Following three years of intensive research, an international team of researchers have compiled the first ever ‘World Cybercrime Index’, which identifies the globe’s key cybercrime hotspots by ranking the most significant sources of cybercrime at a national level.

The Shadowserver Foundation identifies thousands of Ivanti VPN instances likely impacted by a recent remote code execution flaw.

Researchers uncover a fresh wave of the Raspberry Robin campaign spreading malware through malicious Windows Script Files (WSFs) since March 2024.
#attacks #breach #computer #cyber #data #hack #hacker #hacking #how #information #malware #network #news #ransomware #security #software #the #to #today #updates #vulnerability

Exclusive: Yossi Sariel unmasked as head of Unit 8200 and architect of AI strategy after book written under pen name reveals his Google account

When a hacker called the company that his gang claimed to breach, he felt the same way that most of us feel when calling the front desk: frustrated.

The phone call between the hacker, who claims to represent the ransomware gang DragonForce, and the victim company employee was posted by the ransomware gang on its dark web site in an apparent attempt to put pressure on the company to pay a ransom demand. In reality, the call recording just shows a somewhat hilarious and failed attempt to extort and intimidate a company’s rank-and-file employees.

Laptop and tablet accessories maker Targus disclosed that it suffered a cyberattack disrupting operations after a threat actor gained access to the company's file servers.

Streaming giant Roku has confirmed a second security incident in as many months, with hackers this time able to compromise more than half a million Roku user accounts.

In a statement Friday, the company said about 576,000 user accounts were accessed using a technique known as credential stuffing, where malicious hackers use usernames and passwords stolen from other data breaches and reuse the logins on other sites.

A previously unknown ransomware gang has been attacking Russian businesses with malware based on the leaked source code from the Conti hacking group.

The gang, which researchers at the Moscow-based cybersecurity company F.A.C.C.T. have dubbed “Muliaka," or Muddy Water in English, has left minimal traces from its attacks but has likely been active since at least December 2023.

On April 10, 2024, Volexity identified zero-day exploitation of a vulnerability found within the GlobalProtect feature of Palo Alto Networks PAN-OS at one of its network security monitoring (NSM) customers. Volexity received alerts regarding suspect network traffic emanating from the customer’s firewall. A subsequent investigation determined the device had been compromised. The following day, April 11, 2024, Volexity observed further, identical exploitation at another one of its NSM customers by the same threat actor.

Kaspersky analysis of the backdoor recently found in XZ, which is used in many popular Linux distributions and in OpenSSH server process.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence company Sisense, whose products are designed to allow companies to view the status of multiple third-party online services in a single dashboard.…

If you use FortiClientLinux, update immediately. Critical vulnerability could let attackers run code on your system. Patch now, get the details here.

The LockBit cybercriminal outfit appears to be planning a ransomware rebrand as the DarkVault, discovered after LockBit seemingly bungled the new website’s design.

Apple's updated spyware alert system now warns individual users of potential targeting by mercenary spyware attacks.

Rubycarp has been in operation for at least a decade, and its campaigns appear to overlap with other cybercrime groups, according to researchers at Sysdig.

French officials are visiting Washington for cybersecurity consultations as President Emmanuel Macron predicts Moscow will try to target the Games.

A hacker in El Salvador has released detailed information, including full names, birthdays, phone numbers, and social security numbers.

RansomHub, which is speculated to have some connection to ALPHV, has stolen 4TB of sensitive data from the beleaguered healthcare company.

As the creator of the world’s first smart home cybersecurity hub, Bitdefender regularly audits popular IoT hardware for vulnerabilities. This research paper is part of a broader program that aims to shed light on the security of the world’s best-sellers in the IoT space. This report covers vulnerabilities discovered while researching the LG WebOS TV operating system.