Category: CYBER SECURITY

The Housing Authority of the City of Los Angeles (HACLA) has confirmed a cyberattack on its IT network following claims from the Cactus ransomware gang.

Okta published a surprising update to its security advisories disclosing a critical vulnerability that potentially allowed unauthorized logins.

LiteSpeed Cache, a widely used WordPress plugin with over six million active installs, has patched a critical vulnerability in its latest update that could have allowed unauthenticated visitors to gain administrative access.

Microsoft has issued a warning about a Chinese-operated botnet known as Quad7, or CovertNetwork-1658, which is actively targeting small office and home office (SOHO) routers to steal credentials through password-spray attacks.

Chinese hackers breached Verizon’s systems to target phones associated with Democratic presidential candidate Kamala Harris’s campaign, Reuters reports.

Russia has sentenced four members of the notorious REvil ransomware group to prison terms exceeding four years for distributing malware and illegally circulating payment tools.

Personal data, including passport and visa information, has been compromised in a cyber attack on a data firm contracted by Australia's Department of Home Affairs.

In February, a massive ransomware attack on Change Healthcare, a major processor of U.S. health insurance and medical records, led to the theft of private health information of over 100 million individuals.

The North Korean Lazarus hacking group has exploited a Google Chrome zero-day vulnerability, CVE-2024-4947, through a fake decentralized finance (DeFi) game targeting cryptocurrency users.

Cybersecurity researcher Jeremiah Fowler discovered a serious data breach involving the UN Trust Fund to End Violence against Women, revealing over 115,000 sensitive records.

A new wave of cyberattacks is targeting WordPress sites, installing malicious plugins that push information-stealing malware through fake software updates and error messages.

The Internet Archive has experienced another data breach, this time through their Zendesk email support platform.

Hackers have breached Comsecure, ESET’s exclusive partner in Israel, to send phishing emails to local businesses, delivering destructive data wipers disguised as antivirus software.

Cisco confirmed that it has taken its public DevHub portal offline following the leak of "non-public" data by a threat actor.

The FBI arrested Eric Council Jr., 25, in Athens, Alabama, in connection with the January 2024 hack of the Securities and Exchange Commission (SEC)’s social media account on X (formerly Twitter).

The stolen data, which surfaced in August, was listed for sale on the dark web in April by a group calling itself "USDoD."

A federal grand jury has indicted two Sudanese nationals, accusing them of controlling Anonymous Sudan, a notorious cybercriminal group responsible for launching tens of thousands of Distributed Denial of Service (DDoS) attacks on critical infrastructure and government agencies across the U.S. and globally.

A recent investigation revealed that Google Play, the official app store for Android, distributed more than 200 malicious applications over a year.

Jetpack, a popular WordPress plugin, has rolled out a critical security update to address a vulnerability that could potentially allow logged-in users to access forms submitted by other site visitors.