Category: CYBER SECURITY

Microsoft has discovered five security flaws in the Paragon Partition Manager BioNTdrv.sys driver, with one of them actively exploited by ransomware gangs to gain SYSTEM privileges in Windows.

U.S. authorities have recovered $31 million in cryptocurrency stolen during 2021 cyberattacks on Uranium Finance, a DeFi protocol on Binance’s BNB Chain.

A new version of the Vo1d malware botnet has infected over 1.59 million Android TV devices in 226 countries, according to cybersecurity researchers at Xlab.

A cybercriminal accused of stealing and leaking data from over 90 companies worldwide has been arrested in Bangkok, Thailand.

Microsoft has taken down two widely used VSCode extensions, Material Theme – Free and Material Theme Icons – Free, from the Visual Studio Marketplace after cybersecurity researchers flagged them for containing potentially malicious code.

The data breach notification service Have I Been Pwned (HIBP) has added over 284 million compromised accounts after discovering a massive trove of stolen credentials on a Telegram channel.

DISA Global Solutions, a leading U.S.-based employee screening service provider, has announced a significant data breach impacting over 3.3 million individuals.

North Korea’s infamous Lazarus hacking group has been linked to a massive $1.5 billion cryptocurrency theft from the exchange Bybit. Experts say this is now the biggest crypto heist in history.

The Australian government has banned all Kaspersky Lab products and web services from its systems, saying they pose a serious security risk.

OpenAI has blocked multiple North Korean hacking groups from using its ChatGPT platform to research targets and develop hacking techniques.

Bybit has suffered the largest crypto theft in history, with hackers stealing $1.46 billion from the exchange earlier today.

Microsoft has issued a security alert regarding a high-severity elevation of privilege vulnerability in Power Pages, which hackers exploited as a zero-day attack.

Health Net Federal Services (HNFS) and its parent company, Centene Corporation, have agreed to pay $11.25 million to settle allegations of falsely certifying compliance with cybersecurity requirements under their Defense Health Agency (DHA) TRICARE contract.

HCRG Care Group, one of the largest independent healthcare providers in the U.K., has confirmed it is investigating a cybersecurity breach after a ransomware gang claimed to have stolen a vast amount of sensitive data.

The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI warned about the widespread impact of Ghost ransomware, which has breached victims across more than 70 countries.

Over 1.6 million clinical research records containing personally identifiable information (PII) and sensitive patient medical data have been exposed in a massive data breach.

A threat group, likely linked to Russia, is targeting Microsoft 365 accounts by exploiting a process called device code phishing.

Chinese state-backed hackers, known as Salt Typhoon (also tracked as RedMike), continue to target global telecommunications networks, exploiting unpatched Cisco IOS XE devices.

Security researchers have discovered a flaw in Amazon Web Services (AWS) that could allow unauthorized access to an AWS account simply by publishing an Amazon Machine Image (AMI) with a cleverly chosen name.

The Dutch Police (Politie) have dismantled the ZServers/XHost bulletproof hosting operation, taking down 127 servers that were allegedly used for illegal activities.