Threat actors are exploiting a zero-day vulnerability in the service management software SysAid to gain access to corporate servers for data theft and to deploy Clop ransomware. SysAid is a comprehensive IT Service Management (ITSM) solution that provides a suite of tools for managing various IT services within an organization. The Clop ransomware Read more…
Russian state hackers have evolved their methods for breaching industrial control systems by adopting living-off-the-land techniques that enable reaching the final stage of the attack quicker and with less resources. Security researchers highlight that the change opens the door to attacks that are more difficult to detect and don’t necessarily Read more…
OpenAI has been addressing “periodic outages” due to DDoS attacks targeting its API and ChatGPT services within the last 24 hours. While the company didn’t immediately provide any details on the root cause of these incidents, OpenAI confirmed earlier today that they’re linked to ongoing distributed denial-of-service (DDoS) attacks. “We are dealing with periodic Read more…
Security and data analytics company Sumo Logic disclosed a security breach after discovering that its AWS (Amazon Web Services) account was compromised last week. The company detected evidence of the breach on Friday, November 3, after discovering that an attacker used stolen credentials to gain access to a Sumo Logic Read more…
Russian financial organization Sberbank states in a press release that two weeks ago it faced the most powerful distributed denial of service (DDoS) attack in recent history. Sberbank is a majority state-owned banking and financial services company and the largest institute in Russia, holding about a third of all assets in Read more…
The Federal Bureau of Investigation is warning that ransomware threat actors are targeting casino servers and use legitimate system management tools to increase their permissions on the network. In a private industry notification, the agency says that third-party vendors and services are common attack vector. Ransomware gangs continue to rely Read more…
WhatsApp is rolling out a new privacy feature that helps Android and iOS users hide their location during calls by relaying the connection through WhatsApp servers. As the company’s engineering team explained today, the users’ location is hidden from other call participants by switching from the standard peer-to-peer direct connection Read more…
The operator of the Nokoyawa ransomware-as-a-service (RaaS), a threat actor known as ‘farnetwork’, built experience over the years by helping the JSWORM, Nefilim, Karma, and Nemty affiliate programs with malware development and operation management. A report from cybersecurity company Group-IB provides insight into farnetwork’s activity and how they gradually built their profile as a Read more…
Microsoft has recently removed from its store a fraudulent Ledger Live app for cryptocurrency management after multiple users lost at least $768,000 worth of cryptocurrency assets. Published with the name Ledger Live Web3, the fake application appears to have been present in the Microsoft Store since October 19 but the Read more…
Microsoft Authenticator will suppress suspicious authentication prompts to protect users against social engineering attacks. Microsoft has now enabled the security feature, which it unveiled back in August 2023. Microsoft Authenticator is a two-factor authentication software by Microsoft. It generates temporary codes for accounts added to the application, which are required Read more…