Malicious PyTorch Package Downloaded Thousands of Times
The developer behind the open source machine learning framework PyTorch learned of a malicious dependency mimicking one of its own. According to PyTorch, the malicious dependency was available on a leading code repository over the Christmas period and had the same name as a legitimate dependency. However, the malicious version
New Phishing Campaign Impersonates Flipper Zero to Target Cyber Professionals
Security researcher Dominic Alvieri raised the alarm on several social media accounts and fake websites claiming to sell the sough after hacking tool Flipper Zero. The fraudulent sites are designed to lure cybersecurity professionals into making cryptocurrency transactions. The type of phishing is known as angler phishing and is a
Hacker Selling Data Allegedly Stolen From Volvo Cars Following Ransomware Attack
A hacker listed data for sale on a public hacker forum on December 31 claiming that the data was stolen from Swedish vehicle manufacturer Volvo Cars. The hacker alleges that the data breach was a result of a ransomware attack conducted in late December. The hacker further claims that the
EU Set to Impose Coordinated Controls on Travelers From China
The European Union member states have begun planning for the implementation of coordinated controls on passengers arriving from China. This could include mandatory pre-travel testing to avoid consequences of China’s sudden reversal of its zero-Covid policy. The decision will likely be finalized on Wednesday and would follow in the path
Researchers Discover New Linux Malware Targeting WordPress Sites
Research by cybersecurity firm Dr. Web has found that a new strain of Linux malware is targeting websites based on WordPress. The malware has been named Linux.BackDoor.WordPressExploit.1 and targets 32-bit versions of Linux. The malware is primarily used to hack websites based on content management systems and to inject malicious
No Major Spike in Reported Ransomware in 2022
Emsisoft has reported that there was no spike in ransomware attacks reported in 2022. The report found that over 200 organizations in the healthcare, government, and education sectors were compromised by ransomware in the past year, representing a similar figure to 2021. Emsisoft published the findings in a recent report
CISA Says Two Old JasperReports Vulnerabilities Exploited in Attacks
Two JasperReports flaws have been added to the US Cybersecurity and Infrastructure Security Agency’s (CISA) Exploited Vulnerabilities Catalog. The library is reportedly the world’s most popular open source reporting engine and now includes flaws in the JasperReports software that enable non-technical users to create reports and perform more functions. The
Google to Pay Indiana $20 Million to Resolve Privacy Suit
Indiana Attorney General Todd Rokita has confirmed that Google will pay Indiana roughly $20 million to resolve a lawsuit regarding alleged deceptive location tracking practices. The state of Indiana sued the technology giant due to an investigation that concluded Google continued to track users’ location data after they opted out.
LockBit Hands Ransomware Decryptor to Kids’ Hospital
The prolific LockBit ransomware group has not only apologized to a children’s hospital for conducting a ransomware attack, but has also provided it with a free decryption key. The attack targeted Toronto’s Hospital for Sick Children (SickKids) on December 18, 2022. The facility is Canada’s largest pediatric hospital and admitted
Ukrainian Cops Bust Major Vishing Call Center
Ukrainian investigators have taken down a major call center operation blamed for defrauding thousands of Kazakhstani victims. The call center takedown was a collaboration between officers from Ukraine’s Cyber Police Department and the Main Investigative Department of the National Police. Police reported that 40 individuals were arrested in connection with