Category: Kamban

Image: Keeper of the Plains in Wichita (Sepavone) The LockBit ransomware gang has claimed responsibility for a disruptive cyberattack on the City of Wichita, which has forced the City’s authorities to shut down IT systems used for online bill payment, including court fines, water bills, and public transportation. Wichita, Kansas, is the largest city in the state, with a population of…

Microsoft has confirmed that last month’s Windows Server security updates may also cause domain controller reboots after the Local Security Authority Subsystem Service (LSASS) process crashes. LSASS is a Windows service that handles security policies, user logins, access token creation, and password changes. The list of impacted Windows versions and buggy security updates includes Windows…

A massive network of 75,000 fake online shops called ‘BogusBazaar’ tricked over 850,000 people in the US and Europe into making purchases, allowing the criminals to steal credit card information and attempt to process an estimated $50 million in fake orders. Additionally, millions of stolen credit card details were resold on dark web marketplaces, allowing other…

Image: DocGo Mobile medical care firm DocGo confirmed it suffered a cyberattack after threat actors breached its systems and stole patient health data. DocGo is a healthcare provider that offers mobile health services, ambulance services, and remote monitoring for patients in thirty US states and across the United Kingdom. In a Tuesday evening FORM 8-K filing…

Hackers have been targeting WordPress sites with an outdated version of the LiteSpeed Cache plugin to create administrator users and gain control of the websites. LiteSpeed Cache (LS Cache) is advertised as a caching plugin used in over five million WordPress sites that helps speed up page loads, improve visitor experience, and boost Google Search ranking. Automattic’s security…

The UK Government confirmed today that a threat actor recently breached the country’s Ministry of Defence and gained access to part of the Armed Forces payment network. The attacked system contained personal data belonging to active and reserve personnel as well as some recently retired veterans. MoD core network unaffected In a statement to the House of Commons today,…

A new attack dubbed “TunnelVision” can route traffic outside a VPN’s encryption tunnel, allowing attackers to snoop on unencrypted traffic while maintaining the appearance of a secure VPN connection. The method, described in detail in a report by Leviathan Security, relies on the abuse of Dynamic Host Configuration Protocol’s (DHCP) option 121, which permits the…

Nearly 52,000 internet-exposed Tinyproxy instances are vulnerable to CVE-2023-49606, a recently disclosed critical remote code execution (RCE) flaw. Tinyproxy is an open-source HTTP and HTTPS proxy server designed to be fast, small, and lightweight. It is specifically tailored for UNIX-like operating systems and is commonly used by small businesses, public WiFi providers, and home users. At the…

BetterHelp has agreed to pay $7.8 million in a settlement agreement with the U.S. Federal Trade Commission (FTC) over allegations of misusing and sharing consumer health data for advertising purposes. Founded in 2013, BetterHelp is an alternative to traditional face-to-face therapy sessions. It provides a mental health platform for direct counseling from licensed therapists through text,…

The FBI, UK National Crime Agency, and Europol have unveiled sweeping indictments and sanctions against the admin of the LockBit ransomware operation, with the identity of the Russian threat actor being revealed for the first time. According to a new indictment by the US Department of Justice and a press release by the NCA, the LockBit ransomware operator…