More than 12,000 Santander employees in US affected by Snowflake breach
The Spanish banking giant was one of the first organizations to report a breach in the Snowflake incident, which is now known to have affected about 165 organizations.
Timeline and Details of the Change Healthcare Breach
Discover how this healthcare breach unfolds and learn crucial defense strategies. Dive into our expert analysis for actionable insights.
Facebook PrestaShop module exploited to steal credit cards
Hackers are exploiting a flaw in a premium Facebook module for PrestaShop named pkfacebook to deploy a card skimmer on vulnerable e-commerce sites and steal people's payment credit card details.
Rafel RAT, Android Malware from Espionage to Ransomware Operations
Android, Google’s most popular mobile operating system, powers billions of smartphones and tablets globally. Known for its open-source nature and flexibility, Android offers users a wide array of features, customization options, and access to a vast ecosystem of applications through the Google Play Store and other sources. However, with its widespread adoption and open environment comes the risk of malicious activity. Android malware, a malicious software designed to target Android devices, poses a significant threat to users’ privacy, security, and data integrity. These malicious programs come in various forms, including viruses, Trojans, ransomware, spyware, and adware, and they can infiltrate devices through multiple vectors, such as app downloads, malicious websites, phishing attacks, and even system vulnerabilities.
Mailcow Mail Server Flaws Expose Servers to Remote Code Execution
Discover critical vulnerabilities in Mailcow server software allowing remote code execution and XSS attacks.
UK government weighs action against Russian hackers over NHS records theft
National Crime Agency may take retaliatory measures after Qilin gang steals data covering 300m patient interactions
Threat Actor Claims AMD and Apple Breaches
Notorious threat actor IntelBroker is claiming to have © data from Apple and AMD
Project Naptime: Evaluating Offensive Security Capabilities of Large Language Models
At Project Zero, we constantly seek to expand the scope and effectiveness of our vulnerability research. Though much of our work still relies on traditional methods like manual source code audits and reverse engineering, we're always looking for new approaches. As the code comprehension and general reasoning ability of Large Language Models (LLMs) has improved, we have been exploring how these models can reproduce the systematic approach of a human security researcher when identifying and demonstrating security vulnerabilities. We hope that in the future, this can close some of the blind spots of current automated vulnerability discovery approaches, and enable automated detection of "unfuzzable" vulnerabilities.
London hospital attackers started leaking blood test data
Cybercriminals behind attacks disrupting at least five London hospitals leaked nearly 400 gigabytes of data, which reportedly included blood test information. Qilin ransomware started leaking data stolen from England National Health Service (NHS) partner Synnovis labs. According to reports from the BBC, the data includes patient names, dates of birth, NHS numbers, descriptions of blood tests, and other information.
Russian spies' hacking campaign is 'endangering' French diplomatic interests
An alert from France's ANSSI confirms several incidents that had previously been publicly reported and attributed to the Kremlin-backed hacking group that the French agency tracks as Nobelium.
US bans sale of Kaspersky software citing security risk from Russia
U.S. officials imposed the “first of its kind” ban arguing that Kaspersky threatens U.S. national security because of its links to Russia.
In China, AI transformed Ukrainian YouTuber into a Russian
Olga Loiek, a University of Pennsylvania student was looking for an audience on the internet – just not like this. Shortly after launching a YouTube channel in November last year, Loiek, a 21-year-old from Ukraine, found her image had been taken and spun through artificial intelligence to create alter egos on Chinese social media platforms. Her digital doppelgangers - like "Natasha" - claimed to be Russian women fluent in Chinese who wanted to thank China for its support of Russia and make a little money on the side selling products such as Russian candies.
Russians told to mobilise to inflict 'maximum harm' on West in response to sanctions
One of Russia's top security officials called on Thursday for Russians to mobilise to inflict "maximum harm" on Western societies and infrastructure as payback for increasingly tough sanctions being imposed on Moscow by the U.S. and its allies.
Ransom-War Part 3: Inflict Maximum Damage
Dmitry Medvedev’s June 13 call to do “maximum harm” to Western infrastructure is not so new: Russian strategists have thought about using ransomware to pressure adversary countries since at least 2016
Zero-Click Critical Microsoft Outlook Vulnerability. What You Need to Know.
Critical Microsoft Outlook vulnerability, CVE-2024-30103, and step-by-step instructions to force an update to all your end points.
All households in Scottish region to get alert about hackers publishing stolen medical data
The residents of Dumfries and Galloway are being warned their data was likely compromised in a February ransomware attack on the National Health Service (NHS).
UNC3944 Targets SaaS Applications
UNC3944 is a financially motivated threat group that carries significant overlap with public reporting of "0ktapus," "Octo Tempest," "Scatter Swine," and "Scattered Spider" and has been observed adapting its tactics to include data theft from software-as-a-service (SaaS) applications to attacker-owned cloud storage objects (using cloud synchronization tools), persistence mechanisms against virtualization platforms, and lateral movement via SaaS permissions abuse. Active since at least May 2022, UNC3944 has leveraged underground communities like Telegram to acquire tools, services, and support to enhance their operations.
Security bug allows anyone to spoof Microsoft employee emails
A researcher has found a way to impersonate Microsoft corporate email accounts, which could make phishing attacks harder to spot.
Suspected 'Scattered Spider' hacker, 22, reportedly arrested in Spain
Spanish newspaper Murcia Today reported that a British man was detained at Palma Airport as he prepared to board a flight to Italy.
New Wi-Fi Takeover Attack—All Windows Users Warned To Update Now
Microsoft has released a critical security update for users of all supported Windows versions as a new Wi-Fi compromise requiring no authentication has been confirmed.
Hackers Detail How They Allegedly Stole Ticketmaster Data From Snowflake
A ShinyHunters hacker tells WIRED that they gained access to Ticketmaster’s Snowflake cloud account—and others—by first breaching a third-party contractor.
Newly discovered: BadSpace backdoor delivered by high-ranking websites
Threat actors deliver fake software updates on websites for popular browsers: Sites with a high search engine ranking are at an increased risk.
Microsoft Refused to Fix Flaw Years Before SolarWinds Hack
Former employee says software giant dismissed his warnings about a critical flaw because it feared losing government business. Russian hackers later used the weakness to breach the National Nuclear Security Administration, among others.
New ARM 'TIKTAG' attack impacts Google Chrome, Linux systems
A new speculative execution attack named
Arm Warns of Actively Exploited Zero-Day Vulnerability in Mali GPU Drivers
Arm discloses a critical vulnerability (CVE-2024-4610) in Mali GPU Kernel Drivers. This flaw, actively exploited, affects versions from r34p0 to r40p0
Black Basta ransomware gang linked to Windows zero-day attacks
The Cardinal cybercrime group (Storm-1811, UNC4394), who are the main operators of the Black Basta ransomware, is suspected of exploiting a Windows privilege escalation vulnerability, CVE-2024-26169, before a fix was made available.
The mystery of an alleged data broker’s data breach
The breached data appears partly legitimate — if imperfect — but also widely available for sale by data brokers.
New York Times warns freelancers of GitHub repo data breach
The New York Times notified an undisclosed number of contributors that some of their sensitive personal information was stolen and leaked after its GitHub repositories were breached in January 2024.
entagon ran secret anti-vax campaign to undermine China during pandemic
The U.S. military launched a clandestine program amid the COVID crisis to discredit China’s Sinovac inoculation – payback for Beijing’s efforts to blame Washington for the pandemic. One target: the Filipino public. Health experts say the gambit was indefensible and put innocent lives at risk.
%2Fcdn.vox-cdn.com%2Fuploads%2Fchorus_asset%2Ffile%2F25490736%2F240129_D_IM742_1116.JPG?width=92&height=&ar=&mode=&format=avif&dpr=2)
Former head of NSA joins OpenAI board
OpenAI has appointed Paul M. Nakasone, a retired general of the US Army and a former head of the National Security Agency, to its board of directors.