Might need a mass password reset one day? Read this first.
A common adage among cybersecurity professionals is that when it comes to cyber-attacks, it’s not a matter of if but when. Despite this certainty, organizations are often caught…
Category: Bleeping Computer
Ireland fines Meta $264 million over 2018 Facebook data breach
The Irish Data Protection Commission (DPC) fined Meta €251 million ($263.6M) over General Data Protection Regulation (GDPR) violations arising from a 2018 personal data breach…
Over 25,000 SonicWall VPN Firewalls exposed to critical flaws
Over 25,000 publicly accessible SonicWall SSLVPN devices are vulnerable to critical severity flaws, with 20,000 using a SonicOS/OSX firmware version that the vendor no longer supports.…
Texas Tech University System data breach impacts 1.4 million patients
The Texas Tech University Health Sciences Center and its El Paso counterpart suffered a cyberattack that disrupted computer systems and applications, potentially exposing the data…
FBI spots HiatusRAT malware attacks targeting web cameras, DVRs
The FBI warned today that new HiatusRAT malware attacks are now scanning for and infecting vulnerable web cameras and DVRs that are exposed online. As…
Kali Linux 2024.4 released with 14 new tools, deprecates some features
Kali Linux has released version 2024.4, the fourth and final version of 2024, and it is now available with fourteen new tools, numerous improvements, and deprecates some…
Malicious ads push Lumma infostealer via fake CAPTCHA pages
A large-scale malvertising campaign distributed the Lumma Stealer info-stealing malware through fake CAPTCHA verification pages that prompt users to run PowerShell commands to verify they…
Windows kernel bug now exploited in attacks to gain SYSTEM privileges
CISA has warned U.S. federal agencies to secure their systems against ongoing attacks targeting a high-severity Windows kernel vulnerability. Tracked as CVE-2024-35250, this security flaw…
ConnectOnCall breach exposes health data of over 910,000 patients
Healthcare software as a service (SaaS) company Phreesia is notifying over 910,000 people that their personal and health data was exposed in a May breach…
Rhode Island confirms data breach after Brain Cipher ransomware attack
Rhode Island State House (Image: MOHANN) Rhode Island is warning that its RIBridges system, managed by Deloitte, suffered a data breach exposing residents’ personal information after the…
New Android NoviSpy spyware linked to Qualcomm zero-day bugs
The Serbian government exploited Qualcomm zero-days to unlock and infect Android devices with a new spyware named ‘NoviSpy,’ used to spy on activists, journalists, and protestors.…
Winnti hackers target other threat actors with new Glutton PHP backdoor
The Chinese Winnti hacking group is using a new PHP backdoor named ‘Glutton’ in attacks on organizations in China and the U.S., and also in…