Security News

Car maker Hyundai Motor Europe suffered a Black Basta ransomware attack, with the threat actors claiming to have stolen three terabytes of corporate data."Hyundai Motor Europe is experiencing IT issues, which the company is working to resolve as quickly as possible," Hyundai told BleepingComputer at the time.

Researchers suspect the criminals behind the Raspberry Robin malware are now buying exploits for speedier cyberattacks. An exploit developer is thought by infosec pros to be either on the Raspberry Robin payroll or a close contact that sells them to the group - most likely the latter.

Cisco has patched several vulnerabilities affecting its Expressway Series collaboration gateways, two of them rated as critical severity and exposing vulnerable devices to cross-site request forgery attacks.Unauthenticated attackers can exploit the two critical CSRF vulnerabilities patched today to target unpatched Expressway gateways remotely.

A widely reported story that 3 million electric toothbrushes were hacked with malware to conduct distributed denial of service attacks is likely a hypothetical scenario instead of an actual attack. Last week, Swiss news site Aargauer Zeitung published a story stating that an employee of cybersecurity firm Fortinet said 3 million electric toothbrushes had been infected with Java malware to conduct DDoS attacks against a Swiss company.

A widely reported story that 3 million electric toothbrushes were hacked with malware to conduct distributed denial of service attacks is likely a hypothetical scenario instead of an actual attack. Last week, Swiss news site Aargauer Zeitung published a story stating that an employee of cybersecurity firm Fortinet said 3 million electric toothbrushes had been infected with Java malware to conduct DDoS attacks against a Swiss company.

Security teams often operate in a silo, detached from the soft, human parts of the business like sales and marketing, which can lead to overlooking potential attack vectors that are evident from a business standpoint. In essence - learn the business to attack the business.

A threat group named 'ResumeLooters' has stolen the personal data of over two million job seekers after compromising 65 legitimate job listing and retail sites using SQL injection and cross-site scripting attacks. ResumeLooters primarily employs SQL injection and XSS to breach targeted sites, mainly job-seeking and retail shops.

The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) announced sanctions against six officials associated with the Iranian intelligence agency for attacking critical...

Russian state-sponsored actors have staged NT LAN Manager (NTLM) v2 hash relay attacks through various methods from April 2022 to November 2023, targeting high-value targets worldwide. The...

The maximum attack power rose from 800 Gbps to 1.6 Tbps. UDP floods continue to dominate, constituting 62% of DDoS attacks. In Q3/Q4, the longest attack duration lasted 9 hours, and the average length of attack was approximately an hour.