Threat actors have attempted to steal two-factor authentication codes from users of Australian cryptocurrency exchange CoinSpot, researchers say. The codes would help attackers perform "potentially unauthorized withdrawals from individual accounts," say analysts at Cofense Phishing Defense Center.
Microsoft Teams' link preview feature contains four vulnerabilities that allow attackers to access internal Microsoft services, spoof the link preview and - for Android users - leak their IP address and use DoS attacks against their Teams app/channels. Three of the four flaws remain unpatched.
A week after announcing a new bug bounty program called "Hack DHS," U.S. Department of Homeland Security Secretary Alejandro Mayorkas announced that DHS is expanding the scope of the program to include finding and patching Log4j-related vulnerabilities in the systems.
Sainsbury's, the U.K.’s second-largest chain of supermarkets, confirms that it suffered an outage in its payroll system caused by a cyberattack affecting its cloud-based payroll service supplier - the U.S.-based multinational firm Ultimate Kronos Group, which was hit by a cyberattack last week.
The Chinese state-sponsored threat group Tropic Trooper has resurfaced as Earth Centaur and is targeting the transportation industry and government agencies associated with that sector, according to new research from cybersecurity firm Trend Micro.
Following the devastating ransomware attack on Colonial Pipeline in May 2021, North American propane supplier Superior Plus, which has 780,000 customers across the U.S. and Canada, has now acknowledged having suffered a ransomware attack on Sunday. The scale and impact of the attack are unknown.
A Nov. 16 ransomware attack on Frontier Software leaked "significant personal information" of thousands of South Australian government employees on the dark web, according to a Friday statement by Rob Lucas, treasurer of South Australia.
SonicWall is urging users of its Secure Mobile Access 100 series gateways and remote access products to immediately apply patches, as a majority of the devices are affected by eight critical- to medium-severity vulnerabilities even after enabling their web application firewall.
A botnet operation called Glupteba has been disrupted by Google's Threat Analysis Group. The botnet targeted more than 1 million Microsoft Windows users in the U.S, India, Brazil and Southeast Asia. Also, Google has filed a lawsuit against two Russians alleged to be the botnet's operators.
An Iranian attacker has been targeting users who have failed to patch a remote code execution vulnerability in a Microsoft browser engine to spy on Farsi-speaking victims, paralleling a similar campaign being run by North Korean attackers, researchers warn.
The Secret Service of Ukraine has arrested five Ukrainian citizens on suspicion of being part of a cybercrime group called Phoenix, which it says has been tied to hacking hundreds of mobile devices, stealing personal data and also selling "hacking as a service" to others.
The NSO Group is the target of a lawsuit filed by Apple, which alleges that the spyware maker abused Apple's products and services to carry out spying operations. The news follows the NSO Group's blacklisting by the U.S. government, a score downgrade by Moody's, and a reportedly failed deal with France.
Web hosting giant GoDaddy confirms that a data breach which affected about 1.2 million of its active and inactive Managed WordPress customers, has also hit Managed WordPress users tsoHost, Media Temple, 123Reg, Domain Factory, Heart Internet, and Host Europe.
Reports of NHS data being exposed following a ransomware attack on U.K.-based data capture and storage company Stor-a-File are incorrect, an NHS Digital spokesperson tells ISMG. "Most NHS data was held offline and not affected in the Stor-a-File hack."
North Korea-associated advanced persistent threat group TA406, aka Kimsuky or Thallium, has ramped up its cyberespionage operations in 2021, targeting diplomats and policy experts across Asia, the U.K. and the U.S., researchers say.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
