Category: security
Subway reportedly hit by LockBit ransomware – but is it half-baked speculation?
Subway has allegedly suffered a data breach at the hands of none other than the notorious LockBit ransomware gang. According to The Register, the ransomware-as-a-service provider added the sandwich makers to its data leak site earlier this week after one of its affiliates made away with gigabytes of sensitive data.…
Read More
Apple iOS 17.3: How to Turn on iPhone’s New Stolen Device Protection
Apple’s iOS 17.3 introduces Stolen Device Protection to iPhones, which could stop phone thieves from taking over your accounts. Here’s how to enable it right now. Source
Read More
Dangerous TA866 malware returns with devious new phishing campaign
After a nine month hiatus, the infamous TA866 threat actor is back, a new report from cybersecurity researchers Proofpoint has claimed, having recently observed a large phishing campaign targeting people in North America. As per its report, Proofpoint says TA866 sent “several thousand emails” with subjects such as “Project achievements”,…
Read More
CISA is now warning government agencies to patch Ivanti flaws immediately
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning government agencies to patch recently discovered Ivanti flaws immediately, as they’re being used in the wild to compromise vulnerable endpoints. CISA’s alert warns Federal Civilian Executive Branch (FCEB) agencies of two flaws: CVE-2023-46805 (authentication bypass), and CVE-2024-21887 (code injection). The…
Read More
BreachForums hacking forum admin sentenced to 20 years supervised release
The owner and administrator of BreachForums, an infamous underground forum where hackers shared stolen data, malware, and other tools, has received his sentence.. In the Eastern District of Virginia, Conor Brian Fitzpatrick, alias Pompompurin was sentenced to time served, plus 20 years of supervised release, BleepingComputer reports. The first two…
Read More
Chinese hackers quietly exploited a VMware zero-day for two years
Chinese state-sponsored hackers known as UNC3886 have been abusing a zero-day vulnerability in VMware and Fortinet devices for years, experts have revealed. A report from Mandiant claims the group used the flaw to deploy malware, steal credentials, and ultimately exfiltrate sensitive data. The flaw in question is tracked as CVE-2023-34048.…
Read More