28 Jun 2022

Chinese Researchers Find Critical Security Flaws in CoDeSys Automation Software

According to an advisory by Chinese cybersecurity firm NSFOCUS, its researchers have detected 11 security vulnerabilities that lie in the CoDeSys automation software that could lead to unauthorized access to company resources or denial-of-service attacks. The researchers claim that the bugs are simple to exploit and can have severe consequences,

Read More
28 Jun 2022

US watchdog is worried cyber insurance won’t cover ‘catastrophic cyberattacks’

The US Government Accountability Office (GAO) has warned that catastrophic cyberattacks are not receiving an adequate federal response, especially in that the cyber-insurance industry falls short when it comes to certain types of major attacks. The government spending watchdog warns that although the cyber-insurance market has risen and matured over

Read More
24 Jun 2022

Google details commercial spyware that targets both Android and iOS devices

Google has warned its customers that an enterprise grade spyware strain is targeting both Android and iOS mobile device users in a recent Google Threat Analysis Group announcement. The spyware variant is reportedly in active circulation, according to the security team. Google has thus far identified victims in Italy and

Read More
24 Jun 2022

Yodel blames cyber incident for disruption and parcel-tracking problems

Delivery company Yodel stated that technical issues have disrupted its deliveries and services. The company has confirmed that they are working to resolve the disruptions that were caused by a cyber incident. Yodel also confirmed that as soon as they detected the cyber incident, an investigation was launched by internal

Read More
22 Jun 2022

New Toddycat APT Targets MS Exchange Servers in Europe and Asia

Researchers at Kaspersky have identified a new advanced persistent threat dubbed ToddyCat that is actively targeting Microsoft exchange servers in Europe and Asia. The threat actor is leveraging two tools that were formerly unknown to the security researchers who discovered the threat actor, referred to as Samurai backdoor and Ninja

Read More
22 Jun 2022

Phishing gang that stole millions by luring victims to fake bank websites is broken up by police

Europol has busted a phishing and fraud ring that was reportedly responsible for the theft of several millions of euros being stolen from victims. The perpetrators engaged in illicit activities such as scams, fraud, money laundering, and phishing to achieve their financial goals. Europol has also confirmed that some of

Read More
21 Jun 2022

Kazakh Govt. Used Spyware Against Protesters

Security company Lookout published a report last week detailing how a Kazakhstan government entity used spyware developed by Italian company RCS Lab against protestors. The government entity leveraged the enterprise grade spyware against domestic targets via brand impersonation that tricked recipients into clicking on malicious links. The spyware used has

Read More
21 Jun 2022

Google Chrome Extensions Could Be Used to Track Users Online

According to evidence created by a web developer known as ‘z0ccc,’ some Google Chrome extensions could be used to track users online. The developer created a website that is designed to generate a fingerprint of devices based on Google Chrome extensions installed on the browser that is visiting in order

Read More
21 Jun 2022

1.5 million customers impacted by Flagstar Bank data breach

Bleeping Computer has reported that a security incident impacting Flagstar Bank has led to the exposure of personal data belonging to roughly 1.5 million customers. The security incident reportedly occurred when an unauthorized third party gained access to the bank’s network. The security breach occurred between December 3 and December

Read More
20 Jun 2022

WordPress Updates More Than a Million Sites to Fix Critical Ninja Forms Vulnerability

Content Management system (CMS) provider WordPress has updated over one million sites in order to patch a critical vulnerability that affects a popular plugin known as Ninja Forms. Wordfence threat intelligence allegedly detected the flaw in June and reported it to the company. The details were explained in an advisory

Read More