Category: Information Security
Automotive giant Mercedes-Benz narrowly avoided a significant leak of confidential internal data. Cybersecurity firm RedHunt Labs discovered that a Mercedes employee had inadvertently left a developer key publicly accessible online, offering unrestricted access to...
A Canadian court has sentenced 33-year-old Matthew Philbert to two years in prison after he pleaded guilty to disseminating ransomware and launching malicious attacks on individuals, businesses, and government institutions. Philbert, arrested in Canada...
Researchers from Trustwave have reported a steady increase in the use of a Phishing-as-a-Service (PhaaS) platform called Greatness, which targets the collection of Microsoft 365 user credentials. Greatness is marketed to other cybercriminals as...
Security experts from Malwarebytes have recently uncovered a malicious campaign targeting Chinese-speaking users, who fell victim to cybercriminals through the Google Ads advertising service. Cybercriminals exploited Google advertiser accounts to create fraudulent ads that...
Numerous publicly available Proof-of-Concept (PoC) exploits for a critical vulnerability in Jenkins, which allow an unauthenticated attacker to read arbitrary files, have emerged, and cyber criminals are already actively leveraging these flaws in their...
A critical zero-click vulnerability, CVE-2023-7028 (rated CVSS 10.0) has been discovered by researchers in over 5,300 instances of GitLab accessible from the internet. Although the issue has been rectified in the latest versions of...
Researchers at Arctic Wolf have discovered a new malicious downloader, crafted in the Go language and dubbed CherryLoader. This threat, previously observed in the wild, aims to facilitate the delivery of additional malware onto...
The cybersecurity firm Orca Security has identified a vulnerability in Google Kubernetes Engine (GKE) that enables individuals with a Google account to gain control over Kubernetes clusters. This issue has been codenamed Sys:All. It...
In today’s world, where technology has reached an advanced level of development, the issue of global surveillance becomes particularly pressing. According to an investigation by 404 Media, hundreds of thousands of popular applications are...
The Slovak cybersecurity firm ESET has uncovered the operations of a previously unknown hacker group linked to China, christening it with the codename Blackwood. Active since 2018, this group has specialized in adversary-in-the-middle (AitM),...
A recent study by Dutch researcher Tom Meurs from the University of Twente has uncovered factors influencing the likelihood of ransomware victims paying ransoms to cybercriminals. The analysis utilized data from the Dutch police...
At the outset of this week, Microsoft disclosed that its corporate email system had been compromised by the Russian-speaking hacker collective known as Midnight Blizzard (also recognized as Nobelium, APT29, and Cozy Bear), wherein...