Upper Michigan: Cyber attack hits Sault Tribe offices

A ransomware attack that shut down gaming at all five Kewadin Casino locations also impacted other offices at an eastern Upper Peninsula tribe. The tribe made the announcement Monday and said it could be a week or more before regular Read More …

Ivanti Releases February 2025 Security Updates

Ivanti has released three security advisories in the February Security Update, which addresses vulnerabilities in Ivanti products. In the first advisory, two vulnerabilities were identified in Ivanti Cloud Services Application (CSA). The Ivanti CSA is an Internet appliance that provides Read More …

SonicOS SSL VPN Authentication Bypass Vulnerability (CVE-2024-53704)

A proof-of-concept (PoC) exploit has been published by security researchers for an authentication bypass vulnerability in the SonicOS SSL VPN component. SonicWall appliances provide virtual private network (VPN) and ‘next-gen’ firewall capabilities. SonicWall formally disclosed and released security updates addressing Read More …

The BadPilot campaign: Seashell Blizzard subgroup conducts multiyear global access operation

Microsoft is publishing for the first time their research into a subgroup within the Russian state actor Seashell Blizzard and its multiyear initial access operation, tracked by Microsoft Threat Intelligence as the “BadPilot campaign”. This subgroup has conducted globally diverse Read More …

Huge cyber attack under way – 2.8 million IPs being used to target VPN devices

A wide range of Virtual Private Network (VPN) and other networking devices are currently under attack by threat actors trying to break in to wider networks, experts have warned. Threat monitoring platform The Shadowserver Foundation warned about the ongoing attack Read More …

Apple fixes iPhone and iPad bug used in an ‘extremely sophisticated attack’

On Monday, Apple released updates for its mobile operating systems for iOS and iPadOS, which fixed a flaw that the company said “may have been exploited in an extremely sophisticated attack against specific targeted individuals.” In the release notes for Read More …

Scammers target Italian tycoons using defense minister’s AI-generated voice

Scammers target Italian tycoons using defense minister’s AI-generated voice on OpenAI Voice Engine Scammers used AI-generated voice of Italian Defense Minister Guido Crosetto in an atempts to steal millions of dollars from Italian business tycoons, according to reports. Crosetto said Read More …

Thai-Swiss-US Operation Nets Hackers Behind 1,000+ Cyber Attacks

Thai police arrested four European hackers in Phuket who allegedly stole $16 million through ransomware attacks affecting over 1,000 victims worldwide. The suspects, wanted by Swiss and US authorities, were caught in coordinated raids across four locations. Officers from Cyber Read More …

20 million OpenAI accounts offered for sale

A cybercriminal acting under the moniker “emirking” offered 20 million OpenAI user login credentials this week, sharing what appeared to be samples of the stolen data itself. A translation of the Russian statement by the poster says: “When I realized Read More …

Engineer IMI becomes latest British firm to be hit by cyber attack

Engineering group IMI confirmed it had been hit by a cyber attack just a week after rival Smiths Group said hackers had gained access to its global systems. Birmingham-headquartered IMI declined to disclose what data had been accessed in the Read More …