Cyber researchers discovered on a new remote access trojan and information stealer used by Iranian state-sponsored actors to conduct reconnaissance of compromised endpoints and execute malicious commands. The malware was first documented late last month by U.S. and Israeli cybersecurity agencies, describing it as an “exploitation tool for gathering information about an end point and running remote…
CISA recently warned that attackers are exploiting a critical missing authentication vulnerability in Palo Alto Networks Expedition, a migration tool that can help convert firewall configuration from Checkpoint, Cisco, and other vendors to PAN-OS. This security flaw, tracked as CVE-2024-5910, was patched in July, and threat actors can remotely exploit it to reset application admin credentials on Internet-exposed Expedition…
Microsoft observed that a covert Chinese botnet, relying on compromised TP-Link routers, commits stealthy password-spraying attacks, only attempting to access accounts once per day. This malicious operation was discovered in August 2023 and employed an average of 8,000 compromised devices at any given time, according to a new report by Microsoft Threat Intelligence. The botnet…
OpenText has revealed its highly anticipated “Nastiest Malware of 2024” list, spotlighting the year’s most notorious cyber threats. In its seventh year, OpenText’s cybersecurity experts have identified the most relentless and adaptive malware trends impacting industries worldwide. This year, ransomware aimed at critical infrastructure takes center stage, highlighting an urgent call for reinforced security to…
Fidelity Investments has confirmed that it suffered a major data breach to US authorities. In its filing with the Office of the Maine Attorney General, the US-based asset manager said the incident, which occurred in August, exposed the personal information of more than 77,000 customers. Fidelity Investments added that it had commissioned external security experts…
61% of healthcare companies experienced a cloud cyberattack in the yr2023, with 86% of these attacks resulting in financial losses or significant damages. Healthcare remains top amongst favorite for Cybercriminals, 14M patients affected in the U.S. have been affected by data breaches in 2024 so far, reports SonicWall . 91% of the healthcare data breaches…
Star Health India’s biggest health insurer, on Saturday said it had received a ransom demand of $68,000 from a cyberhacker in connection with a leak of customer data and medical records. Star, which has a roughly $4 billion market cap, is battling a reputational and business crisis since Reuters reported on Sept. 20 that a…
After a social media post went viral claiming that public transportation body Prasarana was facing a ransomware attack, the firm confirmed that it was facing a cybersecurity issue. In the statement posted on RapidKL’s social media, Prasarana said that it “confirms social media reports regarding a cybersecurity incident involving part of their internal systems.” Without…
The vulnerabilities highlight significant risks for users across various platforms, including Windows, macOS, Linux, iOS, and Android. Zoom Video Communications has disclosed several critical vulnerabilities affecting its Workplace Apps, SDKs, and Rooms Clients. These vulnerabilities, identified in multiple security bulletins, potentially allow attackers to escalate privileges on affected systems. The vulnerabilities highlight significant risks…
The Telangana Cyber Security Bureau (TGCSB) has busted an international fraud network by arresting three accused in a Rs 5.40 crore scam. On Tuesday, the officials said that TGSCB arrested three people who were involved in supplying bank account details to cyber fraudsters and were further facilitating the withdrawal of funds. The Telangana Cyber Security…
