Category: Kamban

The Housing Authority of the City of Los Angeles (HACLA), one of the largest public housing authorities in the United States, confirmed that a cyberattack hit its IT network after recent breach claims from the Cactus ransomware gang. HACLA provides affordable public housing and assistance programs to low-income families, children, and seniors in Los Angeles,…

Read More

Microsoft warned customers they might experience up to 30 minutes of black screens when logging into Azure Virtual Desktop (AVD) after installing the KB5040525 Windows 10 July 2024 preview update. Additional symptoms include single sign-on (SSO) failures (on Office applications such as Outlook and Teams) blocking connections to backend services or preventing data syncs and…

Read More

OpenAI’s new “ChatGPT search” Chrome extension feels like nothing more than a typical search hijacker, changing Chrome’s settings so your address bar searches go through ChatGPT Search instead. Yesterday, OpenAI launched its new AI search product “ChatGPT Search,” which provides real-time answers to conversational searches on the platform.  “ChatGPT can now search the web in a…

Read More

LastPass is warning about an ongoing campaign where scammers are writing reviews for its Chrome extension to promote a fake customer support phone number. However, this phone number is part of a much larger campaign to trick callers into giving scammers remote access to their computers, as discovered by BleepingComputer. LastPass is a popular password…

Read More

Synology, a Taiwanese network-attached storage (NAS) appliance maker, patched two critical zero-days exploited during last week’s Pwn2Own hacking competition within days. Midnight Blue security researcher Rick de Jager found the critical zero-click vulnerabilities in the company’s Synology Photos and BeePhotos for BeeStation software. While they’re yet to receive CVE IDs for easier tracking, Trend Micro’s…

Read More

The Dstat.cc DDoS review platform has been seized by law enforcement, and two suspects have been arrested after the service helped fuel distributed denial-of-service attacks for years. The seizure and arrests were conducted as part of “Operation PowerOFF,” an ongoing international law enforcement operation that targets DDoS-for-hire platforms, aka “booters” or “stressers,” to seize infrastructure and…

Read More

Data Exfiltration Detection: Best Practices and Tools Few cybersecurity incidents have as much potential for harm as data exfiltration. Attacks where criminals seek to steal data from a business and then use it to extort money from the victim or sell it directly to others on the dark web, have grown hugely in popularity in…

Read More

Sophos disclosed today a series of reports dubbed “Pacific Rim” that detail how the cybersecurity company has been sparring with Chinese threat actors for over 5 years as they increasingly targeted networking devices worldwide, including those from Sophos. For years, cybersecurity firms have warned enterprises that Chinese threat actors exploit flaws in edge networking devices…

Read More

‘Our customers have been asking us for more, especially in security and optimization,’ says Jeff Coursen, Evolve IP’s outgoing CEO. ‘This merger allows us to enhance our offerings and meet that demand head-on.’ Solution providers Evolve IP and ATSG announced a strategic merger Thursday to create an IT services company that will generate about $240…

Read More

Microsoft warns that Chinese threat actors use the Quad7 botnet, compromised of hacked SOHO routers, to steal credentials in password-spray attacks. Quad7, also known as CovertNetwork-1658 or xlogin, is a botnet first discovered by security researcher Gi7w0rm that consists of compromised SOHO routers. Later reports by Sekoia and Team Cymru reported that the threat actors are targeting…

Read More