LockBit Developer Rostislav Panev, a Dual Russian-Israeli Citizen, Arrested
KEY SUMMARY POINTS Arrest of Rostislav Panev: Dual Russian-Israeli national Rostislav Panev, a key developer for the LockBit ransomware group, was arrested in Israel in…
Month: December 2024
Malicious Rspack, Vant packages published using stolen NPM tokens
Three popular npm packages, @rspack/core, @rspack/cli, and Vant, were compromised through stolen npm account tokens, allowing threat actors to publish malicious versions that installed cryptominers.…
Our Santa wishlist: Stronger identity security for kids
Sorry for the headline, but we have to get creative to get anyone to read an article on a Friday like this one, even if…
US charges Russian-Israeli as suspected LockBit ransomware coder
The US Department of Justice has charged a Russian-Israeli dual-national for his suspected role in developing malware and managing the infrastructure for the notorious LockBit…
Is There a DDoS Attack Ceiling?
Today, it’s rare for a month to pass without reports of new distributed denial-of-service (DDoS) attacks. Lately, geopolitical instability and hacktivist groups (e.g., Anonymous Sudan and NoName057(16)) have driven attacks,…
Sophos Firewall vulnerable to critical remote code execution flaw
Sophos has addressed three vulnerabilities in its Sophos Firewall product that could allow remote unauthenticated threat actors to perform SQL injection, remote code execution, and…
Ditch The Cloud Security Labels to Nail Detection and Response
Today’s cloud security categories don’t do practitioners any favors when it comes to identifying the key requirements for detection and response in the cloud. This…
Builder.ai Database Misconfiguration Exposes 1.29 TB of Unsecured Records
KEY SUMMARY POINTS Unsecured Database: A publicly accessible Builder.ai database containing 3 million records (1.29 TB) was found without password protection or encryption, exposing critical…
Russia targets Ukraine sensitive data servers with Cyber Attacks
Russia appears to be tightening its grip on Ukraine through multiple means, simultaneously escalating military attacks and launching sophisticated cyber offensives. On the military front,…
Malicious Apps On Amazon Appstore Records Screen & Intercept OTP’s
Recently, researchers have discovered a relatively harmless app called “BMI CalculationVsn” on the Amazon App Store, masquerading as a normal health tool to steal data.…
Why Keir Starmer’s plan to rewire Whitehall needs an IT-rethink
In my personal experience, there are certain institutional barriers to productive and successful delivery of major projects in government. Indeed it may be that the…
Krispy Kreme breach, data theft claimed by Play ransomware gang
The Play ransomware gang has claimed responsibility for a cyberattack that impacted the business operations of the U.S. doughnut chain Krispy Kreme in November. Krispy…