proprietary Network Information from some wireless accounts was exposed, such as the number of lines on an account or wireless rate plan,” AT&T told BleepingComputer. “The […]
Posted: February 17, 2023 by Jovi Umawing “Car manufacturer Hyundai, and its subsidiary Kia, began rolling out a free software update on February 14, 2023, to address a flaw in their anti-theft software, which was highlighted in a social media challenge. The release of the update came nine months after an uptick in car theft of the affected models in the […]
“The U.S. Federal Bureau of Investigation (FBI) is reportedly investigating malicious cyber activity on the agency’s network. The federal law enforcement agency says it already contained the “isolated incident” and is working to uncover its scope and overall impact. “The FBI is aware of the incident and is working to gain additional information,” the U.S. […]
Plus: The FBI got (at least a little bit) hacked, an election-disruption firm gets exposed, Russia mulls allowing “patriotic hacking,” and more. “GoDaddy revealed in a statement on Thursday it had discovered that hackers inside its systems had installed malware on its network and stolen parts of its code. The company says it became aware […]
Published by Kaitlin Balasaygun “That screen-blocking software update notification that keeps coming back may be annoying to a phone user, but ignoring it for too long is a mistake. Many consumers opt to not have phones set to automatic update. Once the day begins, these notifications can pop up at inconvenient and distracted times — […]
By Ravie Lakshmanan “Google on Thursday released software updates to address yet another zero-day flaw in its Chrome web browser. Tracked as CVE-2022-4135, the high-severity vulnerability has been described as a heap buffer overflow in the GPU component. Clement Lecigne of Google’s Threat Analysis Group (TAG) has been credited with reporting the flaw on November 22, […]
By Jai Vijayan “The software giant also recorded an increase in attacks on IT services companies as state-backed threat actors have adapted to better enterprise defenses and cast a wider net, Microsoft says. Enterprise security executives that perceive nation-state-backed cyber groups as a distant threat might want to revisit that assumption, and in a hurry. Several […]
By Sergiu Gatlan “Threat actors are using the compromised infrastructure of an undisclosed media company to deploy the SocGholish JavaScript malware framework (also known as FakeUpdates) on the websites of hundreds of newspapers across the U.S. “The media company in question is a firm that provides both video content and advertising to major news outlets. [It] […]
“Dropbox disclosed a security breach after threat actors stole 130 code repositories after gaining access to one of its GitHub accounts using employee credentials stolen in a phishing attack. The company discovered the attackers breached the account on October 14 when GitHub notified it of suspicious activity that started one day before the alert was […]
