Over the past few days, the security world has been abuzz with the discovery of a backdoor snuck into a compression utility called xz-utils. While this backdoor was effectively a near miss, getting caught before it became pervasive, it goes to show that with a bit of social engineering and laying low for a while, you...Read more...
This week, Lake Charles Memorial Health System (LCMHS) in Louisiana published a notice informing its patients of a cybersecurity incident that occurred back in October of this year. According to the notice, threat actors gained unauthorized access to the healthcare system’s internal network between October 20 and 21...Read more...
This week, the Health Sector Cybersecurity Coordination Center (HC3), which is part of the US Department of Health and Human Service (HHS), issued a report warning the healthcare industry about the threat posed by a new ransomware group that operates under the name “Royal.” This report comes a little over a month after the Biden administration Read more...
This week, the United States Department of Justice (DOJ) announced the seizure of seven domain names that cybercriminals used to carry out a cryptocurrency scam. The scam in question is known as a “pig butchering” scheme, as the scammers metaphorically led their victims to the slaughter. In these sorts of schemes, the...Read more...
On Monday, the US Department of Justice (DOJ) revealed that Internal Revenue Service – Criminal Investigation (IRS-CI) Special Agents raided James Zhong’s house in Gainesville, Georgia back in November 2021. The raid, which was authorized by a search warrant, resulted in the seizure of 50,676 Bitcoin. After...Read more...
Edward Snowden has gained Russian citizenship nine years after fleeing the United States and landing in Russia. On Monday, Russian president Vladimir Putin signed a decree granting citizenship to 75 foreigners residing in the country, with Snowden among them.
Snowden, a former NSA contractor, publicly exposed the...Read more...
Last week, a massive security breach rocked Uber, with a teenage hacker claiming credit for the incident. Then, over the weekend, someone claiming to be this same hacker leaked Grand Theft Auto (GTA) 6 gameplay footage on the GTA forums. The developer of the GTA series, Rockstar Games, later confirmed the authenticity...Read more...
The popular rideshare company Uber announced last evening that it was responding to a cybersecurity incident but didn’t provide any further details other than to say that the company was in contact with law enforcement. However, it didn’t take long for information regarding the incident to leak. An unknown threat...Read more...
Google has released a Chrome browser update which addresses a zero-day flaw that is currently under active attack. This is the fifth time this year that Google has put Chrome users in a situation where they should act swiftly to apply a patch to a critical security flaw. If you are a Chrome user, please check that you...Read more...
Wyze Cam devices are reported to have had a huge security flaw, and the company remained silent for three years about it. The software flaw was found by Bitdefender, and claims it reported the issues to Wyze all the way back in 2019.
Home security devices are meant to make you feel safer in the confines of your...Read more...
It seems that cybersecurity concerns are once again on the rise, as just this week, we reported on the surge in ransomware attacks. Now, researchers at Qualys have published a privilege escalation vulnerability within snap-confine, a software packaging, and deployment system for Linux Kernel-based operating systems...Read more...
Apple has released an update for your iPhone that you are going to want to download as soon as possible. Update iOS 15.3 includes a patch to fix a security vulnerability in Safari that could leak your browser history, as well as a second fix for a memory corruption bug that affects iOS, iPadOS, and macOS...Read more...
End-to-end Encryption for most people this is something invisible they never even think about, but for just about everyone who uses messaging apps such as Facebook Messenger, WhatsApp, Signal and many others, this is an absolute necessity for privacy.
In a recent report by Rolling Stone it was revealed that the UK...Read more...
In another example of social engineering’, an unpatchable bug has been discovered in iOS. This ultimate persistence bug makes you think your iPhone has been shut down when it hasn’t. Once in effect, it’s a trivial matter for nefarious individuals to activate your iPhone’s camera and microphone to spy on you.
The...Read more...
The iPhones used by at least nine US State Department employees have been compromised using the notorious Pegasus spyware provided by NSO Group, sources say. The recent cybersecurity intrusion, which began in the last several months, seems to be focused on State Department employees either in Uganda, or focused on...Read more...
You might have read a story earlier in the week about a US Navy destroyer's internet connection being "hacked" and taken over to stream Age of Empires to Facebook. A tale like that is comical until you consider the national security implications of such a thing. Fortunately, this particular story remains comical in...Read more...
Earlier this year, the Colonial Pipeline ransomware incident crippled fuel delivery to the Eastern Seaboard, sending people into a panic and decreasing the supply of gas, if only briefly. Amazingly, this is only the first time something of this scale has happened, but hopefully, it will be the last. The Department of...Read more...
In May, the biggest fuel provider to the U.S. eastern seaboard was hit with ransomware from Russian hacking group DarkSide. Colonial Pipeline decided to pay the ransom to decrypt some of its files to get back to operational status, but those efforts were hampered by a slow decryption tool offered by the attackers...Read more...
Though Microsoft Exchange servers are quickly being patched, hackers have been ramping up their efforts to take advantage of the situation while they still can. As such, the United States Cybersecurity and Infrastructure Security Agency (CISA), a division of Homeland Security, has hardened its requirements for...Read more...
Plex is a widely popular platform that allows you to curate all your media on a home server and stream it either within your home or over the internet to other PCs, Macs, smartphones, or tablets. Over the years, Plex has grown to include features like Live TV, podcasts, and even retro gaming to broaden its appeal to...Read more...
It seems getting hacked has become a near-daily occurrence that people should expect will happen at some point. Yesterday, people reported that Ubiquiti, a major vendor of internet of things (IoT) devices such as routers, security cameras, access points, and more, suffered a breach through a third-party cloud...Read more...
Over the weekend, it was announced that a nation-state actor had breached SolarWinds’ Orion service as early as Spring of this year. The Orion platform is an all-in-one solution for IT administration and monitoring, among other utilities. It is used by companies and governments worldwide, and it appears that the U.S...Read more...