Category: Kamban

Almost 2.7 billion records of personal information for people in the United States were leaked on a hacking forum, exposing names, social security numbers, all known physical addresses, and possible aliases. The data allegedly comes from National Public Data, a company that collects and sells access to personal data for use in background checks, to obtain criminal records,…

X has always had a bot problem, but now scammers are utilizing the Ukraine war and earthquake warnings in Japan to entice users into clicking on fake content warnings and videos that lead to scam adult sites, malicious browser extensions, and shady affiliate sites. For months, X has been flooded with posts that contain what…

A series of targeted cyberattacks that started at the end of July 2024, targeting dozens of systems used in Russian government organizations and IT companies, are linked to Chinese hackers of the APT31 and APT 27 groups. Kaspersky, who discovered the activity, dubbed the campaign “EastWind,” reporting that it employs an updated version of the…

Update with further information from Microsoft.​ Microsoft has disclosed a high-severity vulnerability affecting Office 2016 that could expose NTLM hashes to a remote attacker. Tracked as CVE-2024-38200, this security flaw is caused by an information disclosure weakness that enables unauthorized actors to access protected information. The zero-day impacts multiple 32-bit and 64-bit Office versions, including Office…

U.S. law enforcement has arrested two suspected admins of the WWH-Club stolen credit card marketplace after they went on a cash spending spree in Florida. The suspects are Russian national Pavel Kublitskii and Kazakhstan native Alexandr Khodyrev, who were arrested for their roles as administrators and moderators of the cybercrime platform WWH-Club. The two men have…

Microsoft has reminded customers that multiple editions of Windows 11 21H2 and 22H2 will reach the end of servicing in 60 days, on October 8, 2024. The announcement applies to Windows 11 22H2 Home, Pro, Pro Education, Pro for Workstations, and SE editions released on September 20, 2022. On the same day, Windows 11 21H2…

Russia’s telecommunications watchdog Roskomnadzor has restricted access to the Signal encrypted messaging service for what it describes as violations of Russian anti-terrorism and anti-extremism legislation. “User access to the messenger Signal is restricted due to violations of the requirements of the Russian legislation whose fulfillment is necessary to prevent the use of the messenger for…

​CSC ServiceWorks, a leading provider of commercial laundry services and air vending solutions, has disclosed a data breach after the personal information of an undisclosed number of individuals was exposed in a 2023 cyberattack. The company discovered the incident on February 4, 2024, after detecting unusual activity on its network. Subsequently, external cybersecurity experts hired…

AMD is warning about a high-severity CPU vulnerability named SinkClose that impacts multiple generations of its EPYC, Ryzen, and Threadripper processors. The vulnerability allows attackers with Kernel-level (Ring 0) privileges to gain Ring -2 privileges and install malware that becomes nearly undetectable. Ring -2 is one of the highest privilege levels on a computer, running…

​Microsoft has disclosed a high-severity zero-day vulnerability affecting Office 2016 and later, which is still waiting for a patch. Tracked as CVE-2024-38200, this security flaw is caused by an information disclosure weakness that enables unauthorized actors to access protected information such as system status or configuration data, personal info, or connection metadata. The zero-day impacts…