Security News
Fidelity National Financial acknowledges data breach affecting 1.3 million customers
Fidelity National Financial has suffered a ransomware attack and resulting data breach which involved 1.3 million of its customers’ data.
Read MoreBalada Injector Infects Over 7,100 WordPress Sites Using Plugin Vulnerability
Thousands of WordPress sites using a vulnerable version of the Popup Builder plugin have been compromised with a malware called Balada Injector.
First documented by Doctor Web in January 2023, the campaign takes place in a series of periodic attack waves, weaponizing security flaws WordPress plugins to inject backdoor designed to redirect visitors of infected sites to bogus tech
Hacker spins up 1 million virtual servers to illegally mine crypto
A 29-year-old man in Ukraine was arrested this week for using hacked accounts to create 1 million virtual servers used to mine $2 million in cryptocurrency. […]
Read MoreCISA Adds 9.8 ‘Critical’ Microsoft SharePoint Bug to its KEV Catalog
It’s a tale as old as time: an old, long-since patched vulnerability that remains actively exploited.
Read MoreThe Week in Ransomware – January 12th 2024 – Targeting homeowners’ data
Mortgage lenders and related companies are becoming popular targets of ransomware gangs, with four companies in this sector recently attacked. […]
Read MoreGitLab warns of critical zero-click account hijacking vulnerability
GitLab has released security updates for both the Community and Enterprise Edition to address two critical vulnerabilities, one of them allowing account hijacking with no user interaction. […]
Read MoreJuniper warns of critical RCE bug in its firewalls and switches
Juniper Networks has released security updates to fix a critical pre-auth remote code execution (RCE) vulnerability in its SRX Series firewalls and EX Series switches. […]
Read MoreIvanti Connect Secure zero-days exploited to deploy custom malware
Hackers have been exploiting the two zero-day vulnerabilities in Ivanti Connect Secure disclosed this week since early December to deploy multiple families of custom malware for espionage purposes. […]
Read MoreVolt Typhoon Ramps Up Malicious Activity Against Critical Infrastructure
The Chinese state-sponsored APT has compromised as many as 30% of Cisco legacy routers on a SOHO botnet that multiple threat groups use.
Read MoreNew Rugmi Malware Loader Surges with Hundreds of Daily Detections
A new malware loader is being used by threat actors to deliver a wide range of information stealers such as Lumma Stealer (aka LummaC2), Vidar, RecordBreaker (aka Raccoon Stealer V2), and Rescoms.
Cybersecurity firm ESET is tracking the trojan under the name Win/TrojanDownloader.Rugmi.
“This malware is a loader with three types of components: a downloader that downloads an