Lastpass says hackers accessed customer data in new breach

LastPass says unknown attackers breached its cloud storage using information stolen during a previous security incident from August 2022. The company added that, once in, the threat actors also managed to access customer data stored in the compromised storage service. Read More …

New details on commercial spyware vendor Variston

Threat Analysis Group (TAG) has been tracking the activities of commercial spyware vendors for years, using our research to improve the safety and security of Google’s products and share intelligence with our industry peers. TAG’s research underscores that the commercial Read More …

All India Institute of Medical Sciences restores e-Hospital data after cyber attack

The server at the All India Institute of Medical Sciences (AIIMS) in Delhi has been down for the eighth day in a row, and according to reports, more analysts from Delhi are under consideration for suspension for cybersecurity violations after Read More …

Crafty threat actor uses ‘aged’ domains to evade security platforms

A sophisticated threat actor named ‘CashRewindo’ has been using ‘aged’ domains in global malvertising campaigns that lead to investment scam sites. Malvertising involves the injection of malicious JavaScript code in digital ads promoted by legitimate advertising networks, taking website visitors Read More …

Cybersecurity laws to be updated to boost UK protection from cyber attacks

The UK’s cybersecurity laws will be updated to require outsourced IT providers to meet security standards as part of efforts to better protect supply chains, the Government has announced. The Network and Information Systems (NIS) Regulations will be updated so Read More …

Cloudflare finds a way through China’s network defences

Cloudflare has found a way to extend some of its services across the Great Firewall and into mainland China. “Performance and reliability for traffic flows across the mainland China border have been a consistent challenge for IT teams within multinational Read More …

Industry 4.0: Computer Numerical Controls (CNC) Machine Security Risks – Part 1

Computer numerical controls (CNCs) are machines used to produce products in a factory setting. They have been in use for many years, and in the last decade, their use has become more widespread due to increased connectivity. This increased connectivity Read More …

CISA Releases Seven Industrial Control Systems Advisories

CISA released seven (7) Industrial Control Systems (ICS) advisories on November 29, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for Read More …

Criminals use trending TikTok challenge to make data-stealing malware invisible

Malware-slinging miscreants are taking advantage of a trending TikTok challenge — and viewers’ dirty minds — to spread data-stealing malware via a phony app that’s had more than one million views so far. The new TikTok trend is called Invisible Read More …