Security News

The crooks said unless Nvidia releases a software update that removes its recent crypto-coin mining limiter, they will leak what sounds like internal hardware documents - a hw folder, specifically. NCC Group released figures indicating a huge jump in the use of ransomware, with America the top target at 53 per cent of monitored infections, and Europe at 30 per cent.

CybelAngel published a research revealing that data leaks and shadow assets are the greatest source of exposure to cyberattacks faced by large organizations across the globe. Based on data from a sample group of customers, the research report reveals that data leak incidents increased, overall, by 63% and vulnerable shadow assets exposure grew by 40% in 2021.

The BlackCat ransomware group, aka ALPHV, has claimed responsibility for the recent cyber attack on Swissport that caused flight delays and service disruptions. BlackCat has now been seen by BleepingComputer to leak a minuscule set of terabytes of data supposedly obtained from the recent ransomware attack.

A vulnerability in Argo CD, used by thousands of orgs for deploying applications to Kubernetes, can be leveraged in attacks to disclose sensitive information such as passwords and API keys. Threat actors can exploit the vulnerability by loading a malicious Kubernetes Helm Chart YAML file onto the target system, allowing the extraction of sensitive information from other applications.

Just under two weeks ago, we wrote about an Apple Safari bug that could allow rogue website operators to track you even if they gave every impression of not doing so, and even if you had strict privacy protection turned on. That vulnerability, now known as CVE-2022-22594, showed up in Safari because of a bug in WebKit, the "Browser rendering engine", as these things are generally known, on which the Safari app is based.

The Red Cross is imploring threat actors to show mercy by abstaining from leaking data belonging to 515,000+ "Highly vulnerable" people that were stolen from a program used to reunite family members split apart by war, disaster or migration. The attack forced the ICRC, along with the wider Red Cross and Red Crescent network, to shut down the systems underpinning the Restoring Family Links site.

Bank Indonesia, the central bank of the Republic of Indonesia, has confirmed today that a ransomware attack hit its networks last month. During the incident, the attackers stole "Non-critical data" belonging to Bank Indonesia employees before deploying ransomware payloads on over a dozen systems on the bank's network, as CNN Indonesia reported.

Humanitarian organization the International Red Cross disclosed this week that it has fallen foul of a cyberattack that saw the data of over 515,000 "Highly vulnerable people" exposed to an unknown entity. The target of the attack was the organisation's Restoring Family Links operation, which strives to find missing persons and reunite those separated from their families due to armed conflict, migration, disaster, detention and other catastrophic events.

This is a unique form of cybercrime in that we can observe and analyze some of the criminal action via 'victim shaming' leak sites. Since January 2020, we have applied ourselves to identifying as many of these sites as possible to record and document the victims who feature on them.

A Microsoft developer document has leaked the company's plans for third-party widgets coming soon to the Windows 11 Widgets feature. With Windows 11, Microsoft converted the feature into a new app called 'Widgets,' which also pops up from the Windows taskbar.