In July, researchers at Sophos discovered a new emerging threat in July that exploits the ProxyShell vulnerabilities in Microsoft Exchange servers to attack systems. The ransomware is referred to as LockFile and uses a unique intermittent encryption method as a means of evading detection. The ransomware gans also adopts tactics

In a statement released on Friday, the Boston Public Library confirmed that it was hit by a cyberattack earlier that week that crippled its computer network. There is currently no evidence that sensitive employee or customer data was compromised in the attack. The library represents the largest municipal library in

A critical security vulnerability in Microsoft’s Azure cloud database platform has come to light. The flaw, which lies in Cosmos DB, could have allowed for a full remote takeover of accounts before it was patched. It is unclear whether Microsoft customers were breached during the several months in which the

Bangkok Airways has publicly apologized for a data breach in which the passport information and other personally identifiable data were leaked. The company stated that it discovered the cyberattack on August 23. The airline expressed that it was sorry for any inconvenience that the breach may have caused to customers.

Security researchers at Nozomi Networks have uncovered another critical IoT security camera systems bug that could potentially allow attackers to access and control devices. The remote code execution vulnerability is tracked as CVE-2021-32941 and is located in the web service of the Annke N48PBB network video recorder often used by

Chinese game developer EskyFun Entertainment Network Limited accidentally exposed the personal and device details of over one million players after leaving an internet-facing server unsecured. Researchers at vpnMentor first discovered the unprotected Elasticsearch server on July 5. After no reply from the parent company, they contacted the Hong Kong CERT

HeadSpin has been charged $1 billion by the SEC and the US Department of Justice for allegedly defrauding investors by falsely claiming that the company had achieved strong and consistent growth. The organization markets itself as an AI testing, dev-ops, and mobile testing platform. For two years, officials state that

Cybersecurity researchers at ESET have identified a new threat actor utilizing an undocumented backdoor to infiltrate organizations in the education, retail, and government sectors. The advanced persistent threat (APT) group is an emerging international cybercriminals gang that is broadening its targets to include universities, media firms, and one computer retailer

In Singapore, Eye & Retina Surgeons revealed that over 73,000 patients were affected by a sophisticated cyberattack. The private medical clinic released a statement earlier this week, revealing that the attack took place on August 6. The cyberattack compromised sensitive data such as patients’ names, addresses, ID card numbers, contact

Cisco Systems recently released six security patches linked to its 9000 series networking gear. The patches range in severity from critical to medium. The most serious of the bugs patched by Cisco ranked 9.1 on the CVSS scale and could allow for a remote and unauthenticated adversary to read or