Cybersecurity
Okta said Tuesday that a forensic investigation that it commissioned found that the hacker group Lapsus$ accessed two active customer tenants during the January breach of a third-party support firm. The threat actor “actively controlled” a workstation belonging to one…
In April 2013, pro-Assad online activists from Syria hacked into the Twitter account of the Associated Press and tweeted about a fake explosion at the White House that supposedly injured President Barack Obama, leading the U.S. stock market to temporarily dip by $136…
Conti — one of the most ruthless and successful Russian ransomware groups — publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. But new information confirms this pledge was always a lie, and that…
The Cybersecurity and Infrastructure Security Agency (CISA), the Department of Treasury, and the FBI issued a joint advisory Monday evening describing a North Korean state-sponsored hacking campaign that has been associated with cryptocurrency heists since at…
Three high-impact Unified Extensible Firmware Interface (UEFI) security vulnerabilities have been discovered impacting various Lenovo consumer laptop models, enabling malicious actors to deploy and execute firmware implants on the affected devices…
The Cybersecurity and Infrastructure Security Agency (CISA) has added three new security flaws to its list of actively exploited bugs, including a local privilege escalation bug in the Windows Print Spooler. This high severity vulnerability (tracked as CVE-2022-22718)…
Researchers at Google’s Project Zero said they tracked 58 cases of zero-day exploits “in the wild” in 2021 — the most ever detected and disclosed in a single year since the group began its work in mid-2014. The 2021 total is more than double the previous maximum, 28, tracked…
Gift card retailer Funky Pigeon has experienced a cyber-attack, leading the firm to temporarily suspend orders. Funky Pigeon, which is owned by WHSmith, revealed it had taken its systems offline as a precaution, preventing it from fulfilling customer orders…
The Emotet malware is having a burst in distribution and is likely to soon switch to new payloads that are currently detected by fewer antivirus engines. Security researcher monitoring the botnet are observing that emails carrying malicious payloads last month have…
Taiwanese hardware vendor QNAP urged customers on Monday to disable Universal Plug and Play (UPnP) port forwarding on their routers to prevent exposing their network-attached storage (NAS) devices to attacks from the Internet. UPnP is a set of insecure network…