12 Oct 2021

Iran-linked DEV-0343 targeting defense, GIS, and maritime sectors

Microsoft has released a new report pertaining to findings linked to the new DEV-0343 activity cluster that has been tracked by the company since late July of this year. Microsoft has allegedly observed the group conducting extensive password spraying against more than 250 Office365 tenants, focusing specifically on US and

Read More
08 Oct 2021

Twitch Leak Included Emails, Passwords in Clear Text

A researcher searched through the Twitch leak and reportedly found evidence of PayPal chargebacks with names, emails, and more information attached. Twitch users are being urged to change their passwords to prevent any additional attacks as many users’ emails and passwords were already leaked unhashed, unencrypted, and in cleartext. Researchers

Read More
07 Oct 2021

Data Breach Volumes for 2021 Already Exceed 2020 Total

The Identity Theft Resource Center has published a new report highlighting the fact that the number of publicly reported data breaches in 2021 has already surpassed the total for 2020. Therefore, 2021 will be a record year in terms of data breaches. In 2020, there were 1108 publicly reported data

Read More
07 Oct 2021

Canopy Parental Control App Wide Open to Unpatched XSS Bugs

The Canopy parently control app that allows parents to protect kids online via content inspection, is vulnerable to multiple serious cross-site scripting attacks that could lead to disabling monitoring, location tracking of children, and malicious redirects of parent console users. The flaws may also allow for an attacker to deliver

Read More
07 Oct 2021

Transdev denies data stolen by ransomware group, connects leak to September attack on client

Transdev, a French transportation giant, has denied recent speculations of a cyberattack after the LockBit ransomware group claimed to have 200GB of data pertaining to the company. LockBit has threatened to leak the data on October 10. Transdev addressed the claims, however, they maintain that the data may have been

Read More
06 Oct 2021

Afghan Female Musicians Evacuated to Qatar After Prior U.S.-Led Effort Fell Short

Members of an internationally renowned orchestra of Afghan women and girls have been evacuated from Afghanistan after negotiations took place between the Qatari government and Taliban leaders in Kabul. The musicians were finally evacuated a month after the US-led attempt to rescue the women and girls in the last days

Read More
06 Oct 2021

Hezbollah threatened top judge probing Beirut port blast, source says

New speculation that Hezbollah urged the Lebanese government to stop investigating the Beirut port blast has emerged. According to those familiar with the situation, high-ranking Hezbollah official Wafiq Safa issued a verbal warning to Judge Tarek Bitar via an unidentified intermediary. The intermediary was reportedly a known individual to the

Read More
06 Oct 2021

IP Surveillance Bugs in Axis Gear Allow RCE, Data Theft

Security researchers have uncovered three vulnerabilities located in Axis video products that could allow for multiple different cyberattacks, including arbitrary code execution. Nozomi Networks Labs have been investigating the flaws, which are located in the Axis Companion Recorder. This tool serves as a compact network video recorder that stores IP

Read More
06 Oct 2021

Apache HTTP Server Project patches exploited zero-day vulnerability

Apache HTTP Server Project developers are urging users to immediately implement a patch that resolves a zero-day vulnerability. According to a security advisory that was published yesterday, the bug is known to be actively exploited in the wild. Apache HTTP Server is an open-source project that focuses on the development

Read More
05 Oct 2021

New Python ransomware targets virtual machines, ESXi hypervisors to encrypt disks

A new strain of Python-based malware has been discovered by researchers, who observed it in a sniper campaign that was attempting to achieve encryption on a corporate system in less than three hours. The attack is one of the fastest recorded by Sophos researchers, who stated that the operators precision-targeted

Read More