Security News

NATO is facing persistent cyber threats and takes cyber security seriously. NATO cyber experts are actively addressing incidents affecting some unclassified NATO websites.

TikTok is flooded with videos promoting fake nude celebrity photo leaks used to push referral rewards for the Temu online megastore. Lately, Temu referral codes on TikTok have taken a darker turn, with scammers creating videos that imply sensitive photos and videos of celebrities have been leaked.

Microsoft has patched a vulnerability that exposed 38TB of private data from its AI research division. The repository held 38TB of private data, secrets, private keys, passwords and the open-source AI training data.

The Microsoft AI research division accidentally leaked dozens of terabytes of sensitive data while contributing open-source AI learning models to a public GitHub repository. Microsoft linked the data exposure to using an excessively permissive Shared Access Signature token.

The International Joint Commission, a body that manages water rights along the US-Canada border, has confirmed its IT security was targeted, after a ransomware gang claimed it stole 80GB of data from the organization. "The International Joint Commission has experienced a cybersecurity incident, and we are working with relevant organizations to investigate and resolve the situation," a spokesperson for the org told The Register.

Ransomware group nicked info from employee of airline, say researchers Aerospace giant Airbus has fallen victim to a data breach, thanks in part to the inattention of a third party.…

An Atlas VPN zero-day vulnerability affecting the Linux client leaks a user's real IP address simply by visiting a website. Atlas VPN is a VPN product that offers a cost-effective solution based on WireGuard and supports all major operating systems.

The LockBit ransomware group has breached Zaun, a UK-based manufacturer of fencing systems for military sites and critical utilities, by compromising a legacy computer running Windows 7 and using it as an initial point of access to the wider company network. "At the time of the attack, we believed that our cyber-security software had thwarted any transfer of data. However, we can now confirm that during the attack LockBit managed to download some data, possibly limited to the vulnerable PC but with a risk that some data on the server was accessed. It is believed that this is 10 GB of data, 0.74% of our stored data. LockBit will have potentially gained access to some historic emails, orders, drawings and project files, we do not believe that any classified documents were stored on the system or have been compromised."

A new sextortion scam is making the rounds that pretends to be an email from the adult site YouPorn, warning that a sexually explicit video of you was uploaded to the site and suggesting you pay to have it taken down. Threat actors have created various email extortion scams, including ones that pretend to be hitman contracts, bomb threats, CIA investigations, threats of installing ransomware, and threats to infect your family with Coronavirus.

A new sextortion scam is making the rounds that pretends to be an email from the adult site YouPorn, warning that a sexually explicit video of you was uploaded to the site and suggesting you pay to have it taken down. In sextortion email scams the scammers pretend to have images or videos of you performing sexual acts and then demand money not publicly to publish them.