17 Aug 2022

Healthcare Provider Issues Warning After Tracking Pixels Leak Patient Data

Novant Health, a US healthcare provider, has notified patients that their personal information may have been leaked via a tracking tool that has been linked to Facebook. The company announced the data breach in a blog post published last Friday. The organization also apologized for the concern caused to its

Read More
17 Aug 2022

Two Additional Malicious Python Libraries Found on PyPI Repository

Security researchers at Kaspersky have identified two more malicious Python packages in the Python Package Index repository. This occurred just days after Check Point researchers found 10 malicious Python packages. Kaspersky has released a blog post detailing the additional packages, both of which were masquerading as popular open-source packages. The

Read More
17 Aug 2022

FBI, CISA warn over ransomware gang that can make million dollar demands

Earlier this week, the US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a report detailing the tactics of the ransomware group referred to as Zeppelin. The group has been targeting organizations in the US and Europe, often issuing massive ransomware demands once they

Read More
16 Aug 2022

Xiaomi Phone Bug Allowed Payment Forgery

In a report published released last week at the annual DEF CON conference in Las Vegas, Check Point researchers revealed that a flaw in the smartphone maker Xiaomi could lead to mobile transactions being disabled, created, and signed by attackers. Xiaomi is the world’s third largest phone maker. The company

Read More
16 Aug 2022

Luckymouse Uses Compromised MiMi Chat App to Target Windows and Linux Systems

Threat actor Luckymouse has reportedly used a trojanized version of the cross-platform messaging app MiMi to install backdoors on Windows, macOS, and Linux operating systems. The group is also identified as Emissary Panda, APT27, and Bronze Union. The news was reported by Trend Micro. According to the report, Luckymouse modifies

Read More
16 Aug 2022

Microsoft Disrupts Russian Cyber-Espionage Group Seaborgium

Microsoft has announced that it disrupted a Russian-state backed threat group that is believed to have run espionage campaigns against several different NATO countries. According to the tech giant, the prolific hacking group that is identified by the name “Seaborgium” focuses most of its attacks on entities located in the

Read More
15 Aug 2022

Critical Infrastructure at Risk as Thousands of VNC Instances Exposed

Security researchers have warned that several global organizations are vulnerable to remote compromise due to exposed Virtual Network Computing (VNC) instances. Security researchers at Cyble reported that more than 8,000 VNC instances are vulnerable to attack. The majority of the instances are managed by critical infrastructure organizations located across the

Read More
12 Aug 2022

Recovery From NHS Ransomware Attack May Take a Month

Last week, a key NHS IT partner suffered from a ransomware attack that could take up to a month to recover from. The company, Advanced, operates several key systems for the health service. This includes clinical patient management and financial software. One of Advanced’s key healthcare clients is NHS 111,

Read More
11 Aug 2022

Cisco Confirms Network Breach Via Hacked Employee Google Account

Cisco Systems has confirmed that it suffered from a network breach after attackers were able to gain access to an employee’s VPN client via a compromised Google account. The network giant released a statement on Wednesday addressing the security incident. The attack occurred in May and was perpetrated by the

Read More
11 Aug 2022

DeathStalker’s VileRAT Continues to Target Foreign and Crypto Exchanges

Threat actor DeathStalker is actively targeting cryptocurrency exchanges located around the world with the VileRAT malware, according to Kaspersky researchers. The researchers published an advisory just days ago in which the campaign is detailed. The campaign reportedly began in September 2020 but revamped its efforts in June 2022, leveraging the

Read More