Security News > 2024
NCSC-FI has received 12 reports of Akira ransomware hitting Finnish organizations in 2023, and three of the attacks happened during Christmas vacations. "Of the ransomware malware cases reported to the Cybersecurity Center in December, six out of seven involved Akira family malware," they added.
As many as five different malware families were deployed by suspected nation-state actors as part of post-exploitation activities leveraging two zero-day vulnerabilities in Ivanti Connect Secure...
The threat actors associated with the Medusa ransomware have ramped up their activities following the debut of a dedicated data leak site on the dark web in February 2023 to publish sensitive data...
In a report published on Thursday, security shop Recorded Future warns that GitHub's infrastructure is frequently abused by criminals to support and deliver malware. GitHub domains are seldom blocked by corporate networks, making it a reliable hosting site for malware.
Picture a cybersecurity landscape where defenses are impenetrable, and threats are nothing more than mere disturbances deflected by a strong shield. Sadly, this image of fortitude remains a pipe...
GitLab has released security updates to address two critical vulnerabilities, including one that could be exploited to take over accounts without requiring any user interaction. Tracked...
Abstract: Smart devices are used to facilitate cyberattacks against both their users and third parties. While users are generally able to seek redress following a cyberattack via data protection legislation, there is no equivalent pathway available to third-party victims who suffer harm at the hands of a cyberattacker.
Food delivery company HelloFresh is nursing a £140,000 fine by Britain's data privacy watchdog after a probe found it had dispatched upwards of a staggering 79 million spam email and one million texts in just seven months. The Information Commissioner's Office says the company claimed messages were based on an opt-in statement, yet this statement did not include any reference to the sending of marketing messages via text.
A critical vulnerability in GitLab CE/EE can be easily exploited by attackers to reset GitLab user account passwords.Users who have two-factor authentication enabled on their account are safe from account takeover.
"The engineer was very skilled at gaslighting the management regarding such things, and without me present they feared he would just flim-flam his way out of trouble - and not for the first time," Alvin told On Call. The biz countered that the engineer had done good work for years, and had built the network from scratch.