Posts by External News-Site
Vans and North Face owner VF Corp hit by ransomware attack
American global apparel and footwear giant VF Corporation, the owner of brands like Supreme, Vans, Timberland, and The North Face, has disclosed a security incident that caused operational disruptions. […]
Read MoreQakBot Malware Resurfaces with New Tactics, Targeting the Hospitality Industry
A new wave of phishing messages distributing the QakBot malware has been observed, more than three months after a law enforcement effort saw its infrastructure dismantled by infiltrating its command-and-control (C2) network.
Microsoft, which made the discovery, described it as a low-volume campaign that began on December 11, 2023, and targeted the hospitality industry.
“Targets
MongoDB Suffers Security Breach, Exposing Customer Data
MongoDB on Saturday disclosed it’s actively investigating a security incident that has led to unauthorized access to “certain” corporate systems, resulting in the exposure of customer account metadata and contact information.
The American database software company said it first detected anomalous activity on December 13, 2023, and that it immediately activated its incident response
Crypto Hardware Wallet Ledger’s Supply Chain Breach Results in $600,000 Theft
Crypto hardware wallet maker Ledger published a new version of its “@ledgerhq/connect-kit” npm module after unidentified threat actors pushed malicious code that led to the theft of more than $600,000 in virtual assets.
The compromise was the result of a former employee falling victim to a phishing attack, the company said in a statement.
This allowed the attackers to gain
116 Malware Packages Found on PyPI Repository Infecting Windows and Linux Systems
Cybersecurity researchers have identified a set of 116 malicious packages on the Python Package Index (PyPI) repository that are designed to infect Windows and Linux systems with a custom backdoor.
“In some cases, the final payload is a variant of the infamous W4SP Stealer, or a simple clipboard monitor to steal cryptocurrency, or both,” ESET researchers Marc-Etienne M.Léveillé and Rene
Apple Releases Security Updates to Patch Critical iOS and macOS Security Flaws
Apple on Monday released security patches for iOS, iPadOS, macOS, tvOS, watchOS, and Safari web browser to address multiple security flaws, in addition to backporting fixes for two recently disclosed zero-days to older devices.
This includes updates for 12 security vulnerabilities in iOS and iPadOS spanning AVEVideoEncoder, ExtensionKit, Find My, ImageIO, Kernel, Safari
50K WordPress sites exposed to RCE attacks by critical bug in backup plugin
A critical severity vulnerability in a WordPress plugin with more than 90,000 installs can let attackers gain remote code execution to fully compromise vulnerable websites. […]
Read MoreLazarus hackers drop new RAT malware using 2-year-old Log4j bug
The notorious North Korean hacking group known as Lazarus continues to exploit CVE-2021-44228, aka “Log4Shell,” this time to deploy three previously unseen malware families written in DLang. […]
Read MoreMicrosoft: Mystery Group Targeting Telcos Linked to Chinese APTs
Analysis shows evidence the previously unknown Sandman group shares backdoor malware with various Chinese APT groups.
Read MoreResponsibly Implementing AI, the Unstoppable Force
Balancing the good and bad of AI/ML means being able to control what data you’re feeding into AI systems and solving the privacy issues to securely enable generative AI.
Read More