Daily News - Novembro (17/11 - 23/11) - 47 Semana de 2024Cyber Security, Hacking, Privacy and Information Security News --- Daily Updates !! Weekly Resume...22/115 hackers charged in the US over Scattered Spider hacking campaigns7-Zip affected by dangerous vulnerability: users must update the app manually17 hottest IT security certs for higher pay today2000+ Palo Alto Firewalls Hacked Exploiting New Vulnerabilities145,000+ Unsecured ICS Devices Exposed To AttackersAI and Open Source Security: The Critical Role of AI-Powered Fuzzing in Finding FlawsAndrew Tate’s controversial online “university” breached, 800K users’ data stolenAspen Healthcare says hackers stole patient's healthcare data from its systemsBojangles data leak: “It’s breach time!” CISA Warns of Apple & Oracle Agile Vulnerabilities Exploited in WildCybercriminals turn to pen testers to test ransomware efficiencyDeepfake attacks occur every five minutesDOJ Takes Down Global Cybercrime Hub PopeyeTools, Seizes CryptocurrencyDOJ Told Google To Sell Chrome To End Search MonopolyExchange Upbit dá início a reembolso de usuários após ataque hackerFintech giant Finastra says hacker stole data from its internal networkFive Ransomware Groups Responsible for 40% of Cyber-Attacks in 2024Ford debunks data breach claims, confirms no customer impactHackers board Palo Alto vulnerability bandwagon: over 2,000 firewalls hacked and countingHackers breach US firm over Wi-Fi from Russia in 'Nearest Neighbor Attack'Hackers Leveraging Google Docs & Weebly Services To Attack Telecom IndustriesI deleted my personal info from the internet with this service (and it's on sale for Black Friday)Italy plans crackdown on database hacksManufacturing Sector in the Crosshairs of Advanced Email AttacksMeta boots over 2M fake accounts originating from overseas scam centersMicrosoft, Meta, and DOJ Disrupt Global Cybercrime and Fraudulent NetworksMicrosoft rolls out Recall to Windows Insiders with Copilot+ PCsMicrosoft Seizes 240 Domains Used By phishing-As-A-Service (PhaaS) PlatformMicrosoft Seizes 240 Websites to Disrupt Global Distribution of Phish KitsMicrosoft Shares Intelligence On North Korean & Chinese Hackers At CYBERWARCONMITRE Unveils Top 25 Most Critical Software FlawsMore than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-daysMultiple D-Link End-of-Life Routers Vulnerabilities Let Attackers Execute Remote CodeMultiple Linux Kernel Vulnerabilities In Defer Partition Scanning PatchedNew “ultra-secure” phone service promises unique protection against threatsNew Zealand importer Triton Sourcing & Distribution confirms ransomware attackNVIDIA Base Command Manager Vulnerability Let Attackers Remote CodeOne year later: 7 useful things the Flipper Zero can do that still blows my mindPro-trans rights hackers target Andrew Tate’s The Real World websitePyPI Attack: ChatGPT, Claude Impersonators Deliver JarkaStealer via Python LibrariesRussia-Linked Cyber-Espionage Campaign Targets Central AsiaRussian Cyber Spies Target Organizations with HatVibe and CherrySpy MalwareRussian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and AsiaRussian TAG-110 Attacking Users With HATVIBE And CHERRYSPY Hacking ToolsSeniors and carers call for smart monitoring to safely age at homeSnow Brand Australia confirms SafePay ransomware attackTesla data breach falsely claimed by IntelBroker, third-party EV charging firm actually breachedThe 1 Co apologizes for data breach impacting 5 million customersThe limits of AI-based deepfake detectionThree-Quarters of Black Friday Spam Emails Identified as ScamsUnlocking Google Workspace Security: Are You Doing Enough to Protect Your Data?U.S. CISA adds Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalogUS Senator Calls Chinese Telecom Attack As Worst Hack In Nation’s HistoryWhy the NIS2 Directive causes growing pains for businessesWikiLeaks whistleblower Chelsea Manning battles AI surveillance with NSA-proof VPN21/115 Scattered Spider Gang Members Indicted in Multi-Million Dollar Cybercrime Scheme10 Most Impactful PAM Use Cases for Enhancing Organizational Security10-Year Old Flaws In Ubuntu Server needrestart Package Let Attackers Gain Root Access2,000 Palo Alto Networks devices compromised in latest attacks750,000 Patients' Medical Records Exposed After Data Breach at French HospitalA Fifth of UK Enterprises “Not Sure” If NIS2 AppliesActive network of North Korean IT front companies exposedAuthorities Charged 5 Hackers For Attacking Companies via Phishing Text MessagesAxoSyslog: Open-source scalable security data processorBianLian Ransomware Group Adopts New Tactics, Posing Significant RiskBuyoplace.com Database Leak Exposes Customer and Transaction DataChinese APT Gelsemium Targets Linux Systems with New WolfsBane BackdoorCISA says BianLian ransomware now focuses only on data theftCISA Warns of VMware VCenter Vulnerabilities Actively Exploited in AttacksCoreia do Sul confirma Coreia do Norte por trás do hack da Upbit de US$ 50 milhõesCritical AnyDesk Vulnerability Let Attackers Uncover User IP AddressCritical Kubernetes Vulnerability Let Attackers Execute Arbitrary CommandsCWE top 25 most dangerous software weaknessesCyber attack hits Auchan, customer data stolenCyber Threats in Australia: Insights from the Annual Cyber Threat Report 2023-2024Cybersecurity Myths: Debunking the Top 5 Most Common MisconceptionsData breach at law firm Thompson Coburn affects Presbyterian Healthcare patientsDatabase Leak Exposes Information on 180,000 Chinese-American WeChat UsersDDoS Attack Growing Bigger & Dangerous, New Report RevealsDecade-Old Flaws In Ubuntu Server Package Let Attackers Gain Root AccessDecade-old local privilege escalation bugs impacts Ubuntu needrestart packageDelta Airlines reportedly experiences data breachEnhancing visibility for better security in multi-cloud and hybrid environmentsFeds Charge Five Men in ‘Scattered Spider’ RoundupFeds Shut Down 'PopeyeTools' Hacking Site That Sold Credit Card NumbersFinastra discloses large-scale data breachFive Charged in Scattered Spider CaseFortinet VPN design flaw hides successful brute-force attacksFull recovery from breaches takes longer than expectedGelsemium APT Hackers Attacking Linux Servers With New WolfsBane MalwareGhost Tap Attack, Hackers Stolen Credit Card Linked To Google Pay Or Apple PayGoogle, Apple, Venmo payment apps, digital wallets now subject to US regulatorsGoogle OSS-Fuzz Harnesses AI to Expose 26 Hidden Security VulnerabilitiesGoogle's AI-Powered OSS-Fuzz Tool Finds 26 Vulnerabilities in Open-Source ProjectsHacker diz ter entrado nos sistemas da Ford e roubado informações de 44.000 clientes; dados estão sendo oferecidos por valor baixíssimoHacker invade Instagram de secretaria do Ceará e publica fotos de BolsonaroHalo Security Launches Slack Integration for Real-Time Alerts on New Assets and VulnerabilitiesHere’s what to know about Google Cloud mandating MFA by end of 2025How to select the best on-ramp and off-ramp for you?Huge US healthcare payment network finally restored after ransomware attackiLearningEngines Notifies SEC of Recent Cyberattack, Raising Concerns over Possible Data BreachJob termination scam warns staff of phony Employment Tribunal decisionLinux Malware WolfsBane and FireWood Linked to Gelsemium APTLumma Stealer Proliferation Fueled by Telegram ActivitymacOS WorkflowKit Race Vulnerability Let Malicious Apps Intercept ShortcutsMalicious PyPi Package Mimic ChatGPT & Claude Steals Developers DataMassive B2B Database Leak Exposes 420,000 U.S. CompaniesMassive Leak Exposes Data of 4 Million Israeli Facebook UsersMDLand International Files Official Notice of Data Breach Affecting 63,052 PeopleMercer University settles lawsuit over data breach, agrees to compensationMicrosoft disrupts ONNX phishing-as-a-service infrastructureMicrosoft pulls WinAppSDK update breaking Windows 10 app uninstallsMITRE Lists 25 Most Dangerous Software Weaknesses of 2024Niantic builds centimeter-level accuracy positioning system from Pokemon Go player dataNodeStealer Malware Targets Facebook Ad Accounts, Harvesting Credit Card DataNorth Korea hackers behind 2019 $42 million Ethereum heist, South Korea police sayNorth Korean fake IT workers up the ante in targeting tech firmsNorth Korean Front Companies Impersonate U.S. IT Firms to Fund Missile ProgramsNovel NFC-exploiting Ghost Tap attack technique gains tractionNow BlueSky hit with crypto scams as it crosses 20 million usersOperation Shipwrecked: US Seizes PopeyeTools Marketplace, Charges 3Over 2,000 Palo Alto firewalls hacked using recently patched bugsOver 145,000 Industrial Control Systems Across 175 Countries Found Exposed OnlinePhishing Scams Costing Americans BillionsPhishing scams exploit Japan’s digital currencies as fraud cases risePrepare for the Holiday Ransomware StormPreventing credential theft in the age of AIProtecting Critical Infrastructure with Zero-Trust and MicrosegmentationRansomware gang BianLian ditches encryption, profits from data extortionReport: 90% of Industrial Firms Hit By Cyber-attack This YearResearchers unearth two previously unknown Linux backdoorsRetail loyalty programme apologises for customer data breachRockford Gastroenterology Associates Notifies 147,253 of 2023 Data BreachScattered Spider Cybercrime Group Faces Federal Indictments for $11 Million TheftSpace technology giant Maxar says hacker stole employees' personal informationSSV Blockchain Network Data Leak Exposes Sensitive InformationThe path to innovation: 3 stories of resilience from women in cybersecurityTop 6 Malware Persistence Mechanisms Used by Hackers: A Detailed GuideTrellix report reveals evolving ransomware ecosystem trendsUkrainian cyberwar experience becomes blueprint for TRYZUB cyber training serviceUruguay’s Partido Nacional Website Faces HTML Injection VulnerabilityU.S. automaker Ford investigating major data breach from its internal networkUS Charges 5 Suspected MGM Hackers from Scattered Spider GangUS charges five alleged members of Scattered Spider gangUS DoJ charges five alleged members of the Scattered Spider cybercrime gangUS military officials used China-linked promotional gift shop GS-JJ, exposing over 300K emailsUS seizes PopeyeTools cybercrime marketplace, charges administratorsVietnam’s Infostealer Crackdown Reveals VietCredCare and DuckTailWalls close in on MGM attackers as DoJ indicts fiveWarning: Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack CampaignWhat CISOs need to know about the SEC’s breach disclosure rulesWireshark 4.4.2: Fixes Vulnerabilities & Enhances Protocol Support20/1111 biggest financial sector cybersecurity threats60% of Emails with QR Codes Classified as Spam or Malicious4000 Stealer Logs Leaked, Exposing Personal Data2024 Arctic Wolf Security Report: Key insights and trendsAdmins of Illegal NBA, NFL, and NHL streamer 247TVStream chargedAI Company Reports $250,000 Stolen in CyberattackAI Detection Revolutionizes the Battle Against Ransomware ThreatsAI-Driven Cyber Scams 'Real And Present Threat' To Australia's Critical InfrastructureAmazon and Audible flooded with 'forex trading' and warez listingsAnnieMac details extent of data breachANY.RUN Sandbox Now Let Analysts Automatically Analyse Complex Cyber Attack ChainsApple addressed two actively exploited zero-day vulnerabilitiesApple fixes 2 zero-days exploited to breach macOS systems (CVE-2024-44309, CVE-2024-44308)Apple Issues Emergency Security Update for Actively Exploited VulnerabilitiesApple Releases Urgent Updates to Patch Actively Exploited Zero-Day VulnerabilitiesApple Security Update, Patch for Multiple Zero-Day VulnerabilitiesApple security updates address dangerous zero-day attacksAtlassian Sourcetree For Mac & Windows Flaw Let Attackers Execute Remote CodeAttackers Targeting VPNs Account for 28.7 Percent of Ransomware Incidents in Q3 According to Corvus Insurance Cyber Threat ReportAustralia critical infrastructure faces cyber threats, report saysBlack Friday Scammers are Hard at Work: Security ExpertsBlackSuit ransomware ramps up ops hitting 93 organisationsBoksha Database Leaked, User Privacy at RiskChina-Backed Hackers Leverage SIGTRAN, GSM Protocols to Infiltrate Telecom NetworksChinese APT Group Targets Telecom Firms Linked to Belt and Road InitiativeChrome Security Update, Fix For Multiple VulnerabilitiesCybercriminals Exploit Weekend Lull to Launch Ransomware AttacksDecades-Old Security Vulnerabilities Found in Ubuntu's Needrestart PackageDebunking myths about open-source securityDenniskirk.com Database Breach Leaks Customer DataFinancial phishing floods devices in Indian companiesFinastra Data Breach: 400GB Banking Data on Sale in Dark WebFive backup lessons learned from the UnitedHealth ransomware attackFive Privilege Escalation Flaws Found in Ubuntu needrestartFlash loan attack on Polter Finance: hacker steals $7 million in cryptocurrenciesFleet tech provider Microlise says data security incident compromised corporate dataFord Blames Third-Party Supplier for Data BreachGabagool Leveraging Cloudflare’s R2 Storage Service To Bypass Security FiltersGen's report reveals 614% surge in 'Scam-Yourself Attacks'Ghost Tap: Hackers Exploiting NFCGate to Steal Funds via Mobile PaymentsGitHub Secure Open Source Fund: Project maintainers, apply now!Great Plains hospital says ransomware attack impacted over 133,000 patientsHacker obtained documents tied to lawsuit over Matt Gaetz’s sexual misconduct allegationsHacker obtains House ethics testimony on Matt Gaetz as Trump makes calls for AG nomineeHackers breach Library of Congress’ congressional research service emails in a cyberattackHackers Exploit Misconfigured Jupyter Servers for Illegal Sports StreamingHackers Hijack Jupyter Servers for Sport Stream RippingHealthcare org Equinox notifies 21K patients and staff of data theftIn a new era of cyber risk, businesses are preparing for zero hourInfamous threat actor targets Tesla, gets immediately roasted by cyber prosLinux Variant of Helldown Ransomware Targets VMware ESX ServersMajority of UK businesses lack readiness for rising AI-led phishing attacks, reveals surveyMassive data breach exposes 56 million Hot Topic customersMassive National Public Data Leak Exposes Sensitive InformationMassive November 2024 Stealer Logs Leak Exposes Sensitive DataMeow, INC Ransom gangs leak San Francisco Ballet Company dataMicrosoft confirms game audio issues on Windows 11 24H2 PCsMicrosoft Ignite New 360-Degree Details Attacker Tooling and MethodologyMicrosoft introduces new security features to Windows: hot patching, quick recovery, fewer privilegesNames, addresses and other details of 44,000 customers leaked in Ford hackingNew Cyble Report Highlights Critical Vulnerabilities and Rising Cyber Threats in ANZ for 2024New Ghost Tap attack abuses NFC mobile payments to steal moneyNon-human identity (NHIs) Are the Future of Cybersecurity: Meet NHIDROne Deepfake Digital Identity Attack Strikes Every Five MinutesOpen-source devs want to democratize health tracking with $18 ring from AliexpressOracle Agile PLM Zero-Day Vulnerability Exploited In The WildOracle Linux 9 Update 5 brings security updates, OpenJDK 17, .NET 9.0Oracle Warns of Agile PLM Vulnerability Currently Under Active ExploitationOverreliance on GenAI to develop software compromises securityOverseas Business Continuity (BC) Data Collection Exposed for Blackmailing PurposesOWASP Warns of Growing Data Exposure Risk from AI in New Top 10 List for LLMsPhishing Decoded: How Cybercriminals Target You And How To Fight BackRansomHub hits ASIC compliance firm in alleged cyber attackRussian ransomware gangs are going on a recruitment driveSafeguarding the DNS through registries‘Scam Yourself’ attacks have fooled millions — here's how not to fall victimSix steps companies should take after a data breachSlot Machine Operator International Game Reports Hacker IncidentSophos alerts on rising quishing attacksSouthend Council at risk of ‘catastrophic’ cyber attackStrava’s new API agreement will destroy the app, users warnSurge in financial phishing attacks in Southeast AsiaT-Mobile finally managed to thwart a data breach before it occuredThreat Assessment: Ignoble Scorpius, Distributors of BlackSuit RansomwareTrend Micro Deep Security Vulnerability Let Attackers Execute Remote CodeUbuntu Linux impacted by decade-old 'needrestart' flaw that gives rootUnsecured JupyterLab and Jupyter Notebooks servers abused for illegal streaming of Sports eventsUpdate your iPhone, iPad, and Mac now to patch these serious zero-day security flawsUS charges five linked to Scattered Spider cybercrime gangU.S. Government Accountability Office (GAO) recommends new agency to streamline how US government protects citizens’ dataUS space tech firm Maxar says employee personal data leaked in hackXenoRAT Weaponizes Excel XLL Files To Evade Protection SystemsWarning after data of 500,000 Auchan shoppers is targeted in cyber attackWeaponized pen testers are becoming a new hacker stapleWezRat malware weaponised in phishing attacks to steal dataWhat is Domain-Based Message Authentication, Reporting & Conformance(DMARC)?19/115 Sinais de Que Seu Whatsapp Foi Hackeado7 Common Web App Security Vulnerabilities ExplainedAI automation firm iLearningEngines hacked, $250K stolenAI Firm iLearningEngines Hit by Cyberattack, Loses $250,000 in Wire FraudAlmaLinux 9.5 released: Security updates, new packages, and more!AMGtime Database Leak Exposes Sensitive Workforce DataBlack Friday deals or data steals: here’s how top shopping apps can access your dataBotnet fueling residential proxies disrupted in cybercrime crackdownChinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage CampaignCISA Rolls Out Next-Gen Learning Platform to Boost Cybersecurity SkillsCloud ransomware threats rise, targeting S3 & AzureCompanies Take Over Seven Months to Recover From Cyber IncidentsCritical Windows Kerberos Flaw Exposes Millions of Servers to AttackCross-IdP impersonation bypasses SSO protectionsData privacy experts predict some wins under Trump 2.0Dev + Sec: A collaborative approach to cybersecurityD-Link urges users to retire VPN routers impacted by unfixed RCE flawEDR buyer’s guide: How to pick the best endpoint detection and response solutionEnhancing Traveler Data Security: Best Practices for Managing Sensitive InfoEquinox cybersecurity breach potentially exposes sensitive health dataFrance – Hospital Database Breach Affects 750K RecordsFrance – Hospital Data Breach Exposes 1.5M Customer RecordsGerman court rules Facebook users are entitled to compensation for 2021 data leakGoogle report shows CISOs must embrace change to stay secureHacker roamed space tech giant Maxar‘s systems for daysHackers Hijack Unsecured Jupyter Notebooks to Stream Illegal Sports BroadcastsHackus Mail Checker 2.2.0 Cracked Version Leaked OnlineHelldown Ransomware Expands to Target VMware and Linux SystemsHelldown ransomware exploits Zyxel VPN flaw to breach networksLandmark ruling by Australian regulator sets guardrails for commercial use of facial recognition techMassive 600GB Emirates Cloud Data Breach Raises Security ConcernsMassive Credential Leak Exposes 1 Billion Login RecordsMeridian Man Sentenced to 10 Years for Cyber Hacking and Extortion SchemeMicrolise Admits Hackers Compromised Corporate Data in CyberattackMicrosoft announces new and improved Windows 11 security featuresMicrosoft plans to boot security vendors out of the Windows kernelMicrosoft to tighten Windows security dramatically in 2025 - here's howNew 'Helldown' Ransomware Variant Expands Attacks to VMware and Linux SystemsNgioweb Botnet Fuels NSOCKS Residential Proxy Network Exploiting IoT DevicesNovember 2024 Logs Leak Exposes Sensitive InformationOpen-source and free Android password managers that prioritize your privacyOracle patches exploited Agile PLM vulnerability (CVE-2024-21287)Palo Alto Networks Patches Critical Firewall VulnerabilityPhobos ransomware administrator faces US cybercrime chargesPrivileged Accounts, Hidden Threats: Why Privileged Access Security Must Be a Top PriorityRansomware Evolution: From Triple-Quadruple Extortion to RaaSRansomware Gang Akira Leaks Record Number of Victims’ Data in Single DayRansomware Gangs on Recruitment Drive for Pen TestersRussian-American Hacker Sentenced in Historic $4.5 Billion Bitcoin Laundering CaseRussian extradited to US from South Korea to face cybercrime chargesRussian hacker extradited to US over Phobos ransomware crimesSignificant surge in DocuSign impersonation attacks: hackers mimicking governmentSpace tech giant Maxar confirms attackers accessed employee dataSuspected Phobos Ransomware Admin Extradited to UST-Mobile Breached in Major Chinese Cyber-Attack on TelecomsTestimony from NSO Group raises questions about its culpability for spyware abusesThe rise of “porch pirates” using leaked tracking data to steal iPhonesUS Senate panel to hold hearing on suspected Chinese hacking incidentsVMware virtual machines under attack: hackers exploit critical vCenter Server flawWarning: VMware vCenter and Kemp LoadMaster Flaws Under Active ExploitationWhy AI alone can’t protect you from sophisticated email threatsWindows 365 Link Cloud PC: Connect securely to Windows 36518/111.5M Exposed: Set Forth & Centrex Hit by Massive Data Breach300 Drinking Water Systems in US Exposed to Disruptive, Damaging Hacker AttacksAccused Phobos Ransomware Hacker in US CustodyADT Freight Services listed as alleged victim by Sarcoma ransomware gangAI Can Be Leveraged For Phishing Scams: What You Need To Know To Stay SafeAI training software firm iLearningEngines says it lost $250,000 in recent cyberattackAirTag 2: possible release date and safety updatesAkira Ransomware Racks Up 30+ Victims in a Single DayAnnieMac Data Breach Impacts 171,000 CustomersApache HertzBeat Vulnerability Let Attackers Exfiltrate Sensitive DataAPT Group DONOT Launches Cyberattack on Pakistan’s Maritime and Defense IndustryArgentina – Student Database Breach in Entre Ríos ProvinceAttackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474)Beware of Fake Sites Mimicking Black Friday DealsBeyond Compliance: The Advantage of Year-Round Network Pen TestingBipartisan effort to clean up cyber regulations gets a boost in House, but calendar is tightBitfinex Hacker’s Wife Razzlekhan Sentenced to 18 Months for LaunderingBlack Friday or Black Fraud-day? A Prime Time for Fraud and CyberattacksBritish software company Microlise confirms hackers compromised corporate dataChinese Salt Typhoon Hacked T-Mobile in US Telecom Breach SpreeCitrix Virtual Apps & Desktops Vulnerability Actively Exploited in Attacks‘ClickFix’ Cyber-Attacks for Malware Deployment on the RiseCritical RCE bug in VMware vCenter Server now exploited in attacksCritical Really Simple Security plugin flaw impacts 4M+ WordPress sitesCyber attack on AnnieMac Home Mortgage impacted over 170,000 borrowersDistributor of ANOM Encrypted Devices Sentenced to Over 5 Years in PrisonEl Dorado school district says hackers stole the data of over 30,000 students and staffExploitation of Scalable Vector Graphics (SVG) attachments in phishing on the riseFacebook Malvertising Campaign Spreads Malware via Fake BitwardenFacebook users affected by data breach eligible for compensation, German court saysFake Bitwarden ads on Facebook push info-stealing Chrome extensionFake Discount Sites Exploit Black Friday to Hijack Shopper InformationFake Donald Trump Assassination Story Used in Phishing ScamForeign adversary hacked email communications of the Library of Congress saysFTC Records 50% Drop in Nuisance Calls Since 2021Gen AI could speed up coding, but businesses should still consider risksGermany – Stauberstahl.com Database Breach Exposes Sensitive DataGmail's New Shielded Email Feature Lets Users Create Aliases for Email PrivacyGoogle Announces Shielded Email Feature To Hide Your Main Email AddressHacked crypto project Thala agrees to $300K bounty, recovers $25MHelix darknet Bitcoin 'mixer' will fork over $750M, serve time, for processing 1M+ transactionsHow and where to report cybercrime: What you need to knowIncreased GDPR Enforcement Highlights the Need for Data SecurityIndia – NCISM NEET Students Data Breach Exposes Personal DetailsIndia – Sreedharscce.com Data Breach Exposes Millions of RecordsMajor US telecom T-Mobile among victims of China-linked breachMicrosoft 365 Admin portal abused to send sextortion emailsMozilla 0Din Warns of ChatGPT Sandbox Flaws Enabling Python ExecutionMusk’s anticipated cost-cutting hacks could weaken American cybersecurityNavigating the compliance labyrinth: A CSO’s guide to scaling securityNew Stealthy BabbleLoader Malware Spotted Delivering WhiteSnake and Meduza StealersNorth Korean IT Worker Network Tied to BeaverTail Phishing CampaignNSO Group Exploited WhatsApp to Install Pegasus Spyware Even After Meta's LawsuitOhio Man Sentenced to 3 Years for Running Helix Cryptocurrency MixerPalo Alto Reports Two More Bugs in PAN-OS That Are Being Actively ExploitedPostgreSQL Security Update, Patch For Multiple VulnerabilitiesRansomHub ransomware gang claims data breach targeting Mexican governmentSamba AD Vulnerability Let Attackers Escalate PrivilegeScubaGear: Open-source tool to assess Microsoft 365 configurations for security gapsSo, you don’t have a chief information security officer? 9 signs your company needs oneSonatype Nexus Repository Manager Hit By RCE & XSS VulnerabilitySurge in DocuSign Phishing Attacks Target US State ContractorsSwiss Cyber Agency Warns of QR Code Malware in Mail ScamT-Mobile Also Hit in China-linked Telecom Network BreachesT-Mobile confirms breach amid wave of Chinese state-sponsored telecom attacksT-Mobile is one of the victims of the massive Chinese breach of telecom firmsTeam Software Breach, Hackers Gain Unauthorized Access To Network InfrastructureThe Problem of Permissions and Non-Human Identities - Why Remediating Credentials Takes Longer Than You ThinkTransforce.in – Database Breach Exposes Sensitive User DataTjori.com 2021 Data Breach Exposes 1 Million User RecordsTransforming code scanning and threat detection with GenAIUK Shoppers Lost £11.5m Last Christmas, NCSC WarnsUrgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million SitesURL Login & Password Leak – 2.5 Million Records ExposedUS charges Phobos ransomware admin after South Korea extraditionU.S. Extradites and Charges Alleged Phobos Ransomware AdminUS Government Agencies Impersonated in Aggressive DocuSign Phishing ScamsX algorithm changed in July to boost right-wing accounts, study findsZohocorp ManageEngine ADAudit Plus Vulnerable To SQL Injection Attacks17/11Data Breach Drama: When Trust Turns Costly in a Digital AgeDon’t Hold Down The Ctrl Key—New Warning As Cyber Attacks ConfirmedGood Hacker Hacked 100 Dark Web Hackers Using Fake Ransomware ToolHead of Rape Crisis Scotland cleared over data breach complaintsPhishing emails increasingly use SVG attachments to evade detectionSecurity plugin flaw in millions of WordPress sites gives admin access‘We need quicker reporting': Some lawmakers push for stronger data breach regulationDaily News - Novembro (10/11 - 16/11) - 46 Semana de 2024
Cyber Security, Hacking, Privacy and Information Security News --- Daily Updates !! Weekly Resume...22/115 hackers charged in the US over Scattered Spider hacking campaigns7-Zip affected by dangerous vulnerability: users must update the app manually17 hottest IT security certs for higher pay today2000+ Palo Alto Firewalls Hacked Exploiting New Vulnerabilities145,000+ Unsecured ICS Devices Exposed To AttackersAI and Open Source Security: The Critical Role of AI-Powered Fuzzing in Finding FlawsAndrew Tate’s controversial online “university” breached, 800K users’ data stolenAspen Healthcare says hackers stole patient's healthcare data from its systemsBojangles data leak: “It’s breach time!” CISA Warns of Apple & Oracle Agile Vulnerabilities Exploited in WildCybercriminals turn to pen testers to test ransomware efficiencyDeepfake attacks occur every five minutesDOJ Takes Down Global Cybercrime Hub PopeyeTools, Seizes CryptocurrencyDOJ Told Google To Sell Chrome To End Search MonopolyExchange Upbit dá início a reembolso de usuários após ataque hackerFintech giant Finastra says hacker stole data from its internal networkFive Ransomware Groups Responsible for 40% of Cyber-Attacks in 2024Ford debunks data breach claims, confirms no customer impactHackers board Palo Alto vulnerability bandwagon: over 2,000 firewalls hacked and countingHackers breach US firm over Wi-Fi from Russia in 'Nearest Neighbor Attack'Hackers Leveraging Google Docs & Weebly Services To Attack Telecom IndustriesI deleted my personal info from the internet with this service (and it's on sale for Black Friday)Italy plans crackdown on database hacksManufacturing Sector in the Crosshairs of Advanced Email AttacksMeta boots over 2M fake accounts originating from overseas scam centersMicrosoft, Meta, and DOJ Disrupt Global Cybercrime and Fraudulent NetworksMicrosoft rolls out Recall to Windows Insiders with Copilot+ PCsMicrosoft Seizes 240 Domains Used By phishing-As-A-Service (PhaaS) PlatformMicrosoft Seizes 240 Websites to Disrupt Global Distribution of Phish KitsMicrosoft Shares Intelligence On North Korean & Chinese Hackers At CYBERWARCONMITRE Unveils Top 25 Most Critical Software FlawsMore than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-daysMultiple D-Link End-of-Life Routers Vulnerabilities Let Attackers Execute Remote CodeMultiple Linux Kernel Vulnerabilities In Defer Partition Scanning PatchedNew “ultra-secure” phone service promises unique protection against threatsNew Zealand importer Triton Sourcing & Distribution confirms ransomware attackNVIDIA Base Command Manager Vulnerability Let Attackers Remote CodeOne year later: 7 useful things the Flipper Zero can do that still blows my mindPro-trans rights hackers target Andrew Tate’s The Real World websitePyPI Attack: ChatGPT, Claude Impersonators Deliver JarkaStealer via Python LibrariesRussia-Linked Cyber-Espionage Campaign Targets Central AsiaRussian Cyber Spies Target Organizations with HatVibe and CherrySpy MalwareRussian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and AsiaRussian TAG-110 Attacking Users With HATVIBE And CHERRYSPY Hacking ToolsSeniors and carers call for smart monitoring to safely age at homeSnow Brand Australia confirms SafePay ransomware attackTesla data breach falsely claimed by IntelBroker, third-party EV charging firm actually breachedThe 1 Co apologizes for data breach impacting 5 million customersThe limits of AI-based deepfake detectionThree-Quarters of Black Friday Spam Emails Identified as ScamsUnlocking Google Workspace Security: Are You Doing Enough to Protect Your Data?U.S. CISA adds Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalogUS Senator Calls Chinese Telecom Attack As Worst Hack In Nation’s HistoryWhy the NIS2 Directive causes growing pains for businessesWikiLeaks whistleblower Chelsea Manning battles AI surveillance with NSA-proof VPN21/115 Scattered Spider Gang Members Indicted in Multi-Million Dollar Cybercrime Scheme10 Most Impactful PAM Use Cases for Enhancing Organizational Security10-Year Old Flaws In Ubuntu Server needrestart Package Let Attackers Gain Root Access2,000 Palo Alto Networks devices compromised in latest attacks750,000 Patients' Medical Records Exposed After Data Breach at French HospitalA Fifth of UK Enterprises “Not Sure” If NIS2 AppliesActive network of North Korean IT front companies exposedAuthorities Charged 5 Hackers For Attacking Companies via Phishing Text MessagesAxoSyslog: Open-source scalable security data processorBianLian Ransomware Group Adopts New Tactics, Posing Significant RiskBuyoplace.com Database Leak Exposes Customer and Transaction DataChinese APT Gelsemium Targets Linux Systems with New WolfsBane BackdoorCISA says BianLian ransomware now focuses only on data theftCISA Warns of VMware VCenter Vulnerabilities Actively Exploited in AttacksCoreia do Sul confirma Coreia do Norte por trás do hack da Upbit de US$ 50 milhõesCritical AnyDesk Vulnerability Let Attackers Uncover User IP AddressCritical Kubernetes Vulnerability Let Attackers Execute Arbitrary CommandsCWE top 25 most dangerous software weaknessesCyber attack hits Auchan, customer data stolenCyber Threats in Australia: Insights from the Annual Cyber Threat Report 2023-2024Cybersecurity Myths: Debunking the Top 5 Most Common MisconceptionsData breach at law firm Thompson Coburn affects Presbyterian Healthcare patientsDatabase Leak Exposes Information on 180,000 Chinese-American WeChat UsersDDoS Attack Growing Bigger & Dangerous, New Report RevealsDecade-Old Flaws In Ubuntu Server Package Let Attackers Gain Root AccessDecade-old local privilege escalation bugs impacts Ubuntu needrestart packageDelta Airlines reportedly experiences data breachEnhancing visibility for better security in multi-cloud and hybrid environmentsFeds Charge Five Men in ‘Scattered Spider’ RoundupFeds Shut Down 'PopeyeTools' Hacking Site That Sold Credit Card NumbersFinastra discloses large-scale data breachFive Charged in Scattered Spider CaseFortinet VPN design flaw hides successful brute-force attacksFull recovery from breaches takes longer than expectedGelsemium APT Hackers Attacking Linux Servers With New WolfsBane MalwareGhost Tap Attack, Hackers Stolen Credit Card Linked To Google Pay Or Apple PayGoogle, Apple, Venmo payment apps, digital wallets now subject to US regulatorsGoogle OSS-Fuzz Harnesses AI to Expose 26 Hidden Security VulnerabilitiesGoogle's AI-Powered OSS-Fuzz Tool Finds 26 Vulnerabilities in Open-Source ProjectsHacker diz ter entrado nos sistemas da Ford e roubado informações de 44.000 clientes; dados estão sendo oferecidos por valor baixíssimoHacker invade Instagram de secretaria do Ceará e publica fotos de BolsonaroHalo Security Launches Slack Integration for Real-Time Alerts on New Assets and VulnerabilitiesHere’s what to know about Google Cloud mandating MFA by end of 2025How to select the best on-ramp and off-ramp for you?Huge US healthcare payment network finally restored after ransomware attackiLearningEngines Notifies SEC of Recent Cyberattack, Raising Concerns over Possible Data BreachJob termination scam warns staff of phony Employment Tribunal decisionLinux Malware WolfsBane and FireWood Linked to Gelsemium APTLumma Stealer Proliferation Fueled by Telegram ActivitymacOS WorkflowKit Race Vulnerability Let Malicious Apps Intercept ShortcutsMalicious PyPi Package Mimic ChatGPT & Claude Steals Developers DataMassive B2B Database Leak Exposes 420,000 U.S. CompaniesMassive Leak Exposes Data of 4 Million Israeli Facebook UsersMDLand International Files Official Notice of Data Breach Affecting 63,052 PeopleMercer University settles lawsuit over data breach, agrees to compensationMicrosoft disrupts ONNX phishing-as-a-service infrastructureMicrosoft pulls WinAppSDK update breaking Windows 10 app uninstallsMITRE Lists 25 Most Dangerous Software Weaknesses of 2024Niantic builds centimeter-level accuracy positioning system from Pokemon Go player dataNodeStealer Malware Targets Facebook Ad Accounts, Harvesting Credit Card DataNorth Korea hackers behind 2019 $42 million Ethereum heist, South Korea police sayNorth Korean fake IT workers up the ante in targeting tech firmsNorth Korean Front Companies Impersonate U.S. IT Firms to Fund Missile ProgramsNovel NFC-exploiting Ghost Tap attack technique gains tractionNow BlueSky hit with crypto scams as it crosses 20 million usersOperation Shipwrecked: US Seizes PopeyeTools Marketplace, Charges 3Over 2,000 Palo Alto firewalls hacked using recently patched bugsOver 145,000 Industrial Control Systems Across 175 Countries Found Exposed OnlinePhishing Scams Costing Americans BillionsPhishing scams exploit Japan’s digital currencies as fraud cases risePrepare for the Holiday Ransomware StormPreventing credential theft in the age of AIProtecting Critical Infrastructure with Zero-Trust and MicrosegmentationRansomware gang BianLian ditches encryption, profits from data extortionReport: 90% of Industrial Firms Hit By Cyber-attack This YearResearchers unearth two previously unknown Linux backdoorsRetail loyalty programme apologises for customer data breachRockford Gastroenterology Associates Notifies 147,253 of 2023 Data BreachScattered Spider Cybercrime Group Faces Federal Indictments for $11 Million TheftSpace technology giant Maxar says hacker stole employees' personal informationSSV Blockchain Network Data Leak Exposes Sensitive InformationThe path to innovation: 3 stories of resilience from women in cybersecurityTop 6 Malware Persistence Mechanisms Used by Hackers: A Detailed GuideTrellix report reveals evolving ransomware ecosystem trendsUkrainian cyberwar experience becomes blueprint for TRYZUB cyber training serviceUruguay’s Partido Nacional Website Faces HTML Injection VulnerabilityU.S. automaker Ford investigating major data breach from its internal networkUS Charges 5 Suspected MGM Hackers from Scattered Spider GangUS charges five alleged members of Scattered Spider gangUS DoJ charges five alleged members of the Scattered Spider cybercrime gangUS military officials used China-linked promotional gift shop GS-JJ, exposing over 300K emailsUS seizes PopeyeTools cybercrime marketplace, charges administratorsVietnam’s Infostealer Crackdown Reveals VietCredCare and DuckTailWalls close in on MGM attackers as DoJ indicts fiveWarning: Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack CampaignWhat CISOs need to know about the SEC’s breach disclosure rulesWireshark 4.4.2: Fixes Vulnerabilities & Enhances Protocol Support20/1111 biggest financial sector cybersecurity threats60% of Emails with QR Codes Classified as Spam or Malicious4000 Stealer Logs Leaked, Exposing Personal Data2024 Arctic Wolf Security Report: Key insights and trendsAdmins of Illegal NBA, NFL, and NHL streamer 247TVStream chargedAI Company Reports $250,000 Stolen in CyberattackAI Detection Revolutionizes the Battle Against Ransomware ThreatsAI-Driven Cyber Scams 'Real And Present Threat' To Australia's Critical InfrastructureAmazon and Audible flooded with 'forex trading' and warez listingsAnnieMac details extent of data breachANY.RUN Sandbox Now Let Analysts Automatically Analyse Complex Cyber Attack ChainsApple addressed two actively exploited zero-day vulnerabilitiesApple fixes 2 zero-days exploited to breach macOS systems (CVE-2024-44309, CVE-2024-44308)Apple Issues Emergency Security Update for Actively Exploited VulnerabilitiesApple Releases Urgent Updates to Patch Actively Exploited Zero-Day VulnerabilitiesApple Security Update, Patch for Multiple Zero-Day VulnerabilitiesApple security updates address dangerous zero-day attacksAtlassian Sourcetree For Mac & Windows Flaw Let Attackers Execute Remote CodeAttackers Targeting VPNs Account for 28.7 Percent of Ransomware Incidents in Q3 According to Corvus Insurance Cyber Threat ReportAustralia critical infrastructure faces cyber threats, report saysBlack Friday Scammers are Hard at Work: Security ExpertsBlackSuit ransomware ramps up ops hitting 93 organisationsBoksha Database Leaked, User Privacy at RiskChina-Backed Hackers Leverage SIGTRAN, GSM Protocols to Infiltrate Telecom NetworksChinese APT Group Targets Telecom Firms Linked to Belt and Road InitiativeChrome Security Update, Fix For Multiple VulnerabilitiesCybercriminals Exploit Weekend Lull to Launch Ransomware AttacksDecades-Old Security Vulnerabilities Found in Ubuntu's Needrestart PackageDebunking myths about open-source securityDenniskirk.com Database Breach Leaks Customer DataFinancial phishing floods devices in Indian companiesFinastra Data Breach: 400GB Banking Data on Sale in Dark WebFive backup lessons learned from the UnitedHealth ransomware attackFive Privilege Escalation Flaws Found in Ubuntu needrestartFlash loan attack on Polter Finance: hacker steals $7 million in cryptocurrenciesFleet tech provider Microlise says data security incident compromised corporate dataFord Blames Third-Party Supplier for Data BreachGabagool Leveraging Cloudflare’s R2 Storage Service To Bypass Security FiltersGen's report reveals 614% surge in 'Scam-Yourself Attacks'Ghost Tap: Hackers Exploiting NFCGate to Steal Funds via Mobile PaymentsGitHub Secure Open Source Fund: Project maintainers, apply now!Great Plains hospital says ransomware attack impacted over 133,000 patientsHacker obtained documents tied to lawsuit over Matt Gaetz’s sexual misconduct allegationsHacker obtains House ethics testimony on Matt Gaetz as Trump makes calls for AG nomineeHackers breach Library of Congress’ congressional research service emails in a cyberattackHackers Exploit Misconfigured Jupyter Servers for Illegal Sports StreamingHackers Hijack Jupyter Servers for Sport Stream RippingHealthcare org Equinox notifies 21K patients and staff of data theftIn a new era of cyber risk, businesses are preparing for zero hourInfamous threat actor targets Tesla, gets immediately roasted by cyber prosLinux Variant of Helldown Ransomware Targets VMware ESX ServersMajority of UK businesses lack readiness for rising AI-led phishing attacks, reveals surveyMassive data breach exposes 56 million Hot Topic customersMassive National Public Data Leak Exposes Sensitive InformationMassive November 2024 Stealer Logs Leak Exposes Sensitive DataMeow, INC Ransom gangs leak San Francisco Ballet Company dataMicrosoft confirms game audio issues on Windows 11 24H2 PCsMicrosoft Ignite New 360-Degree Details Attacker Tooling and MethodologyMicrosoft introduces new security features to Windows: hot patching, quick recovery, fewer privilegesNames, addresses and other details of 44,000 customers leaked in Ford hackingNew Cyble Report Highlights Critical Vulnerabilities and Rising Cyber Threats in ANZ for 2024New Ghost Tap attack abuses NFC mobile payments to steal moneyNon-human identity (NHIs) Are the Future of Cybersecurity: Meet NHIDROne Deepfake Digital Identity Attack Strikes Every Five MinutesOpen-source devs want to democratize health tracking with $18 ring from AliexpressOracle Agile PLM Zero-Day Vulnerability Exploited In The WildOracle Linux 9 Update 5 brings security updates, OpenJDK 17, .NET 9.0Oracle Warns of Agile PLM Vulnerability Currently Under Active ExploitationOverreliance on GenAI to develop software compromises securityOverseas Business Continuity (BC) Data Collection Exposed for Blackmailing PurposesOWASP Warns of Growing Data Exposure Risk from AI in New Top 10 List for LLMsPhishing Decoded: How Cybercriminals Target You And How To Fight BackRansomHub hits ASIC compliance firm in alleged cyber attackRussian ransomware gangs are going on a recruitment driveSafeguarding the DNS through registries‘Scam Yourself’ attacks have fooled millions — here's how not to fall victimSix steps companies should take after a data breachSlot Machine Operator International Game Reports Hacker IncidentSophos alerts on rising quishing attacksSouthend Council at risk of ‘catastrophic’ cyber attackStrava’s new API agreement will destroy the app, users warnSurge in financial phishing attacks in Southeast AsiaT-Mobile finally managed to thwart a data breach before it occuredThreat Assessment: Ignoble Scorpius, Distributors of BlackSuit RansomwareTrend Micro Deep Security Vulnerability Let Attackers Execute Remote CodeUbuntu Linux impacted by decade-old 'needrestart' flaw that gives rootUnsecured JupyterLab and Jupyter Notebooks servers abused for illegal streaming of Sports eventsUpdate your iPhone, iPad, and Mac now to patch these serious zero-day security flawsUS charges five linked to Scattered Spider cybercrime gangU.S. Government Accountability Office (GAO) recommends new agency to streamline how US government protects citizens’ dataUS space tech firm Maxar says employee personal data leaked in hackXenoRAT Weaponizes Excel XLL Files To Evade Protection SystemsWarning after data of 500,000 Auchan shoppers is targeted in cyber attackWeaponized pen testers are becoming a new hacker stapleWezRat malware weaponised in phishing attacks to steal dataWhat is Domain-Based Message Authentication, Reporting & Conformance(DMARC)?19/115 Sinais de Que Seu Whatsapp Foi Hackeado7 Common Web App Security Vulnerabilities ExplainedAI automation firm iLearningEngines hacked, $250K stolenAI Firm iLearningEngines Hit by Cyberattack, Loses $250,000 in Wire FraudAlmaLinux 9.5 released: Security updates, new packages, and more!AMGtime Database Leak Exposes Sensitive Workforce DataBlack Friday deals or data steals: here’s how top shopping apps can access your dataBotnet fueling residential proxies disrupted in cybercrime crackdownChinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage CampaignCISA Rolls Out Next-Gen Learning Platform to Boost Cybersecurity SkillsCloud ransomware threats rise, targeting S3 & AzureCompanies Take Over Seven Months to Recover From Cyber IncidentsCritical Windows Kerberos Flaw Exposes Millions of Servers to AttackCross-IdP impersonation bypasses SSO protectionsData privacy experts predict some wins under Trump 2.0Dev + Sec: A collaborative approach to cybersecurityD-Link urges users to retire VPN routers impacted by unfixed RCE flawEDR buyer’s guide: How to pick the best endpoint detection and response solutionEnhancing Traveler Data Security: Best Practices for Managing Sensitive InfoEquinox cybersecurity breach potentially exposes sensitive health dataFrance – Hospital Database Breach Affects 750K RecordsFrance – Hospital Data Breach Exposes 1.5M Customer RecordsGerman court rules Facebook users are entitled to compensation for 2021 data leakGoogle report shows CISOs must embrace change to stay secureHacker roamed space tech giant Maxar‘s systems for daysHackers Hijack Unsecured Jupyter Notebooks to Stream Illegal Sports BroadcastsHackus Mail Checker 2.2.0 Cracked Version Leaked OnlineHelldown Ransomware Expands to Target VMware and Linux SystemsHelldown ransomware exploits Zyxel VPN flaw to breach networksLandmark ruling by Australian regulator sets guardrails for commercial use of facial recognition techMassive 600GB Emirates Cloud Data Breach Raises Security ConcernsMassive Credential Leak Exposes 1 Billion Login RecordsMeridian Man Sentenced to 10 Years for Cyber Hacking and Extortion SchemeMicrolise Admits Hackers Compromised Corporate Data in CyberattackMicrosoft announces new and improved Windows 11 security featuresMicrosoft plans to boot security vendors out of the Windows kernelMicrosoft to tighten Windows security dramatically in 2025 - here's howNew 'Helldown' Ransomware Variant Expands Attacks to VMware and Linux SystemsNgioweb Botnet Fuels NSOCKS Residential Proxy Network Exploiting IoT DevicesNovember 2024 Logs Leak Exposes Sensitive InformationOpen-source and free Android password managers that prioritize your privacyOracle patches exploited Agile PLM vulnerability (CVE-2024-21287)Palo Alto Networks Patches Critical Firewall VulnerabilityPhobos ransomware administrator faces US cybercrime chargesPrivileged Accounts, Hidden Threats: Why Privileged Access Security Must Be a Top PriorityRansomware Evolution: From Triple-Quadruple Extortion to RaaSRansomware Gang Akira Leaks Record Number of Victims’ Data in Single DayRansomware Gangs on Recruitment Drive for Pen TestersRussian-American Hacker Sentenced in Historic $4.5 Billion Bitcoin Laundering CaseRussian extradited to US from South Korea to face cybercrime chargesRussian hacker extradited to US over Phobos ransomware crimesSignificant surge in DocuSign impersonation attacks: hackers mimicking governmentSpace tech giant Maxar confirms attackers accessed employee dataSuspected Phobos Ransomware Admin Extradited to UST-Mobile Breached in Major Chinese Cyber-Attack on TelecomsTestimony from NSO Group raises questions about its culpability for spyware abusesThe rise of “porch pirates” using leaked tracking data to steal iPhonesUS Senate panel to hold hearing on suspected Chinese hacking incidentsVMware virtual machines under attack: hackers exploit critical vCenter Server flawWarning: VMware vCenter and Kemp LoadMaster Flaws Under Active ExploitationWhy AI alone can’t protect you from sophisticated email threatsWindows 365 Link Cloud PC: Connect securely to Windows 36518/111.5M Exposed: Set Forth & Centrex Hit by Massive Data Breach300 Drinking Water Systems in US Exposed to Disruptive, Damaging Hacker AttacksAccused Phobos Ransomware Hacker in US CustodyADT Freight Services listed as alleged victim by Sarcoma ransomware gangAI Can Be Leveraged For Phishing Scams: What You Need To Know To Stay SafeAI training software firm iLearningEngines says it lost $250,000 in recent cyberattackAirTag 2: possible release date and safety updatesAkira Ransomware Racks Up 30+ Victims in a Single DayAnnieMac Data Breach Impacts 171,000 CustomersApache HertzBeat Vulnerability Let Attackers Exfiltrate Sensitive DataAPT Group DONOT Launches Cyberattack on Pakistan’s Maritime and Defense IndustryArgentina – Student Database Breach in Entre Ríos ProvinceAttackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474)Beware of Fake Sites Mimicking Black Friday DealsBeyond Compliance: The Advantage of Year-Round Network Pen TestingBipartisan effort to clean up cyber regulations gets a boost in House, but calendar is tightBitfinex Hacker’s Wife Razzlekhan Sentenced to 18 Months for LaunderingBlack Friday or Black Fraud-day? A Prime Time for Fraud and CyberattacksBritish software company Microlise confirms hackers compromised corporate dataChinese Salt Typhoon Hacked T-Mobile in US Telecom Breach SpreeCitrix Virtual Apps & Desktops Vulnerability Actively Exploited in Attacks‘ClickFix’ Cyber-Attacks for Malware Deployment on the RiseCritical RCE bug in VMware vCenter Server now exploited in attacksCritical Really Simple Security plugin flaw impacts 4M+ WordPress sitesCyber attack on AnnieMac Home Mortgage impacted over 170,000 borrowersDistributor of ANOM Encrypted Devices Sentenced to Over 5 Years in PrisonEl Dorado school district says hackers stole the data of over 30,000 students and staffExploitation of Scalable Vector Graphics (SVG) attachments in phishing on the riseFacebook Malvertising Campaign Spreads Malware via Fake BitwardenFacebook users affected by data breach eligible for compensation, German court saysFake Bitwarden ads on Facebook push info-stealing Chrome extensionFake Discount Sites Exploit Black Friday to Hijack Shopper InformationFake Donald Trump Assassination Story Used in Phishing ScamForeign adversary hacked email communications of the Library of Congress saysFTC Records 50% Drop in Nuisance Calls Since 2021Gen AI could speed up coding, but businesses should still consider risksGermany – Stauberstahl.com Database Breach Exposes Sensitive DataGmail's New Shielded Email Feature Lets Users Create Aliases for Email PrivacyGoogle Announces Shielded Email Feature To Hide Your Main Email AddressHacked crypto project Thala agrees to $300K bounty, recovers $25MHelix darknet Bitcoin 'mixer' will fork over $750M, serve time, for processing 1M+ transactionsHow and where to report cybercrime: What you need to knowIncreased GDPR Enforcement Highlights the Need for Data SecurityIndia – NCISM NEET Students Data Breach Exposes Personal DetailsIndia – Sreedharscce.com Data Breach Exposes Millions of RecordsMajor US telecom T-Mobile among victims of China-linked breachMicrosoft 365 Admin portal abused to send sextortion emailsMozilla 0Din Warns of ChatGPT Sandbox Flaws Enabling Python ExecutionMusk’s anticipated cost-cutting hacks could weaken American cybersecurityNavigating the compliance labyrinth: A CSO’s guide to scaling securityNew Stealthy BabbleLoader Malware Spotted Delivering WhiteSnake and Meduza StealersNorth Korean IT Worker Network Tied to BeaverTail Phishing CampaignNSO Group Exploited WhatsApp to Install Pegasus Spyware Even After Meta's LawsuitOhio Man Sentenced to 3 Years for Running Helix Cryptocurrency MixerPalo Alto Reports Two More Bugs in PAN-OS That Are Being Actively ExploitedPostgreSQL Security Update, Patch For Multiple VulnerabilitiesRansomHub ransomware gang claims data breach targeting Mexican governmentSamba AD Vulnerability Let Attackers Escalate PrivilegeScubaGear: Open-source tool to assess Microsoft 365 configurations for security gapsSo, you don’t have a chief information security officer? 9 signs your company needs oneSonatype Nexus Repository Manager Hit By RCE & XSS VulnerabilitySurge in DocuSign Phishing Attacks Target US State ContractorsSwiss Cyber Agency Warns of QR Code Malware in Mail ScamT-Mobile Also Hit in China-linked Telecom Network BreachesT-Mobile confirms breach amid wave of Chinese state-sponsored telecom attacksT-Mobile is one of the victims of the massive Chinese breach of telecom firmsTeam Software Breach, Hackers Gain Unauthorized Access To Network InfrastructureThe Problem of Permissions and Non-Human Identities - Why Remediating Credentials Takes Longer Than You ThinkTransforce.in – Database Breach Exposes Sensitive User DataTjori.com 2021 Data Breach Exposes 1 Million User RecordsTransforming code scanning and threat detection with GenAIUK Shoppers Lost £11.5m Last Christmas, NCSC WarnsUrgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million SitesURL Login & Password Leak – 2.5 Million Records ExposedUS charges Phobos ransomware admin after South Korea extraditionU.S. Extradites and Charges Alleged Phobos Ransomware AdminUS Government Agencies Impersonated in Aggressive DocuSign Phishing ScamsX algorithm changed in July to boost right-wing accounts, study findsZohocorp ManageEngine ADAudit Plus Vulnerable To SQL Injection Attacks17/11Data Breach Drama: When Trust Turns Costly in a Digital AgeDon’t Hold Down The Ctrl Key—New Warning As Cyber Attacks ConfirmedGood Hacker Hacked 100 Dark Web Hackers Using Fake Ransomware ToolHead of Rape Crisis Scotland cleared over data breach complaintsPhishing emails increasingly use SVG attachments to evade detectionSecurity plugin flaw in millions of WordPress sites gives admin access‘We need quicker reporting': Some lawmakers push for stronger data breach regulationDaily News - Novembro (10/11 - 16/11) - 46 Semana de 2024
Commenti