Category: Kamban

After many months of taunting law enforcement and offering a million-dollar reward to anyone who could reveal his identity, the FBI and NCA have done just that, revealing the name of LockBitSupp, the operator of the LockBit ransomware operation. On February 19, Operation Cronos took down LockBit’s infrastructure and converted its data leak site into…

The threat actor behind the recent Dell data breach revealed they scraped information of 49 million customer records using an partner portal API they accessed as a fake company. Yesterday, BleepingComputer reported that Dell had begun to send notifications warning customers that their personal data was stolen in a data breach. This data breach contained customer order data, including warranty information,…

Security flaws in Telit Cinterion cellular modems, widely used in sectors including industrial, healthcare, and telecommunications, could allow remote attackers to execute arbitrary code via SMS. A set of eight separate issues, seven of them with identifiers CVE-2023-47610 through CVE-2023-47616 and another that has yet to be registered, were disclosed last November by security researchers…

Image: Midjourney Ascension, a major U.S. healthcare network, is diverting ambulances from several hospitals due to a suspected ransomware attack that has been causing clinical operation disruptions and system outages since Wednesday. Systems currently offline in impacted hospitals include the MyChart electronic health records system, which patients use to view their medical records and communicate…

​The Ohio Lottery is sending data breach notification letters to over 538,000 individuals affected by a cyberattack that hit the organization’s systems on Christmas Eve. A filing with the Office of Maine’s Attorney General revealed that the incident impacted 538,959 individuals. The attackers gained access to the affected people’s names, Social Security numbers, and other personal…

Security flaws in Telit Cinterion cellular modems, widely used in sectors including industrial, healthcare, and telecommunications, could allow remote attackers to execute arbitrary code via SMS. A set of eight separate issues, seven of them with identifiers CVE-2023-47610 through CVE-2023-47616 and another that has yet to be registered, were disclosed last November by security researchers…

​Google has released a security update for the Chrome browser to fix the fifth zero-day vulnerability exploited in the wild since the start of the year. The high-severity issue tracked as CVE-2024-4671 is a “user after free” vulnerability in the Visuals component that handles the rendering and display of content on the browser. CVE-2024-4671 was…

Poland says a state-backed threat group linked to Russia’s military intelligence service (GRU) has been targeting Polish government institutions throughout the week. According to evidence found by CSIRT MON, the country’s Computer Security Incident Response Team (led by the Polish Minister of National Defense) and CERT Polska (the Polish computer emergency response team), Russian APT28…

Project management platform Monday.com has removed its “Share Update” feature after threat actors abused it in phishing attacks. Monday.com is a cloud-based project management platform that allows teams to organize and manage their work using automated workflows and dashboards. The platform is used by 225,000 customers, including Coca-Cola, Canva, LionsGate, Oxy, Compass, and Zippo. On Tuesday, Monday.com customers…

Citrix notified customers this week to manually mitigate a PuTTY SSH client vulnerability that could allow attackers to steal a XenCenter admin’s private SSH key. XenCenter helps manage Citrix Hypervisor environments from a Windows desktop, including deploying and monitoring virtual machines. The security flaw (tracked as CVE-2024-31497) impacts multiple versions of XenCenter for Citrix Hypervisor…