Security News

The City of Wichita, Kansas, disclosed it was forced to shut down portions of its network after suffering a weekend ransomware attack. Wichita is the largest city in Kansas, with a population of 400,000 people, ranking it among the top 50 largest cities in the United States.

The BlackBasta ransomware / cyber extortion gang is behind the recent cyber attack that resulted in the temporary shutdown of operations at Synlab Italia. The group claimed the attack on their leak site on Saturday and says they have exfiltrated approximately 1.5 TB of company and customer data, employees' personal documents, as well as the results of customers' medical tests.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Finland's Transport and Communications Agency is warning about an ongoing Android malware campaign attempting to breach online bank accounts. The McAfee app is malware that will allow threat actors to breach victim's bank accounts.

Palo Alto firewalls: CVE-2024-3400 exploitation and PoCs for persistence after resets/upgradesThere are proof-of-concept techniques allowing attackers to achieve persistence on Palo Alto Networks firewalls after CVE-2024-3400 has been exploited, the company has confirmed on Monday, but they are "Not aware at this time of any malicious attempts to use these persistence techniques in active exploitation of the vulnerability." Okta warns customers about credential stuffing onslaughtCredential stuffing attacks have exploded this April, Okta warns, and advises its customers to use available tools to block access requests originating from residential proxies before authentication takes place.

The U.K.'s National Cyber Security Centre and other international cyber authorities, including the Federal Bureau of Investigation, have warned about pro-Russia hacktivist attacks targeting providers of operational technology. Pro-Russia hacktivists exploit both virtual network computing remote access software and default passwords to access the software components of internet-exposed industrial control systems associated with OT devices.

HPE Aruba Networking (formerly Aruba Networks) has released security updates to address critical flaws impacting ArubaOS that could result in remote code execution (RCE) on affected systems. Of...

Microsoft has highlighted a novel attack dubbed "Dirty Stream," which could allow malicious Android apps to overwrite files in another application's home directory, potentially leading to arbitrary code execution and secrets theft. Dirty Stream allows malicious apps to send a file with a manipulated filename or path to another app using a custom intent.

Yaroslav Vasinskyi, a Ukrainian national, was sentenced to 13 years and seven months in prison and ordered to pay $16 million in restitution for his involvement in the REvil ransomware operation. Law enforcement linked the long-term REvil affiliate to the Kaseya supply-chain ransomware attacks, which impacted over 1,500 companies worldwide.

AI-driven phishing attacks leverage AI tools to enhance the sophistication and effectiveness of phishing campaigns. AI automates and personalizes various aspects of the attack process, making phishing even more challenging to detect.