DICK’s Sporting Goods says confidential data exposed in cyberattack
DICK’S Sporting Goods, the largest chain of sporting goods retail stores in the United States, disclosed that confidential information was exposed in a cyberattack detected…
Category: Bleeping Computer
BlackSuit ransomware stole data of 950,000 from software vendor
Young Consulting is sending data breach notifications to 954,177 people who had their information exposed in a BlackSuit ransomware attack on April 10, 2024. Young…
US Marshals Service disputes ransomware gang’s breach claims
The U.S. Marshals Service (USMS) denies its systems were breached by the Hunters International ransomware gang after being listed as a new victim on the…
Notion exits Russia and will terminate accounts in September
Notion has announced it will exit the Russian market and is terminating all workspaces and accounts identified linked to users in the country. In an…
Windows 11 KB5041587 update adds sharing to Android devices
Microsoft has released the optional KB5041587 preview cumulative update for Windows 11 23H2 and 22H2, which adds sharing to Android devices and fixes multiple File…
Windows Downdate tool lets you ‘unpatch’ Windows systems
SafeBreach security researcher Alon Leviev has released his Windows Downdate tool, which can be used for downgrade attacks that reintroduce old vulnerabilities in up-to-date Windows…
Malware infiltrates Pidgin messenger’s official plugin repository
The Pidgin messaging app removed the ScreenShareOTR plugin from its official third-party plugin list after it was discovered that it was used to install keyloggers,…
Chinese Volt Typhoon hackers exploited Versa zero-day to breach ISPs, MSPs
The Chinese state-backed hacking group Volt Typhoon is behind attacks that exploited a zero-day flaw in Versa Director to upload a custom webshell to steal…
Park’N Fly notifies 1 million customers of data breach
Park’N Fly is warning that a data breach exposed the personal and account information of 1 million customers in Canada after hackers breached its network.…
How to identify unknown assets while pen testing
Hackers relentlessly probe your organization’s digital defenses, hunting for the slightest vulnerability to exploit. And while penetration testing serves as a valuable tool, there might…
Microsoft Sway abused in massive QR code phishing campaign
A massive QR code phishing campaign abused Microsoft Sway, a cloud-based tool for creating online presentations, to host landing pages to trick Microsoft 365 users…
Google tags a tenth Chrome zero-day as exploited this year
Today, Google revealed that it patched the tenth zero-day exploited in the wild in 2024 by attackers or security researchers during hacking contests. Tracked as CVE-2024-7965 and…