Taiwan Hit by Sophisticated Phishing Campaign
Phishing campaign targeting Taiwan has been identified, using tax-themed emails and malware like Winos and HoldingHands
Information Security Magazine
Chained Flaws in Enterprise CMS Provider Sitecore Could Allow Remote Code Execution
2 weeks 3 days ago
WatchTowr has found three vulnerabilities in the Sitecore Experience Platform, used by HSBC and L’Oréal
Microsoft Promises to Keep European Cloud Data in Europe
2 weeks 3 days ago
Microsoft’s Sovereign Cloud solutions are designed to ensure European cloud data is stored and processed in Europe
Brits Lose £106m to Romance Fraud in a Year
2 weeks 3 days ago
New City of London Police data reveals British men and women lost over £100m to romance fraudsters in 2024
Threat Actors Target Victims with HijackLoader and DeerStealer
2 weeks 4 days ago
Cyber-attacks using HijackLoader and DeerStealer have been identified exploiting phishing tactics via ClickFix
Archetyp Market Shut Down in Europe-wide Law Enforcement Operation
2 weeks 4 days ago
Operation DEEP Sentinel has shut down Archetyp Market, the longest-running dark web drug marketplace
Tenable Fixes Three High-Severity Flaws in Vulnerability Scanner Nessus
2 weeks 4 days ago
Nessus users should update patches as soon as possible
Anubis Ransomware Adds File-Wiping Capability
2 weeks 4 days ago
Trend Micro identified a novel “wipe mode” included in Anubis ransomware to prevent file recovery, increasing pressure on victims to give in to demands
Over a Third of Grafana Instances Exposed to XSS Flaw
2 weeks 4 days ago
Some 36% of Grafana instances are vulnerable to account takeover bug, putting DevOps teams at risk
WestJet Investigates Cyber-Attack Impacting Customers
2 weeks 4 days ago
Canadian airline WestJet is investigating a cyber-attack that struck on June 13
Former CISA and NCSC Heads Warn Against Glamorizing Threat Actor Names
3 weeks ago
Jen Easterly and Ciaran Martin called for a universal, vendor-neutral cyber threat actor naming system
European Journalists Targeted by Paragon Spyware, Citizen Lab Confirms
3 weeks ago
This is the first forensic evidence that journalists’ devices have been infected with Paragon’s Graphite spyware
Ransomware Gang Exploits SimpleHelp RMM to Compromise Utility Billing Firm
3 weeks ago
A CISA advisory urged all software vendors and downstream customers to check if they are impacted by unpatched versions of the SimpleHelp RMM tool
Microsoft 365 Copilot: New Zero-Click AI Vulnerability Allows Corporate Data Theft
3 weeks ago
Researchers have found a flaw in Microsoft 365 Copilot that allows the exfiltration of sensitive corporate data with a simple email
Palo Alto Networks Patches Series of Vulnerabilities
3 weeks 1 day ago
The cybersecurity provider also implemented recent fixes in Chromium that affected its Prisma Access Browser
NIST Publishes New Zero Trust Implementation Guidance
3 weeks 1 day ago
The new NIST guidance sets out 19 example implementations of zero trust using commercial, off-the-shelf technologies
Europol Says Criminal Demand for Data is “Skyrocketing”
3 weeks 1 day ago
Europol warns of “vicious circle” of data breaches and cybercrime
Phishing Alert as Erie Insurance Reveals Cyber “Event”
3 weeks 1 day ago
Erie Insurance reveals suspected network breach and ongoing outage
Congress Introduces Bill to Strengthen Healthcare Cybersecurity
3 weeks 2 days ago
The legislation aims to expand the federal government’s role in helping healthcare providers protect and respond to cyber-attacks
20,000 Asian IPs and Domains Dismantled in Infostealer Crackdown
3 weeks 2 days ago
Interpol-coordinated Operation Secure led to 32 arrests, including the suspected ringleader of a cybercriminal organization
Checked
8 hours 28 minutes ago