Cybersecurity
If you saw some odd posts coming from the @IndStatePolice Twitter account Saturday afternoon, it was not actually from Indiana State Police officers. Twitter accounts of celebrities, politicians, billionaires hacked in cryptocurrency scam…
Anonymous, the famed hacker collective, claimed on Sunday that they leaked the personal information of 120,000 Russian soldiers allegedly fighting in Ukraine. The soldiers' information, which included their names, dates of birth, addresses, unit affiliation and…
A 15-year-old security vulnerability has been disclosed in the PEAR PHP repository that could permit an attacker to carry out a supply chain attack, including obtaining unauthorized access to publish rogue packages and execute arbitrary code. "An attacker exploiting the first…
The City of London Police on Friday disclosed that it has charged two of the seven teenagers, a 16-year-old and a 17-year-old, who were arrested last week for their alleged connections to the LAPSUS$ data extortion gang. "Both teenagers have been charged with: three counts of…
DevOps platform GitLab has released software updates to address a critical security vulnerability that, if potentially exploited, could permit an adversary to seize control of accounts. Tracked as CVE-2022-1162, the issue has a CVSS score of 9.1 and is said to have…
The Cybersecurity and Infrastructure Security Agency (CISA) added seven vulnerabilities to its catalog of Known Exploited Vulnerabilities. The vulnerabilities added include an arbitrary file upload vulnerability in Trend Micro Apex Central; an insufficient access control issue in…
The Federal Bureau of Investigation (FBI) this week warned local government entities of ransomware attacks disrupting operational services, causing public safety risks, and causing financial losses. In a Private Industry Notification (PIN), the FBI underlined the significance…
Researchers at industrial cybersecurity firm Claroty have identified two serious vulnerabilities that could allow malicious actors to launch Stuxnet-style attacks against programmable logic controllers (PLCs) made by Rockwell Automation. Claroty on Thursday published a blog post…
A leading Spanish provider of business process outsourcing (BPO) services has admitted that a recent ransomware attack cost it tens of millions of dollars. Telefonica company Atento describes itself as one of the “top five” customer relationship management (CRM) and BPO…
Apple's expanding footprint in enterprise organizations appears to have made its technologies a growing focus area for security researchers. The company this week rushed out emergency patches for two zero-day vulnerabilities in its macOS and IOS technologies that the company…