- Microsoft employees exposed internal passwords in security lapse
April 9, 2024
Microsoft has resolved a security lapse that exposed internal company files and credentials to the open internet. Security researchers Can Yoleri, Murat Özfidan and Egemen Koçhisarlı with SOCRadar, a cybersecurity company that helps organizations find security weaknesses, discovered an open and public storage server hosted on Microsoft’s Azure cloud service that was storing internal information relating ...
- UK: Cyber security breaches survey 2024
April 9, 2024
Cyber security breaches and attacks remain a common threat. Half of businesses (50%) and around a third of charities (32%) report having experienced some form of cyber security breach or attack in the last 12 months. This is much higher for medium businesses (70%), large businesses (74%) and high-income charities with £500,000 or more in annual ...
- Thousands of LG TVs are vulnerable to takeover
April 9, 2024
As many as 91,000 LG TVs face the risk of being commandeered unless they receive a just-released security update patching four critical vulnerabilities discovered late last year. The vulnerabilities are found in four LG TV models that collectively comprise slightly more than 88,000 units around the world, according to results returned by the Shodan search engine ...
- Cybercrime on agriculture operations and businesses is on the rise
April 9, 2024
When it comes to cyberattacks, ransomware and electronic fraud, farms and ranches are attracting the interest of hackers because they see these agriculture operations as potentially lucrative targets that may not have up-to-date fraud protection tools in place. Cathy Lennon, general manager of the Ontario Federation of Agriculture, says every point along the agrifood chain has ...
- NHS board warns patients of further data leak after cyber attack
April 9, 2024
An NHS board has warned patients that further personal information could be leaked by cyber criminals who stole medical data in a major cyber attack. A large amount of confidential data was taken from NHS Dumfries and Galloway during a sustained hacking attack. Last week, INC Ransom, an extortion operation, posted a message on its dark ...
- Critical takeover vulnerabilities in 92,000 D-Link devices under active exploitation
April 8, 2024
Hackers are actively exploiting a pair of recently discovered vulnerabilities to remotely commandeer network-attached storage devices manufactured by D-Link, researchers said Monday. Roughly 92,000 devices are vulnerable to the remote takeover exploits, which can be remotely transmitted by sending malicious commands through simple HTTP traffic. The vulnerability came to light two weeks ago. The researcher said ...
- ScrubCrypt Deploys VenomRAT with an Arsenal of Plugins
April 8, 2024
Last year, FortiGuard Labs uncovered the 8220 Gang’s utilization of ScrubCrypt to launch attacks targeting exploitable Oracle WebLogic Servers. ScrubCrypt has been described as an “antivirus evasion tool” that converts executables into undetectable batch files. It offers several options to manipulate malware, making it more challenging for antivirus products to detect. FortiGuard Labs recently discovered a ...
- Vet firm CVS hit by cyber-attack
April 8, 2024
Vet group CVS says it has been hit by a cyber-attack which has caused “considerable” disruption, particularly to its UK business. CVS, which runs about 500 veterinary practices globally and employs more than 9,000 people, said it had taken immediate action and its IT services had now been “securely restored” across most of the group. Read more… Source: ...
- Evolving Threat Landscape: A Deep Dive into Multichannel Attacks Targeting Retailers
April 8, 2024
Threat actors no longer operate in silos. Today, they use multiple channels such as SMS, email, fake web pages, and compromised cloud accounts. They use these various channels to establish persistence and compromise identities so that they can elevate privileges and move laterally. Proofpoint Threat Research recently observed campaigns in which threat actors used multichannel attacks ...
- UK: Warning to ‘stay on guard’ after Leicester council cyber-attack
April 5, 2024
People have been told to “stay on their guard” after a cyber-attack on Leicester City Council. Police were alerted after the authority was forced to disable its phone and computer systems on 7 March. While about 25 documents have been posted by the apparent attackers, they claim to have a much larger number. Read more… Source:,BBC News
- Improving Detection and Response: Making the Case for Deceptions
April 5, 2024
Let’s face it, most enterprises find it incredibly difficult to detect and remove attackers once they’ve taken over user credentials, exploited hosts or both. In the meantime, attackers are working on their next moves. That means data gets stolen and ransomware gets deployed all too often. And attackers have ample time to accomplish their goals. In ...