The impact of compromised backups on ransomware outcomes

There are two main ways to recover encrypted data in a ransomware attack: restoring from backups and paying the ransom. Compromising an organization’s backups enables adversaries to restrict their victim’s ability to recover encrypted data and dial-up the pressure to Read More …

Phishing Attack Targets Apple Users With Password Resets

If you suddenly receive dozens of password-reset notifications on your iPhone, watch out: You’re probably facing a devious phishing attack targeting Apple users. The malicious tactic is intended to to trick iPhone users into handing over access to their Apple Read More …

Hackers threaten to release ‘huge volume’ of stolen NHS Scotland data

A cybercrime group has claimed it will release a large volume of NHS Scotland data stolen during a sustained hacking attack. INC Ransom, an extortion operation, has posted a message on its dark web blog, threatening to release three terabytes Read More …

Cambodia: Police target growing gambling, cybercrime

Deputy Prime Minister and Minister of Interior Sar Sokha has called on the National Police forces to intensify efforts in preventing and suppressing local crimes, including human trafficking, cybercrime and gambling. The appeal comes after authorities clamped down on over Read More …

New Gmail & M365 Warning As 2FA Security Bypass Hack Confirmed

The developers of a notorious 2FA account security bypass tool have launched an updated version of their ‘as-a-service’ kit that is targeting Microsoft 365 and Gmail account holders. Researchers from the Sekoia Threat Detection and Research team have published an Read More …

Illinois Tollway warns I-PASS customers of text message phishing scam

The Illinois Tollway is warning customers of an ongoing phishing scam that is targeting drivers by saying that they have outstanding tolls owed to the agency. According to a press release, the Tollway says that some customers have been receiving Read More …

Agenda Ransomware Propagates to vCenters and ESXi via Custom PowerShell Script

Since its discovery in 2022, the Agenda Ransomware group (also known as Qilin) has been active and in development. Agenda, which Trend Micro tracks as Water Galura, continues infecting victims globally with the US, Argentina, and Australia, and Thailand being Read More …

Secure by Design Alert Eliminating SQL Injection Vulnerabilities in Software

SQL injection – or SQLi – vulnerabilities remain a persistent class of defect in commercial software products. Despite widespread knowledge and documentation of SQLi vulnerabilities over the past two decades, along with the availability of effective mitigations, software manufacturers have Read More …

Air Europa says customer data may have been compromised in October breach

Spanish airline Air Europa said on Friday personal data of its customers may have been compromised in a security incident that was detected in October last year. The company’s investigation showed that name, ID card or passport details, date of Read More …

Ring doorbell owners warned of bank raiding attack as thieves target Brits

Home security gadgets like Ring doorbells are increasingly being targeted by cyber crooks and their nasty phishing campaigns. Cybersecurity experts at Trustwave have warned Ring customers – and owners of similar gadgets from other brands – that home security tech is Read More …