Cyber Security News

  • Cyber attack on councils across Greater Manchester leaves thousands vulnerable to phishing scam

    August 14, 2024

    A cyber attack on councils across Greater Manchester has left thousands of residents vulnerable to a phishing scam. The attack, which initially hit one borough last week and spread over the weekend, on software company Locata downed the housing websites for Manchester, Salford and Bolton councils. It has also led to thousands of users being sent ...

  • EastWind campaign: new CloudSorcerer attacks on government organizations in Russia

    August 14, 2024

    In late July 2024, we detected a series of ongoing targeted cyberattacks on dozens of computers at Russian government organizations and IT companies. The threat actors infected devices using phishing emails with malicious shortcut attachments. These shortcuts were used to deliver malware that received commands via the Dropbox cloud service. Attackers used this malware to download ...

  • Enzo Biochem ordered to cough up $4.5 million over lousy security that led to ransomware disaster

    August 14, 2024

    Biotech biz Enzo Biochem is being forced to pay three state attorneys general a $4.5 million penalty following a 2023 ransomware attack that compromised the data of more than 2.4 million people. New York’s attorney general Letitia James announced the news on Tuesday after an investigation into Enzo’s incident concluded, finding various cybersecurity malpractices that led ...

  • Palo Alto Networks CEO apologizes for happy hour display featuring women with lampshades on their heads

    August 14, 2024

    Cybersecurity giant Palo Alto Networks is getting a lot of grief for a recent trade show event in which two women posed with lampshades on their heads. The debacle — which unflatteringly recalls the CES booth babes of the early ’90s and 2000s — reportedly happened at a happy hour hosted by CyberRisk Collaborative and sponsored ...

  • New Windows Cyber Attacks Confirmed – CISA Says Update By September 3

    August 14, 2024

    Microsoft has released the monthly round of Patch Tuesday security updates, with fixes for a total of 90 vulnerabilities across the Windows ecosystem. Of these, the Microsoft Security Response Center warns that five Windows vulnerabilities have confirmed and active cyber attacks against them already. So serious are these zero-day security issues that the U.S. Cybersecurity and ...

  • Turkish intelligence dismantles global cyber espionage network

    August 13, 2024

    The Turkish National Intelligence Organization (MIT) has successfully dismantled a global cyber espionage network that had stolen personal data from thousands of individuals worldwide, including in Türkiye. In a coordinated effort with the Turkish Gendarmerie General Command and the National Cyber Incident Response Center (USOM), MIT carried out the operation as part of an investigation led ...

  • Musk Blames DDoS Attack For 40-Minute Delayed Start to Trump’s X Livestream

    August 13, 2024

    Technical difficulties delayed former President Donald Trump’s live conversation with Elon Musk on X by over 40 minutes. Musk blamed the issues on a distributed denial-of-service (DDoS) cyberattack, in which a bad actor seeks to overload a target server with traffic, rendering it unusable. His claims could not be verified. “We unfortunately had a massive distributed ...

  • ArtiPACKED: Hacking Giants Through a Race Condition in GitHub Actions Artifacts

    August 13, 2024

    This research reviews an attack vector allowing the compromise of GitHub repositories, which not only has severe consequences in itself but could also potentially lead to high-level access to cloud environments. This is made possible through the abuse of GitHub Actions artifacts generated as part of organizations’ CI/CD workflows. A combination of misconfigurations and security flaws ...

  • FBI investigating attempts to hack Biden-Harris and Trump campaigns

    August 12, 2024

    Federal investigators are looking into whether Iranian hackers targeted individuals associated with the Trump and Biden-Harris campaigns, three people familiar with the investigation confirmed to CBS News. The FBI launched the probes in the early summer, after both presidential campaigns experienced attempted phishing schemes targeting people on the campaign, the sources said. Iran-backed cybercriminals are the ...

  • EU’s Breton says Musk must comply with EU law ahead of Trump interview

    August 12, 2024

    EU industry chief Thierry Breton told billionaire Elon Musk in a letter on Monday he must comply with EU law ahead of Musk’s interview with U.S. presidential candidate Donald Trump on social media platform X. The interview, scheduled for 8PM Eastern Time (0000 Tuesday GMT), will also be accessible to users in the EU, Breton wrote, ...

  • Ongoing Social Engineering Campaign Refreshes Payloads

    August 12, 2024

    On June 20, 2024, Rapid7 identified multiple intrusion attempts by threat actors utilizing techniques, tactics, and procedures (TTPs) that are consistent with an ongoing social engineering campaign being tracked by Rapid7. The initial lure being utilized by the threat actors remains the same: an email bomb followed by an attempt to call impacted users and offer ...