Blog
India: Ayush Jharkhand Portal Breached, 320,000 Patients’ Records Exposed
The compromised data also contains sensitive information about doctors, including their PII, login credentials, usernames, passwords, and phone numbers. The data breach was initiated by a threat actor named "Tanaka".
Hackers Exploit MinIO Storage System Vulnerabilities to Compromise Servers
An unknown threat actor has been observed weaponizing high-severity security flaws in the MinIO high-performance object storage system to achieve unauthorized code execution on affected servers. Cybersecurity and incident response firm Security Joes said the intrusion...
New SuperBear Trojan Targets South Korean Activists
Civil society organizations in South Korea came under the brunt of a phishing attack that used a new RAT called SuperBear. The intrusion targeted an undisclosed activist, who received a malicious LNK file in late August, posing as a member of their organization. The...
X (Twitter) to Collect Biometric Data from Premium Users to Combat Impersonation
X, the social media site formerly known as Twitter, has updated its privacy policy to collect users’ biometric data to tackle fraud and impersonation on the platform. “Based on your consent, we may collect and use your biometric information for safety, security, and...
Threat Actors Exploit MS SQL Servers to Deploy FreeWorld Ransomware
A campaign named DB#JAMMER is utilizing poorly secured MS SQL servers to distribute Cobalt Strike and a ransomware strain called FreeWorld. Cybersecurity firm Securonix revealed that the attackers gain initial access by brute-forcing the MS SQL server, followed by...
Threat Actors Exploit MS SQL Servers to Deploy FreeWorld Ransomware
A campaign named DB#JAMMER is utilizing poorly secured MS SQL servers to distribute Cobalt Strike and a ransomware strain called FreeWorld. Cybersecurity firm Securonix revealed that the attackers gain initial access by brute-forcing the MS SQL server, followed by...
Everything You Wanted to Know About AI Security but Were Afraid to Ask
There’s been a great deal of AI hype recently, but that doesn’t mean the robots are here to replace us. This article sets the record straight and explains how businesses should approach AI. From musing about self-driving cars to fearing AI bots that could destroy the...
Chinese-Speaking Cybercriminals Launch Large-Scale iMessage Smishing Campaign in U.S.
A new large-scale smishing campaign is targeting the U.S. by sending iMessages from compromised Apple iCloud accounts with an aim to conduct identity theft and financial fraud. “The Chinese-speaking threat actors behind this campaign are operating a package-tracking...
Chrome Extensions can Steal Plaintext Passwords From Website Source Code
Given the lack of any security boundary between the extension and a site's elements, the former has unrestricted access to data visible in the source code and may extract any of its contents.
Vietnamese Cybercriminals Targeting Facebook Business Accounts with Malvertising
Victims are approached through various platforms ranging from Facebook and LinkedIn to WhatsApp and freelance job portals like Upwork. Another known distribution mechanism is the use of search engine poisoning to boost bogus software.
FREE GUIDE