California: City of Hayward says computer network restored 2 weeks after cyberattack discovered

Officials in the city of Hayward announced that the city’s internal computer network has been restored following a ransomware attack that took systems down earlier this month. In a statement Thursday, city officials said the network was brought back on Read More …

CISA and Partners Release Joint Cybersecurity Advisory on Preventing Web Application Access Control Abuse

The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), the Cybersecurity and Infrastructure Security Agency (CISA), and the National Security Agency (NSA) are releasing a joint Cybersecurity Advisory (CSA), Preventing Web Application Access Control Abuse, to warn vendors, designers, developers, Read More …

A Tale of Two Cities’ water attacks

There have been more than 130 control system cyber incidents in water/wastewater utilities. Like Oldsmar and Discovery Bay, most of these incidents have occurred in small water utilities. Many of these incidents were not publicly disclosed, nor were the utilities Read More …

Uncovering an Iranian mobile malware campaign

During a recent proactive hunt for malicious mobile malware, Sophos X-Ops researchers from SophosLabs discovered a group of four credential-harvesting apps targeting customers of several Iranian banks. Most of the apps are signed using the same – possibly stolen – Read More …

Understanding Machine Learning Attacks, Techniques, and Defenses

Machine learning (ML) is a subset of Artificial Intelligence (AI), which enables machines and software to automatically learn from historical data to generate accurate output without being programmed to do so. Many leading organizations today have incorporated machine learning into Read More …

CardioComm, a provider of ECG monitoring devices, confirms cyberattack downed its services

CardioComm Solutions, a Canadian provider of consumer and professional-grade heart monitoring technologies, has been downed by an ongoing cybersecurity incident. The Toronto-based organization said on Tuesday that its business operations will be “impacted for several days and potentially longer” following Read More …

Ortivus’ electronic patient record system are down for some United Kingdom based customers due to a cyber-attack

On the evening of 18 July Ortivus’ systems were subject to a cyber-attack affecting UK customer systems within our hosted datacenter environment. The electronic patient records are currently unavailable and are until further notice handled using manual systems. No patients Read More …

CISA Releases Analysis of FY22 Risk and Vulnerability Assessments

CISA has released an analysis and infographic detailing the findings from the 121 Risk and Vulnerability Assessments (RVAs) conducted across multiple critical infrastructure sectors in fiscal year 2022 (FY22). The analysis details a sample attack path including tactics and steps Read More …

Wuhan Earthquake Monitoring Center suffers cyberattack from the US; investigation underway

The Wuhan Earthquake Monitoring Center has recently suffered a cyberattack launched by an overseas organization, the city’s emergency management bureau which the center is affiliated to said in a statement on Wednesday. This is another case of its kind following Read More …

Hibernating Qakbot: A Comprehensive Study and In-depth Campaign Analysis

In the ever-evolving landscape of cyber threats, banking trojans continue to pose a significant risk to organizations worldwide. Among them, Qakbot, also known as QBot or Pinkslipbot, stands out as a highly sophisticated and persistent malware active since 2007, targeting Read More …