Category: Kamban

A former quality assurance employee of National Computer Systems (NCS) was sentenced to two years and eight months in prison for reportedly deleting 180 virtual servers after being fired. Nagaraju Kandula, 39, pleaded guilty to deleting the virtual servers in an attempt to sabotage the firm’s systems out of spite for getting fired from NCS,…

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity Windows vulnerability abused in ransomware attacks as a zero-day to its catalog of actively exploited security bugs. Tracked as CVE-2024-26169, this security flaw is caused by an improper privilege management weakness in the Windows Error Reporting service. Successful exploitation lets local attackers gain…

Microsoft says it removed a Copilot app that was “incorrectly” added to Windows 10 and Windows 11 systems in April due to buggy Microsoft Edge updates. The AI-powered Copilot digital assistant was also added to some Windows Server 2025 preview builds earlier this year, but the company removed it after backlash from Windows admins. However, after…

A former quality assurance employee of National Computer Systems (NCS) was sentenced to two years and eight months in prison for reportedly deleting 180 virtual servers after being fired. Nagaraju Kandula, 39, pleaded guilty to deleting the virtual servers in an attempt to sabotage the firm’s systems out of spite for getting fired from NCS,…

The Scattered Spider gang has started to steal data from software-as-a-service (SaaS) applications and establish persistence through creating new virtual machines. Also tracked as a.k.a. Octo Tempest, 0ktapus, Scatter Swine, and UNC3944, the gang typically engages in social engineering attacks that use SMS phishing, SIM swapping, and account hijacking for on-premise access. Scattered Spider is the name given…

American financial services holding company Globe Life says attackers may have accessed consumer and policyholder data after breaching one of its web portals. The incident was discovered on Thursday, June 13, while reviewing potential vulnerabilities related to access permissions and user identity management for the web portal following an inquiry from a state insurance regulator.…

Microsoft is delaying the release of its AI-powered Windows Recall feature to test and secure it further before releasing it in a public preview on Copilot+ PCs. Initially slated for release in a public preview on June 18 with the arrival of the new Copilot+ AI PCs, the company now says they are delaying its release by…

Leading U.S. commercial bank Truist confirmed its systems were breached in an October 2023 cyberattack after a threat actor posted some of the company’s data for sale on a hacking forum. Headquartered in Charlotte, North Carolina, Truist Bank was formed after SunTrust Banks and BB&T (Branch Banking and Trust Company) merged in December 2019. Now…

IMAGE: MIDJOURNEY Ascension, one of the largest U.S. healthcare systems, revealed that a May 2024 ransomware attack was caused by an employee who downloaded a malicious file onto a company device. Ascension says this was likely an “honest mistake” as the employee thought they were downloading a legitimate file. The attack impacted the MyChart electronic…

The New York Times notified an undisclosed number of contributors that some of their sensitive personal information was stolen and leaked after its GitHub repositories were breached in January 2024. As The Times told BleepingComputer last week, the attackers used exposed credentials to hack into the newspaper’s GitHub repos. However, the breach didn’t affect the newspaper’s internal corporate systems…