Category: Kamban
Image: Midjourney Today, the Cybersecurity and Infrastructure Security Agency (CISA) warned that criminals are impersonating its employees in phone calls and attempting to deceive potential victims into transferring money. This is part of a broader trend in which fraudsters are trying to legitimize their scams by using government employees’s titles and names. “The Cybersecurity and…
Read MoreSafety and location services company Life360 says it was the target of an extortion attempt after a threat actor breached and stole sensitive information from a Tile customer support platform. Life360 provides real-time location tracking, crash detection, and emergency roadside assistance services to more than 66 million members worldwide. In December 2021, it acquired Bluetooth…
Read MoreMicrosoft has announced that the DirectAccess remote access solution is now deprecated and will be removed in a future release of Windows, recommending companies migrate to the ‘Always On VPN’ for enhanced security and continued support. DirectAccess is a bidirectional remote access technology introduced by Microsoft in Windows 7 and Windows Server 2008 R2, providing domain-joined…
Read MoreThe Ukraine cyber police have arrested a 28-year-old Russian man in Kyiv for working with Conti and LockBit ransomware operations to make their malware undetectable by antivirus software and conducting at least one attack himself. The investigation was backed by information shared by the Dutch police who responded to a ransomware attack on a Dutch multinational,…
Read MoreThe Black Basta ransomware operation is suspected of exploiting a Windows privilege escalation vulnerability (CVE-2024-26169) as a zero-day before a fix was made available. The flaw is a high-severity issue (CVSS v3.1: 7.8) in the Windows Error Reporting Service, allowing attackers to elevate their privileges to SYSTEM. Microsoft fixed the flaw on March 12, 2024,…
Read MoreA Unified Communication Certificate (UCC), also known as a Multi-Domain SSL or SAN certificate, offers a streamlined and cost-effective solution. Originally designed for Microsoft Exchange and Office Communication servers, UCC SSL certificates allow you to secure up to 250 domains with a single certificate. This article explores the benefits and workings of UCC SSL certificates.…
Read MorePure Storage, a leading provider of cloud storage systems and services, confirmed on Monday that attackers breached its Snowflake workspace and gained access to what the company describes as telemetry information. While the exposed information also included customer names, usernames, and email addresses, it did not contain credentials for array access or any other data…
Read MoreThe TellYouThePass ransomware gang has been exploiting the recently patched CVE-2024-4577 remote code execution vulnerability in PHP to deliver webshells and execute the encryptor payload on target systems. Attacks started on June 8, less than 48 hours after the release of security updates by PHP’s maintainers, and relied on publicly available exploit code. TellYouThePass ransomware is…
Read MoreImage: Midjourney A never-before-seen Windows malware named ‘Warmcookie’ is distributed through fake job offer phishing campaigns to breach corporate networks. According to Elastic Security Labs, which discovered the new threat, Warmcookie is capable of extensive machine fingerprinting, screenshot capturing, and the deployment of additional payloads. The campaign is currently underway, and the threat actors create new…
Read MoreImage: Midjourney The Dutch Military Intelligence and Security Service (MIVD) warned today that the impact of a Chinese cyber-espionage campaign unveiled earlier this year is “much larger than previously known.” As the MIVD disclosed in February in a joint report with the General Intelligence and Security Service (AIVD), Chinese hackers exploited a critical FortiOS/FortiProxy remote…
Read MoreRecent Posts
- Global infostealer malware operation targets crypto users, gamers
- Hacktivist Group Twelve Targets Russian Entities with Destructive Cyber Attacks
- Ukraine Bans Telegram Use for Government and Military Personnel
- LinkedIn Halts AI Data Processing in UK Amid Privacy Concerns Raised by ICO
- False claims of hacked voter data – Week in security with Tony Anscombe