Category: Kamban

​CISA warned today of threat actors trying to breach critical infrastructure networks by targeting Internet-exposed industrial devices using “unsophisticated” methods like brute force attacks and default credentials. According to the cybersecurity agency, these ongoing attacks targeting critical infrastructure OT and ICS devices are also impacting water and wastewater systems. OT devices integrate hardware and software…

The iconic Winamp media player has fulfilled a promise made in May and released its complete source code on GitHub, inviting developers to collaborate on the project. Winamp is a media player launched in 1997 by Nullsoft, which gained massive popularity in the following years, coinciding with the rise of MP3s music files. The player featured a…

The iconic Winamp media player has fulfilled a promise made in May to go open-source and has now published its complete source code on GitHub. Winamp is a media player launched in 1997 by Nullsoft, which gained massive popularity in the following years, coinciding with the rise of MP3s music files. The player featured a simple…

Image: MidjourneyMicrosoft has released the September 2024 non-security preview update for Windows 10, version 22H2, with fixes for bugs causing Edge web browser freezes and media playback issues. Today’s optional cumulative update (KB5043131) is a maintenance release designed to allow Windows administrators to test fixes and improvements. This will ensure a more reliable user experience…

AutoCanada is warning that employee data may have been exposed in an August cyberattack claimed by the Hunters International ransomware gang. Although the firm says it has detected no fraud campaigns targeting impacted individuals, it is sending notifications to alert affected people of potential risks. In mid-August, the car dealership company disclosed that it had…

Image: MidjourneyArkansas City, a small city in Cowley County, Kansas, was forced to switch its water treatment facility to manual operations over the weekend to contain a cyberattack detected on Sunday morning. City officials have informed relevant authorities about the incident, and Homeland Security and FBI agents are investigating, as reported by local media. City…

The Centers for Medicare & Medicaid Services (CMS) federal agency announced earlier this month that health and personal information of more than three million health plan beneficiaries was exposed in the MOVEit attacks Cl0p ransomware conducted last year. The hackers stole the data after breaching the Wisconsin Physicians Service (WPS) health insurance corporation, which provided Medicare…

Infostealer malware developers released updates claiming to bypass Google Chrome’s recently introduced feature App-Bound Encryption to protect sensitive data such as cookies. App-Bound Encryption was introduced in Chrome 127 and is designed to encrypt cookies and stored passwords using a Windows service that runs with system privileges. This model does not allow infostealer malware, which runs with the…

In an email campaign targeting French users, researchers discovered malicious code believed to have been created with the help of generative artificial intelligence services to deliver the AsyncRAT malware. While cybercriminals have used generative AI technology to create convincing emails, government agencies have warned about the potential abuse of AI tools to creating malicious software, despite the safeguards…

CISA has tagged another critical Ivanti security vulnerability, which can let threat actors create rogue admin users on vulnerable Virtual Traffic Manager (vTM) appliances, as actively exploited in attacks. Tracked as CVE-2024-7593, this auth bypass flaw is caused by an incorrect implementation of an authentication algorithm that lets remote unauthenticated attackers circumvent authentication on Internet-exposed…