Security News
The Cactus ransomware gang claims they stole 1.5TB of data from Schneider Electric after breaching the company's network last month. As BleepingComputer first reported, the ransomware group gained access to the energy management and automation giant's Sustainability Business division on January 17th. The gang is now extorting the company, threatening to leak all the allegedly stolen data if a ransom demand is not paid.
Up to 97,000 Microsoft Exchange servers may be vulnerable to a critical severity privilege escalation flaw tracked as CVE-2024-21410 that hackers are actively exploiting. Currently, 28,500 servers have been identified as being vulnerable.
Hackers are actively exploiting a critical remote code execution flaw impacting the Brick Builder Theme to run malicious PHP code on vulnerable sites. The Bricks Builder Theme is a premium WordPress theme described as an innovative, community-driven visual site builder.
Wyze shared more details on a security incident that impacted thousands of users on Friday and said that at least 13,000 customers could get a peek into other users' homes."The outage originated from our partner AWS and took down Wyze devices for several hours early Friday morning. If you tried to view live cameras or events during that time you likely weren't able to. We're very sorry for the frustration and confusion this caused," the company says in emails sent to affected users.
Seemingly most critically, the [Russian] government told the ECHR that any intrusion on private lives resulting from decrypting messages was "Necessary" to combat terrorism in a democratic society. To back up this claim, the government pointed to a 2017 terrorist attack that was "Coordinated from abroad through secret chats via Telegram." The government claimed that a second terrorist attack that year was prevented after the government discovered it was being coordinated through Telegram chats.
ALPHV has now made a number of inflammatory allegations against both victims, which of course should be taken with a substantial grain of salt given that they are indeed criminals. "The claims are categorically false. We continue to have uninterrupted access to their network and are actively exfiltrating information," ALPHV alleged on its site.
The Anatsa banking trojan has been targeting users in Europe by infecting Android devices through malware droppers hosted on Google Play. Last summer, ThreatFabric warned of another Europe-focused Anatsa campaign that also used dropper apps hosted on Google Play, primarily fake PDF viewer apps.
Meta Platforms said it took a series of steps to curtail malicious activity from eight different firms based in Italy, Spain, and the United Arab Emirates (U.A.E.) operating in the...
Did you know that Network Detection and Response (NDR) has become the most effective technology to detect cyber threats? In contrast to SIEM, NDR offers adaptive cybersecurity with reduced false...
The Android banking trojan known as Anatsa has expanded its focus to include Slovakia, Slovenia, and Czechia as part of a new campaign observed in November 2023. "Some of the droppers in the...