Security News
Yakult Australia confirms ‘cyber incident’ after 95 GB data leak
Yakult Australia, manufacturer of a probiotic milk drink, has confirmed experiencing a “cyber incident” in a statement to BleepingComputer. Both the company’s Australian and New Zealand IT systems have been affected. Cybercrime actor DragonForce which claimed responsibility for the attack has also leaked 95 GB of data. […]
Read MoreWhat you should be doing when you receive an unsolicited One Time Passcode
If you receive an unsolicited One Time Passcode (OTP) for a service that you use, either as an SMS or Email you should be concerned and act immediately! Why should I be concerned? This basically means that your credentials have been stolen and someone is trying to gain access to your account. The only reason…
Read MoreMicrosoft Outlook Zero-Click Security Flaws Triggered by Sound File
Attackers can chain the vulnerabilities to gain full remote code execution.
Read MorePlay Ransomware Detection: Ongoing Ransomware Attacks Against Businesses and Critical Infrastructure in the U.S., South America, and Europe
At the end of November 2023, leading U.S. cybersecurity agencies, in collaboration with international partners, issued an alert covering LockBit 3.0 ransomware attacks as part of their #StopRansomware effort aimed at boosting cybersecurity awareness. Recently, another joint Cybersecurity Advisory came out aimed at notifying defenders of the ongoing attacks by the Play ransomware group. In […]
The post Play Ransomware Detection: Ongoing Ransomware Attacks Against Businesses and Critical Infrastructure in the U.S., South America, and Europe appeared first on SOC Prime.
Double-Extortion Play Ransomware Strikes 300 Organizations Worldwide
The threat actors behind the Play ransomware are estimated to have impacted approximately 300 entities as of October 2023, according to a new joint cybersecurity advisory from Australia and the U.S.
“Play ransomware actors employ a double-extortion model, encrypting systems after exfiltrating data and have impacted a wide range of businesses and critical infrastructure organizations in North
What Do CISOs Have to Do to Meet New SEC Regulations?
As stringent new SEC reporting rules take effect, CISOs need to assess internal processes and understand their responsibilities. But there’s a bright side.
Read MoreWill Putting a Dollar Value on Vulnerabilities Help Prioritize Them?
Zoom’s Vulnerability Impact Scoring System calculates the impact of a vulnerability to assign a cash payout for bugs, leading hackers to prioritize more severe flaws. Can it do the same for companies?
Read MoreVans and North Face owner VF Corp hit by ransomware attack
American global apparel and footwear giant VF Corporation, the owner of brands like Supreme, Vans, Timberland, and The North Face, has disclosed a security incident that caused operational disruptions. […]
Read MoreQakBot Malware Resurfaces with New Tactics, Targeting the Hospitality Industry
A new wave of phishing messages distributing the QakBot malware has been observed, more than three months after a law enforcement effort saw its infrastructure dismantled by infiltrating its command-and-control (C2) network.
Microsoft, which made the discovery, described it as a low-volume campaign that began on December 11, 2023, and targeted the hospitality industry.
“Targets
MongoDB Suffers Security Breach, Exposing Customer Data
MongoDB on Saturday disclosed it’s actively investigating a security incident that has led to unauthorized access to “certain” corporate systems, resulting in the exposure of customer account metadata and contact information.
The American database software company said it first detected anomalous activity on December 13, 2023, and that it immediately activated its incident response