News – April 2024


  • DHS: Applications Open for FY24 Targeted Violence and Terrorism Prevention Grants

    April 15, 2024

    WASHINGTON – The Department of Homeland Security (DHS) today released the Fiscal Year (FY) 2024 Targeted Violence and Terrorism Prevention (TVTP) Grant Program Notice of Funding Opportunity (NOFO). Administered by the DHS Center for Prevention Programs and Partnerships (CP3) and the Federal Emergency Management Agency (FEMA), the TVTP Grant Program is the only federal government grant ...

  • SteganoAmor campaign: TA558 mass-attacking companies and public institutions all around the world

    April 15, 2024

    Researchers from the Positive Technologies Expert Security Center discovered more than three hundred attacks worldwide, which they confidently attributed to the well-known TA558 group. As originally described by researchers at ProofPoint, TA558 is a relatively small financially motivated cybercrime group that has attacked hospitality and tourism organizations mainly in Latin America, but has also been identified ...

  • Change Healthcare faces another ransomware threat – and it looks credible

    April 12, 2024

    For months, Change Healthcare has faced an immensely messy ransomware debacle that has left hundreds of pharmacies and medical practices across the United States unable to process claims. Now, thanks to an apparent dispute within the ransomware criminal ecosystem, it may have just become far messier still. In March, the ransomware group AlphV, which had claimed ...

  • More than 3 000 law enforcement authorities now connected to Europol

    April 12, 2024

    As of today, over 3 000 law enforcement authorities from more than 70 countries and international entities are connected to Europol’s secure information exchange channel, known as SIENA (‘Secure Information Exchange Network Application’). The platform enables the swift exchange of operational and strategic information among Europol, EU Member States and partner countries with which Europol has ...

  • “Highly capable” hackers root corporate networks by exploiting Palo Alto Networks firewall 0-day

    April 12, 2024

    Highly capable hackers are rooting multiple corporate networks by exploiting a maximum-severity zero-day vulnerability in a firewall product from Palo Alto Networks, researchers said Friday. The vulnerability, which has been under active exploitation for at least two weeks now, allows the hackers with no authentication to execute malicious code with root privileges, the highest possible level ...

  • Dutch chipmaker Nexperia hacked by cyber criminals

    April 12, 2024

    Dutch-headquartered chipmaker Nexperia was victim of a hacking attack by cyber criminals last month, the Chinese-owned company said on Friday, and was investigating the incident with the help of outside specialists. The company did not say if it had suffered any damage or losses as a result of the hack, but RTL said the cyber criminals ...

  • Roku says more than 500,000 accounts impacted in cyberattack

    April 12, 2024

    Streaming service provider Roku said on Friday it identified a second cyberattack that impacted about 576,000 additional accounts while investigating a breach that affected 15,000 user accounts earlier this year. The company, which had more than 80 million active accounts, said the hackers did not gain access to any sensitive information such as full credit card ...

  • Hackable Intel and Lenovo hardware that went undetected for 5 years won’t ever be fixed

    April 11, 2024

    Hardware sold for years by the likes of Intel and Lenovo contains a remotely exploitable vulnerability that will never be fixed. The cause: a supply chain snafu involving an open source software package and hardware from multiple manufacturers that directly or indirectly incorporated it into their products. Researchers from security firm Binarly have confirmed that the ...

  • Microsoft’s April 2024 Patch Tuesday includes two actively exploited zero-day vulnerabilities

    April 11, 2024

    The April 2024 Patch Tuesday update includes patches for 149 Microsoft vulnerabilities and republishes 6 non-Microsoft CVEs. Three of those 149 vulnerabilities are listed as critical, and one is listed as actively exploited by Microsoft. Another vulnerability is claimed to be a zero-day by researchers that have found it to be used in the wild. Let’s ...

  • Northern Ireland: No disciplinary action over multimillion-pound PSNI data breach

    April 11, 2024

    Jon Boutcher said the error that is set to cost hundreds of millions of pounds was due to a systems failure, as he insisted he not would preside over a “blame culture” within the PSNI. In August last year the details of almost 9,500 PSNI officers and staff were mistakenly published in response to a Freedom ...