16 Jun 2021

Millions of Connected Cameras Open to Eavesdropping

According to a warning released by the Cybersecurity and Infrastructure Security Agency, millions of connected security and home cameras contain a critical software vulnerability that could allow for remote attackers to view video feeds. The bug has been designated as a 9.1 CVSS score, meaning that it is of high

Read More
16 Jun 2021

Facebook awards $30,000 bounty for exploit exposing private Instagram content

Bounty hunter Mayur Fartade has been awarded $30,000 for discovering and reporting a vulnerability in Instagram’s privacy features. According to Fartade, he uncovered a set of vulnerable endpoints within the Instagram app that allowed hackers to view private media on the platform without following a targeted account. Fartade wrote in

Read More
15 Jun 2021

Researchers Attribute SITA Cyberattack to Chinese Hackers

A cyberattack on SITA that impacted multiple airlines across the globe was likely the work of a Chinese nation-state threat actor known as APT41, according to new research from security experts at Group-IB. The attack was disclosed in March and affected airlines such as Air India, Air New Zealand, Singapore

Read More
15 Jun 2021

REvil Claims Responsibility for Invenergy Hack

Ransomware group REvil has claimed responsibility for an attack in Invenergy, a US-based renewable energy company headquartered in Chicago. The company allegedly launched an investigation of its network after it detected unauthorized activity on some of its systems. On Friday, the company issued a statement confirming that its operations were

Read More
15 Jun 2021

Critical remote code execution flaw in thousands of VMWare vCenter servers remains unpatched

Thousands of internet-facing VMWare vCenter servers are still impacted by critical vulnerabilities despite patches being released weeks ago, warn researchers. The vulnerabilities impact the centralized management utility Center Server. VMWare issued patches for the two critical bugs on May 25, however, not all servers have adhered to recommendations and implemented

Read More
14 Jun 2021

REvil Hits US Nuclear Weapons Contractor

Sol Oriens, a US subcontractor for the Department of Energy that works on nuclear weapons was hit by a cyberattack last month that was allegedly the work of the infamous REvil ransomware gang. REvil posted a statement to its website that states that the malicious organization boasts the right to

Read More
14 Jun 2021

Global Police Close Record Number of Fake Pharma Sites

Over 110,000 fake websites and online marketplaces advertising fraudulent pharmaceuticals have been shut down as part of an international crackdown on fake pharma sites, according to the global policing organization Interpol. Interpol states that the operation, deemed Operation Pangea XIV, involved customs, law enforcement, and regulatory officers from 92 different

Read More
14 Jun 2021

McDonald’s Suffers Data Breach

McDonald’s has suffered from a data breach that has impacted customers and employees located in South Korea and Taiwan. The breach, which was the result of a cyberattack, also affected company operations in the United States. An unauthorized third party allegedly broke into the system of McDonald’s Cope. and accessed

Read More
11 Jun 2021

Gaming Giant EA Suffers Major Data Breach

Gaming giant Electronic Arts has suffered from a major data breach that includes details pertaining to game source code and tools for several popular games. Cybercriminals claimed to have breached the company in blog posts published on underground hacking forums. These posts advertised 780GB of data for sale. EA later

Read More
11 Jun 2021

‘Fancy Lazarus’ Cyberattackers Ramp up Ransom DDoS Efforts

APT group “Fancy Lazarus” has been ramping up its ransom DDoS efforts in several new campaigns against US entities. The group is known for masquerading as various APT groups to distract security researchers. Researchers state the APT group is launching a new series of attacks using a combination of the

Read More