BBC cyber attack exposes details of 25,000 current and former staff

The personal data of more than 25,000 former and current BBC employees has been exposed in a major cyber attack targeting the broadcaster’s pension scheme. Information including names, addresses and National Insurance numbers was compromised after files containing personal details Read More …

CVE-2024-24919: Check Point Security Gateway Information Disclosure

On May 28, 2024, Check Point published an advisory for CVE-2024-24919, a high-severity information disclosure vulnerability affecting Check Point Security Gateway devices configured with either the “IPSec VPN” or “Mobile Access” software blade. On May 29, 2024, security firm mnemonic Read More …

Europol: Largest ever operation against botnets hits dropper malware ecosystem

Between 27 and 29 May 2024 Operation Endgame, coordinated from Europol’s headquarters, targeted droppers including, IcedID, SystemBC, Pikabot, Smokeloader, Bumblebee and Trickbot. The actions focused on disrupting criminal services through arresting High Value Targets, taking down the criminal infrastructures and Read More …

Confluence Data Center and Server Remote Code Execution Vulnerability

The SonicWall Capture Labs threat research team became aware of a remote code execution vulnerability in the Atlassian Confluence Data Center and Server, assessed its impact and developed mitigation measures. Confluence Server is a software to manage documentation and knowledge Read More …

Exposed and vulnerable: Recent attacks highlight critical need to protect internet-exposed OT devices

Since late 2023, Microsoft has observed an increase in reports of attacks focusing on internet-exposed, poorly secured operational technology (OT) devices. Internet-exposed OT equipment in water and wastewater systems (WWS) in the US were targeted in multiple attacks over the Read More …

Northern Ireland: Disabled former police officers to receive damages for alleged data breach

Disabled former policemen and women in Northern Ireland are to receive undisclosed damages for an alleged data breach, their lawyer revealed today. Financial settlements were reached in legal action against the Charity Commission for Northern Ireland. Proceedings related to an Read More …

‘People’s lives are at risk’: Ascension ransomware attack going on nearly three weeks

A ransomware attack on a major US hospital network that began three weeks ago is endangering patients’ health as nurses are forced to manually enter prescription information and work without electronic health records, nurses at two hospitals affected by the Read More …

Data leak site BreachForums is back, boasting Live Nation/Ticketmaster user data. But is it a trap?

Notorious data leak site BreachForums appears to be back online after it was seized by law enforcement a few weeks ago. At least one of BreachForums domains and its dark web site are live again. However, questions have been raised Read More …