Prasarana confirms cybersecurity breach, public transport operations unaffected

After a social media post went viral claiming that public transportation body Prasarana was facing a ransomware attack, the firm confirmed that it was facing a cybersecurity issue. In the statement posted on RapidKL’s social media, Prasarana said that it “confirms social media reports regarding a cybersecurity incident involving part of their internal systems.” Without…

Read More

Zoom Critical Vulnerabilities Let Attackers Escalate Privileges

  The vulnerabilities highlight significant risks for users across various platforms, including Windows, macOS, Linux, iOS, and Android. Zoom Video Communications has disclosed several critical vulnerabilities affecting its Workplace Apps, SDKs, and Rooms Clients. These vulnerabilities, identified in multiple security bulletins, potentially allow attackers to escalate privileges on affected systems. The vulnerabilities highlight significant risks…

Read More

North Korean hackers stealing military secrets, say US & allies

North Korean hackers have conducted a global cyber espionage campaign in efforts to steal classified military secrets to support Pyongyang’s banned nuclear weapons programme, the United States, Britain and South Korea said in a joint advisory on Thursday. The hackers, dubbed Anadriel or APT45 by cybersecurity researchers, are believed to be part of North Korea’s…

Read More

SAP AI Core Vulnerabilities Expose Customer Data to Cyber Attacks

Cybersecurity researchers have uncovered security shortcomings in SAP AI Core cloud-based platform for creating and deploying predictive artificial intelligence (AI) workflows that could be exploited to get hold of access tokens and customer data. The five vulnerabilities have been collectively dubbed SAPwned by cloud security firm Wiz. “The vulnerabilities we found could have allowed attackers to access customers’ data…

Read More

Hackers Leaks with 1,000 Crore Passwords Online in Biggest Cyber Security Breach

Passwords Leaked: A file with around 10 billion (1,000 crore) passwords was leaked via an online hacking forum, according to a report by Semafor. The compilation, which included old and new password breaches, was posted online on July 4, and is the largest such leak yet, it added. The report noted the risk of credential-stuffing attacks being…

Read More

Dark Web offers Botnets for as low as $99, fuelling Cyberattacks

Hackers add more devices to the network of slave digital devices, which would do what hackers want them to do. These networks, called botnets, launch large-scale cyberattacks, including the dreaded Distributed Denial of Services (DDoS). Now Dark web peers are selling botnets at throw-away prices ranging from $99 on the Dark Web, according to cybersecurity…

Read More

Microsoft Alerts More Customers to Email Theft in Expanding Midnight Blizzard Hack

Shockwaves from the Russian government’s hack of Microsoft’s corporate infrastructure continue to spread with news that the software giant is notifying surprised customers that their emails were also stolen by the Midnight Blizzard hackers. According to published reports, Redmond’s incident response team is providing a secure portal for customers to view specifics of emails stolen…

Read More

Water Sigbin Hackers Exploit Oracle WebLogic Vulnerabilities

Cybersecurity researchers uncovered a sophisticated attack campaign by the Water Sigbin (aka 8220 Gang) threat actor that exploited vulnerabilities in the Oracle WebLogic Server, notably CVE-2017-3506 and CVE-2023-21839, to deploy the XMRig cryptocurrency miner on compromised systems.   The attack begins with the threat actor exploiting the WebLogic vulnerabilities to execute a malicious PowerShell script on the victim…

Read More

Russian Hackers Claim Cyberattack on Spanish Defence Company

Santa Barbara Systems, a General Dynamics (GD.N) subsidiary in Spain that is refurbishing Leopard tanks for delivery to Ukraine, suffered a cyberattack on its website, a pro-Russia hacker group said. A spokesperson for General Dynamics confirmed that the defence contractor’s Spanish unit had been targeted in an attempted cyberattack “that was detected immediately and has not…

Read More

Hackers Backdoored Courtroom Video Recording Software With System Hijacking Malware

Hackers Backdoored Courtroom Video Recording Software With System Hijacking Malware Courtroom software hijacked discovered by researchers of Rapid7 A vulnerability (CVE-2024-4978) has been identified in JAVS Viewer v8.3.7, a critical component for managing digital recordings in legal and government environments.  The installer for this version is backdoored, allowing attackers to remotely seize control of infected…

Read More