21 Apr 2021

Japan Says Chinese Military Likely Behind Cyberattacks

Tokyo police are investigating a series of cyberattacks on roughly 200 Japanese companies and research organizations. Initial investigations point towards a hacking group believed to be linked to the Chinese military, according to a statement made by the Japanese government on Tuesday. Among the list of hacked organizations is the

Read More
21 Apr 2021

China-linked hackers used VPN flaw to target U.S. defense industry -researchers

According to cybersecurity researchers, at least two threat groups have spent months taking advantage of a previously undisclosed vulnerability in US virtual private networking (VPN) devices, exploiting the flaw to spy on the US defense industry. Cybersecurity researchers at Ivanti stated that hackers took advantage of the flaw in its

Read More
21 Apr 2021

Codecov breach impacted ‘hundreds’ of customer networks: report

Codecov, a DevOps tool provider, suffered from a security breach that has impacted hundreds of clients, according to new information provided by US investigators working on the case. According to the investigators, the attackers responsible for the attack managed to both exploit Codecov software and use the organization as a

Read More
21 Apr 2021

Zero-day vulnerabilities in SonicWall email security are being actively exploited

SonicWall released a security alert on Tuesday stating that they had published fixes to address three critical issues being actively exploited in the wild. The company urged its customers to apply the patches as soon as possible. The vulnerabilities lie in its email security solution, impacting hosted and on-premises email

Read More
20 Apr 2021

Campus Still Closed as Portsmouth University Reels from Suspected Ransomware

The University of Portsmouth continues to struggle to recover from a suspected ransomware attack, with key IT systems still down. The attack occurred roughly a week ago, delaying the start of the new term. The university stated that an ongoing technical disruption caused the outage in a notice displayed on

Read More
20 Apr 2021

NitroRansomware Asks for $9.99 Discord Gift Codes, Steals Access Tokens

The NitroRansomware malware strain launched a new campaign demanding Discord Nitro gift codes from victims instead of actual money. Although this seems like a less viable threat, research into the campaign showed that the NitroRansomware can then inflict serious damage in follow-up attacks on the same victims. The platform, Discord

Read More
19 Apr 2021

Coding error allowed attackers to delete Facebook live video

Facebook has recently resolved an issue that allowed attackers to delete content posted on Facebook Live without the consent of the video’s owner. Just two days ago, cybersecurity researcher Ahmad Talahmeh posted an advisory explaining how the vulnerability worked and providing a Proof-of-Concept code that was able to trigger an

Read More
19 Apr 2021

FIN7 Sysadmin Gets 10 Years Behind Bars

Ukrainian national Fedir Hladyr has received 10 years behind bars for his part in financial crimes that cost firms and consumers billions. Hladyr was the manager and sysadmin for FIN7, also known as Carbanak, which is believed to have made millions of dollars by targeted banks, restaurants, gambling, and hospitality

Read More
19 Apr 2021

NSA: 5 Security Bugs Under Active Nation-State Cyberattack

The National Security Agency (NSA) has released an alert warning that five vulnerabilities are being actively targeted by nation-state actors. The bugs affect VPN solutions, collaboration-suite software, and virtualization technologies in widely deployed platforms from Citrix, Fortinet, Pulse Secure, Synacor, and VMware. According to the NSA, the goal of the

Read More
16 Apr 2021

Google to Delay Publishing Bug Details for 30 Days

Google has announced that they will not publish vulnerabilities details for 30 days after the initial public disclosure, allowing customers more time to fix the bugs and implement patches before technical details are released that could potentially be used by an attacker to exploit the flaw. Google’s Project Zero team

Read More