Tag: security
Global Russian hacking campaign steals data from government agencies
ESET uncovers a major cyber-espionage campaign It was attributed to APT28, AKA Fancy Bear The campaign leveraged multiple n-day and zero-day flaws For years now, Russian state-sponsored threat actors have been eavesdropping on email communications from governments across Eastern Europe, Africa, and Latin America. A new report from cybersecurity researchers…
Read More
Chrome patched this bug, but CISA says it’s still actively exploited
Google patched a new Chrome bug recently Now, CISA added that vulnerability to KEV, signaling abuse in the wild Federal agencies have three weeks to update Chrome The US Cybersecurity and Infrastructure Security Agency (CISA) added a new Chrome bug to its Known Exploited Vulnerabilities (KEV) catalog, signalling abuse in…
Read More
Australian Human Rights Commission leaks docs and personal information in browser-indexing mishap
The Australian Human Rights Commission has inadvertently exposed data Personal information is included in the breach It’s not yet known what information specifically was included The Australian Human Rights Commission (AHRC) has sent a data breach notification that concerns attachments uploaded the the Commission’s web forms on its site. This…
Read More
Google removes Chrome admin privileges to reduce threat posed by dodgy extensions
A Microsoft dev has submitted an update to Chromium The update de-elevates Chrome, to run without admin privileges by default This should prevent malicious add-ons and extensions from operating freely Future versions of Chrome on Windows will most likely not run with admin privileges by default. That way, users should…
Read More
Largest US steel manufacturer puts production on the backburner after cyber attack
Nucor confirmed suffering a cyberattack It was forced to shut down parts of its operations to contain the incident No threat actors claimed responsibility yet Nucor, one of the biggest steel manufacturers in the United States, was forced to shut down parts of its operations to address an ongoing cyberattack.…
Read More
SAP NetWeaver woes worsen as ransomware gangs join the attack
BianLian, RansomEXX, and others, are jumping the NetWeaver bandwagon In late April, SAP fixed a 10/10 bug in NetWeaver Visual Composer Metadata Uploader Researchers claim there are 1,200 vulnerable instances Multiple ransomware operators are trying to take advantage of the recently discovered, maximum severity flaw, affecting SAP NetWeaver Visual Composer.…
Read More