Misconfigurations in Artwork Archive, a platform used to connect artists to potential buyers, allegedly led to a data leak in which the personally identifiable information (PII) of users was exposed. …
Phishing continues to be one of the easiest paths for ransomware
According to a new survey from Cloudian, ransomware gangs are still using phishing attacks as one of the main methods to gain the initial access into organizations' systems. Cloudian's report contains …
Continue Reading about Phishing continues to be one of the easiest paths for ransomware
SonicWall Warns of Imminent Ransomware Attacks Targeting Firmware Flaw
SonicWall, a network appliance vendor, has issued an urgent security notice informing its customers of a serious threat. The threat consists of data-encrypting ransomware attacks targeting known …
Continue Reading about SonicWall Warns of Imminent Ransomware Attacks Targeting Firmware Flaw
Chinese Hackers Target Government Entities in Widespread Campaign
According to a new report from Kaspersky, a recently discovered advanced persistent threat (APT) dubbed LuminousMoth is targeting a large number of organizations in South Asia. The campaign involves …
Continue Reading about Chinese Hackers Target Government Entities in Widespread Campaign
US charges Greek national for selling insider trading subscriptions in the Dark Web
US prosecutors have charged Greek national Apostolos Trovias with offering insider trading services via the Dark Web. Trovias is facing criminal charges for a scheme to solicit and sell stock trading …
Unpatched Critical RCE Bug Allows Industrial, Utility Takeovers
A new critical remote code execution vulnerability in Schneider Electric's programmable logic controllers has been discovered by cybersecurity researchers. The bug has not yet been patched and could …
Continue Reading about Unpatched Critical RCE Bug Allows Industrial, Utility Takeovers
CTOs Keeping Quiet on Breaches to Avoid Cyber Blame Game
According to new research, roughly one-third of IT leaders are not disclosing breaches due to fears that they might lose their jobs. A new poll by Keeper Security polled 1,000 UK IT decision-makers, …
Continue Reading about CTOs Keeping Quiet on Breaches to Avoid Cyber Blame Game
Guess announces breach of employee SSNs and financial data after DarkSide ransomware attack
Fashion brand Guess has notified customers who have been impacted by a ransomware attack that occurred in February. The company has not clarified the number of victims, however, unauthorized access to …
SolarWinds Discloses Zero-Day Under Active Attack
SolarWinds has issued an advisory over a new vulnerability being actively attacked that is not related to the major supply chain attack discovered in December 2020. The company has since developed a …
Continue Reading about SolarWinds Discloses Zero-Day Under Active Attack
Kaseya Patches Zero-Days Used in REvil Attacks
Kaseya, a company targeted by REvil ransomware gang in a massive supply chain attack, has kept its promises and released patches that address critical zero-day vulnerabilities in the Virtual …
Continue Reading about Kaseya Patches Zero-Days Used in REvil Attacks