Shockwaves from the Russian government’s hack of Microsoft’s corporate infrastructure continue to spread with news that the software giant is notifying surprised customers that their emails were also stolen by the Midnight Blizzard hackers. According to published reports, Redmond’s incident response team is providing a secure portal for customers to view specifics of emails stolen…
Cybersecurity researchers uncovered a sophisticated attack campaign by the Water Sigbin (aka 8220 Gang) threat actor that exploited vulnerabilities in the Oracle WebLogic Server, notably CVE-2017-3506 and CVE-2023-21839, to deploy the XMRig cryptocurrency miner on compromised systems. The attack begins with the threat actor exploiting the WebLogic vulnerabilities to execute a malicious PowerShell script on the victim…
Santa Barbara Systems, a General Dynamics (GD.N) subsidiary in Spain that is refurbishing Leopard tanks for delivery to Ukraine, suffered a cyberattack on its website, a pro-Russia hacker group said. A spokesperson for General Dynamics confirmed that the defence contractor’s Spanish unit had been targeted in an attempted cyberattack “that was detected immediately and has not…
Hackers Backdoored Courtroom Video Recording Software With System Hijacking Malware Courtroom software hijacked discovered by researchers of Rapid7 A vulnerability (CVE-2024-4978) has been identified in JAVS Viewer v8.3.7, a critical component for managing digital recordings in legal and government environments. The installer for this version is backdoored, allowing attackers to remotely seize control of infected…
During the Hajj season, there is an increased risk of online scams targeting individuals who are planning to make the pilgrimage to Mecca. Fraudsters employ various tactics to deceive and defraud unsuspecting pilgrims. According to the Association of British Travel Agents (ABTA), every year, around 25,000 pilgrims from the UK travel to Saudi Arabia…
MediSecure, an electronic prescriptions provider, suffered a data breach that compromised people’s health data. The Australian Federal Police have investigated and reported the breach to Australia’s National Cyber Security Coordinator. In 2023, MediSecure was not selected in a government tender process, but despite this, MediSecure secured over 28 million scripts. Lt Gen Michelle McGuinness, the…
Google Chrome users should check if their browser is updated, as versions prior to 124.0.6367.207 allow malicious actors to exploit critical flaws. Following an emergency security patch, Google has released Chrome version 125, which fixes two additional high-risk flaws. The Chrome team released stable version 125, which brings nine security fixes and other improvements. Users…
The UK, US and Australia have sanctioned the Russian leader of cyber-crime gang LockBit. UK, US and Australia sanction Russian leader of cyber-crime gang LockBit LockBit were one of the most prolific ransomware groups in recent years, responsible for attacks on over 200 UK businesses and major public service providers UK and Allies crack down…
Amidst rising tensions with China in the South China Sea, Resecurity has observed a significant spike in malicious cyber activity targeting the Philippines in Q1 2024, increasing nearly 325% compared to the same period last year. The number of cyberattacks involving hacktivist groups and foreign misinformation campaigns has nearly tripled. In Q2 2024, this growth trajectory continues, with Resecurity observing multiple cyberattacks staged by previously unknown threat actors. These attacks are characterized by the…
The Department of Health and Human Services (HHS) has begun an initiative to better organize and equip its healthcare cyber security programs through a one-stop shop. This latest resource is created through the HHS Administration for Strategic Preparedness and Response (ASPR), which leads the US during disasters and public health emergencies relating to health and…
