News – April 2024

  • Androxgh0st malware ramps up global attacks

    April 22, 2024

    More than 600 servers worldwide have been subjected to recent attacks with the Androxgh0st malware, reports Hackread. The U.S., India, and Taiwan accounted for the bulk of the impacted servers, which were compromised by Androxgh0st malware operators through web shells deployed via the exploitation of several security vulnerabilities, including CVE-2019-2725, CVE-2021-3129, and CVE-2024-1709, a report from ...

  • ToddyCat is making holes in your infrastructure

    April 22, 2024

    Kapersky researchers continue covering the activities of the APT group ToddyCat. In their previous article, they described tools for collecting and exfiltrating files (LoFiSe and PcExter). This time, the researchers have investigated how attackers obtain constant access to compromised infrastructure, what information on the hosts they are interested in, and what tools they use to extract ...

  • UK government cannot protect businesses and services from cyber attacks

    April 22, 2024

    UK businesses are rapidly losing confidence in the government’s ability to protect them from cyberattacks. This is according to a new report from cybersecurity researchers Armis, which states that the lack of faith is higher than anywhere else in Europe. To draft the report, Armis surveyed more than 2,600 global security and IT decision-makers, and included ...

  • Grindr facing UK lawsuit over alleged data protection breaches

    April 22, 2024

    Gay dating app Grindr is facing a mass data protection lawsuit in London from hundreds of users who allegedly had their private information, including HIV status, shared with third parties without consent, a law firm said on Monday. Austen Hayes, which said the lawsuit is being filed at London’s High Court, said thousands of Grindr users ...

  • MITRE says it was hit by hackers exploiting Ivanti flaws

    April 22, 2024

    The not-for-profit research and development organization MITRE suffered a cyberattack early this year, with the attack apparently hindering some operations, but there was no talk of stolen data. In a breach notification published on the MITRE website late last week, CEO and president Jason Providakes explained what happened and what the organization was doing about it. Read ...

  • Leicester street lights stuck on all day due to cyber attack

    April 22, 2024

    A cyber attack targeting Leicester City Council has led to some street lights being stuck on all day. The attack crippled the authority’s services seven weeks ago and led to confidential documents being published online by the hackers, including rent statements and applications to buy council houses. Read more… Source: MSN News Sign up for our Newsletter Related:

  • Discord’s updated Terms of Service are exactly the wrong response to its recent data breaches

    April 20, 2024

    It seems that Discord has been in the news for one reason or another lately, ranging from layoffs to massive privacy breaches and information theft by third parties. And now there’s something new on the horizon — one that may not seem like such a huge deal now but could cause massive issues later on down ...

  • Singapore: Personal information of parents, staff at 127 schools accessed in data security breach

    April 20, 2024

    A data breach at one of its vendors has resulted in the “unauthorised access” of names and email addresses of parents and staff from five primary and 122 secondary schools, the Ministry of Education (MOE) said on Friday (Apr 19). MOE said it was notified by Mobile Guardian that its user management portal had been breached ...

  • More ways Israel could strike Iran, from cyber attacks to assassinations

    April 20, 2024

    For years, the two countries in the Middle East targeted each other’s military and intelligence sites in cyber attacks. The best known, from Israel’s side, was Stuxnet – reportedly developed jointly by the U.S. and Israel — that struck the computer system of the Natanz nuclear site, an underground facility in central Iran. The New York ...

  • Italy: SYNLAB affected by cyber-attack

    April 19, 2024

    SYNLAB AG announces that SYNLAB Italy is affected by the consequences of a cyber-attack. As a precaution and in accordance with the SYNLAB IT security procedures, all IT systems in Italy have been immediately deactivated as soon as the attack was identified in the early morning of 18 April 2024. As a result of the incident, ...