Security News

The Toronto District School Board is warning that it suffered a ransomware attack on its software testing environment and is now investigating whether any personal information was exposed. TDSB is Canada's largest school board and the fourth largest in North America, responsible for the administration and management of 473 elementary, 110 secondary, and five adult education schools.

U.S. food chain giant Panera Bread is notifying employees of a data breach after unknown threat actors stole their sensitive personal information in a March ransomware attack. In breach notification letters filed with the Office of California's Attorney General, Panera said it detected what it describes as a "Security incident," took measures to contain the breach, hired external cybersecurity experts to investigate the incident, and notified law enforcement.

An OS command injection vulnerability in Windows-based PHP in CGI mode is being exploited by the TellYouThePass ransomware gang. Imperva says the attacks started on June 8, two days after the PHP development team pushed out fixes, and one day after Watchtowr researchers published a technical analysis of the flaw and proof-of-concept exploit code.

The Cyber Police of Ukraine has announced the arrest of a local man who is suspected to have offered their services to LockBit and Conti ransomware groups. The unnamed 28-year-old native of the...

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

The Ukraine cyber police have arrested a 28-year-old Russian man in Kyiv for working with Conti and LockBit ransomware operations to make their malware undetectable by antivirus software and conducting at least one attack himself. The Ukrainian police reported that the arrested individual was a specialist in developing custom crypters for packing the ransomware payloads into what appeared as safe files, making them FUD to evade detection by the popular antivirus products.

Threat actors linked to the Black Basta ransomware may have exploited a recently disclosed privilege escalation flaw in the Microsoft Windows Error Reporting Service as zero-day, according to new...

The Black Basta ransomware operation is suspected of exploiting a Windows privilege escalation vulnerability as a zero-day before a fix was made available. A report by Symantec says that CVE-2024-26169 has been actively exploited by the Cardinal cybercrime group, the operators of the Black Basta gang, noting that there's a good chance it was leveraged as a zero-day.

The TellYouThePass ransomware gang has been exploiting the recently patched CVE-2024-4577 remote code execution vulnerability in PHP to deliver webshells and execute the encryptor payload on target systems. TellYouThePass ransomware is known for quickly jumping on public exploits for vulnerabilities with a wide impact.

England's NHS Blood and Transplant has issued an urgent call to O Positive and O Negative blood donors to book appointments and donate after last week's cyberattack on pathology provider Synnovis impacted multiple hospitals in London. On June 4, operations at multiple large NHS hospitals in London were disrupted by the ransomware attack that the Russian cybercrime group Qilin launched on Synnovis.