Szolgáltatóknak

Information allegedly exfiltrated by 8Base included invoices, receipts, personal and confidential data, accounting documents, employment contracts, confidential agreements, certificates, and other sensitive details.

Termite — which has already compromised seven victims, two of which are in the U.S. — was regarded by Cyble researchers to be a Babuk ransomware rebrand due to significant similarities between both strains' ransomware binaries.

We can anticipate a growing number of emerging vulnerabilities in the near future, emphasizing the need for an effective prioritization strategy.

The new administration wants fewer physical wars and more cyber ops – a policy aimed to counter the massive nation-state cyber campaigns of our adversaries.

While Sirius XM has allegedly engaged in the sharing of sensitive user data with unaffiliated third parties and other groups without notifying users and obtaining their consent, the MyRadar weather app, Miles travel rewards app, and Tapestri information rewards app have been accused of failing to secure data sharing permissions and inform users regarding their data privacy rights.

Under the proposed FCC rule, telecommunications entities would not only need to ensure their networks' defenses against "unlawful access and interception" but also be required to undergo yearly cybersecurity risk management plan certifications.

Such a crackdown on Manson Market — which commenced in late 2022 following a reported increase in fake phone calls spoofing bank employees — also resulted in the seizure of more than 50 of its servers containing over 200 TB of data, as well as the arrests of suspected hackers from Austria and Germany.

Nearly 150 employees of the financial entity have been compromised by Ogletree in a phishing campaign between October and November 2023 that sought to exfiltrate account credentials via company-spoofing phishing sites, the complaint alleged.

Intrusions leveraging CVE-2024-41713, which stems from insufficient input validation in MiCollab's NuPoint Unified Messaging component, could facilitate not only unauthenticated provisioning data access but also unauthenticated admin task execution, according to an analysis from watchTowr Labs.

Most severe of the vulnerabilities is the undocumented features inclusion issue, tracked as CVE-2024-52564, which could be exploited to facilitate remote firewall deactivation, device setting manipulation, and arbitrary OS command execution, according to Japan's Computer Emergency Response Team Coordination Center.