News – June 2024

June 5, 2024

Hackers from the Main Intelligence Directorate (DIU) of Ukraine’s Ministry of Defense have attacked the electronic services of several Russian ministries and banking institutions, according to RBC-Ukraine source in the special services. According to Roskomnadzor (Federal Service for Supervision of Communications, Information Technology and Mass Media) , the disruption is allegedly linked to an accident in ...

June 5, 2024

High profile TikTok accounts, including CNN, Sony, and—er­—Paris Hilton have been targeted in a recent attack. CNN was the first account takeover that made the news, with Semafor reporting that the account was down for several days after the incident. According to Forbes, the attack happens without the account owner needing to click on or open ...

June 4, 2024

Generative AI systems are made up of multiple components that interact to provide a rich user experience between the human and the AI model(s). As part of a responsible AI approach, AI models are protected by layers of defense mechanisms to prevent the production of harmful content or being used to carry out instructions that go ...

June 4, 2024

The US debt collection agency Financial Business and Consumer Solutions (FBCS) has filed a data breach notification, listing the the total number of people affected as 3,226,631. FBCS is a nationally licensed, third-party collection agency that collects commercial and consumer debts, with most of its activity involving the recovery of consumer debts on behalf of creditors. ...

June 4, 2024

The FBI warns of scammers offering victims fake work-from-home jobs, typically involving a relatively simple task, such as rating restaurants or “optimizing” a service by repeatedly clicking a button. The scammers pose as a legitimate business, such as a staffing or recruiting agency,and may contact victims via an unsolicited call or message. Scammers design the fake ...

June 4, 2024

Rapid7 recently released our 2024 Attack Intelligence Report, a 14-month deep dive into the vulnerability and attacker landscape. The spiritual successor to their annual Vulnerability Intelligence Report, the AIR includes data from the Rapid7 research team combined with their detection and response and threat intelligence teams. It is designed to provide the clearest view yet into ...

June 4, 2024

Major hospitals in London have declared a critical incident after a cyber-attack led to operations being cancelled and emergency patients being diverted elsewhere. It applies to hospitals partnered with Synnovis – a provider of pathology services. King’s College Hospital, Guy’s and St Thomas’ – including the Royal Brompton and the Evelina London Children’s Hospital – and ...

June 4, 2024

Of the top five most widely used network attacks against SMBs, the ‘newest’ vulnerability represented were nearly three years old, while the oldest were over a decade old – which is primitive when considering the modern threat environment. The results are a clear reminder for CISOs and cybersecurity leaders that they must assess organizational threats based ...

June 3, 2024

The constantly evolving cyber risk landscape presents a formidable challenge to organizations, as businesses transform, scopes and boundaries shift, and bad actors develop new tactics and techniques to exploit vulnerabilities and compromise systems. With the rate of risk velocity increasing faster than the resources of most risk-focused teams, collaboration and working together smarter is one of ...

June 3, 2024

FortiGuard Labs has recently identified a sophisticated cyberattack involving an Excel file embedded with a VBA macro designed to deploy a DLL file. The attacker uses a multi-stage malware strategy to deliver the notorious “Cobalt Strike” payload and establish communication with a command and control (C2) server. This attack employs various evasion techniques to ensure successful ...