Have some tips? Write it down and share it to your friends!
Click Login Now button to start!
News
Cyber Security Related News
The cybersecurity landscape has seen a shocking increase in ransomware payments, soaring over 500% recently. According to Sophos' "State of Ransomware 2024" report, organizations now pay an average of $2 million, up from $400,000 last year. Similarly, RISK & INSURANCE reported median ransom demands jumping to $20 million in 2023 from $1.4 million in 2022, with payments climbing to $6.5 million from $335,000 in the same period.
This rise highlights the...
July 3, 2024 18:27 (on 7/4/24) | 0 | 1 minute read
Since April 2022, the Black Basta ransomware group has attacked over 500 organizations in North America, Europe, and Australia. A report from CISA, FBI, HHS, and MS-ISAC shows that they have targeted 12 of the 16 main critical infrastructure sectors, encrypting and stealing data. Black Basta commonly uses phishing and known software flaws to break in, then demands money by threatening to publish stolen data if not paid. Instead of giving a ransom amount u
Source:
Dropbox, the cloud storage services provider, disclosed a significant breach affecting its digital signature service, Dropbox Sign (formerly known as HelloSign). This breach, discovered on April 24, 2024, resulted in unauthorized access by unidentified threat actors to user emails, usernames, and general account settings associated with all users of the digital signature product. Additionally, for certain subsets of users, the attackers accessed...
May 8, 2024 22:52 (on 5/9/24) | 0 |
2 minutes read
Google has delayed its plan to remove third-party tracking cookies from its Chrome browser amid ongoing concerns from U.K. regulators about its Privacy Sandbox initiative. The company is working closely with the U.K. Competition and Markets Authority (CMA) to address these issues and hopes to reach an agreement by the end of the year.
The new timeline involves beginning the phase-out of...
April 25, 2024 21:39 (on 4/26/24) | 0 |
2 minutes read
Binarly's recent findings reveal a security loophole in the Lighttpd web server utilized within baseboard management controllers (BMCs), left unaddressed by major device manufacturers like Intel and Lenovo. Originally discovered and patched by Lighttpd maintainers in August 2018, the absence of a CVE identifier or advisory led to its oversight by developers of AMI MegaRAC BMC, thus integrating it into Intel and Lenovo products.
Google has unveiled support for the V8 Sandbox in its Chrome web browser, aiming to combat memory corruption issues. According to Samuel Groß, the V8 Security technical lead, the sandbox prevents the spread of memory corruption within the host process.
Described as a lightweight, in-process sandbox for the JavaScript and WebAssembly engine, the V8 Sandbox mitigates common vulnerabilities....
April 8, 2024 17:26 (on 4/9/24) | 0 |
2 minutes read
Malicious advertisements and counterfeit websites have become conduits for disseminating two distinct types of stealer malware, notably Atomic Stealer, targeting users of Apple's macOS operating system. Jamf Threat Labs has released a report highlighting ongoing attacks aimed at extracting sensitive data from macOS users. The attackers behind these campaigns employ diverse methods to compromise victims' Macs, stealing valuable...
April 1, 2024 18:39 (on 4/2/24) | 0 |
2 minutes read
A recent phishing campaign targets U.S. organizations, aiming to deploy the NetSupport RAT, a remote access trojan. Tracked by Israeli cybersecurity firm Perception Point as Operation PhantomBlu, this campaign employs a sophisticated method by exploiting Microsoft Office's Object Linking and Embedding (OLE) template manipulation to execute malicious code, avoiding detection. NetSupport RAT, derived from the legitimate tool NetSupport Manager,...
March 25, 2024 22:49 (on 3/26/24) | 0 |
2 minutes read
Cybersecurity researchers have identified critical vulnerabilities within the third-party plugin ecosystem for OpenAI ChatGPT, shedding light on potential avenues for threat actors to exploit and gain unauthorized access to sensitive data. Recent findings from Salt Labs highlight security flaws within the ChatGPT platform itself and its accompanying plugin infrastructure, posing significant risks to user privacy and data...
March 18, 2024 19:17 (on 3/19/24) | 0 |
2 minutes read
The U.S. Department of Justice (DoJ) has unveiled charges against Linwei Ding, a 38-year-old Chinese national, and a California resident, for their alleged involvement in stealing proprietary information from Google while clandestinely collaborating with two Chinese tech firms. The indictment alleges that Ding, a former Google engineer, clandestinely siphoned off sensitive trade secrets to his account, facilitating the Chinese companies'...
March 12, 2024 22:25 (on 3/13/24) | 0 |
2 minutes read