Cybersecurity

Indiana State Police Twitter account hacked

If you saw some odd posts coming from the @IndStatePolice Twitter account Saturday afternoon, it was not actually from Indiana State Police officers. Twitter accounts of celebrities, politicians, billionaires hacked in cryptocurrency scam…

Anonymous Leaks Personal Data of 120K Russian Soldiers Fighting in Ukraine

Anonymous, the famed hacker collective, claimed on Sunday that they leaked the personal information of 120,000 Russian soldiers allegedly fighting in Ukraine. The soldiers' information, which included their names, dates of birth, addresses, unit affiliation and…

15-Year-Old Bug in PEAR PHP Repository Could've Enabled Supply Chain Attacks

A 15-year-old security vulnerability has been disclosed in the PEAR PHP repository that could permit an attacker to carry out a supply chain attack, including obtaining unauthorized access to publish rogue packages and execute arbitrary code. "An attacker exploiting the first…

British Police Charge Two Teenagers Linked to LAPSUS$ Hacker Group

The City of London Police on Friday disclosed that it has charged two of the seven teenagers, a 16-year-old and a 17-year-old, who were arrested last week for their alleged connections to the LAPSUS$ data extortion gang. "Both teenagers have been charged with: three counts of…

GitLab Releases Patch for Critical Vulnerability That Could Let Attackers Hijack Accounts

DevOps platform GitLab has released software updates to address a critical security vulnerability that, if potentially exploited, could permit an adversary to seize control of accounts. Tracked as CVE-2022-1162, the issue has a CVSS score of 9.1 and is said to have…

CISA adds seven bugs to Known Exploited Vulnerabilities Catalog

The Cybersecurity and Infrastructure Security Agency (CISA) added seven vulnerabilities to its catalog of Known Exploited Vulnerabilities. The vulnerabilities added include an arbitrary file upload vulnerability in Trend Micro Apex Central; an insufficient access control issue in…

FBI Warns of Ransomware Attacks Targeting Local Governments

The Federal Bureau of Investigation (FBI) this week warned local government entities of ransomware attacks disrupting operational services, causing public safety risks, and causing financial losses. In a Private Industry Notification (PIN), the FBI underlined the significance…

New Vulnerabilities Allow Stuxnet-Style Attacks Against Rockwell PLCs

Researchers at industrial cybersecurity firm Claroty have identified two serious vulnerabilities that could allow malicious actors to launch Stuxnet-style attacks against programmable logic controllers (PLCs) made by Rockwell Automation. Claroty on Thursday published a blog post…

IT Services Giant Admits $42m Fallout from Ransomware Attack

A leading Spanish provider of business process outsourcing (BPO) services has admitted that a recent ransomware attack cost it tens of millions of dollars. Telefonica company Atento describes itself as one of the “top five” customer relationship management (CRM) and BPO…

Apple's Zero-Day Woes Continue

Apple's expanding footprint in enterprise organizations appears to have made its technologies a growing focus area for security researchers. The company this week rushed out emergency patches for two zero-day vulnerabilities in its macOS and IOS technologies that the company…