“Vote early and often” has been attributed to one of Illinois’ noted gangsters, Al Capone. Databases containing sensitive US voter information from multiple counties in Illinois were openly accessible on the Internet, revealing 4.6 million records. Cyber Researcher Jeremiah Fowler has discovered. These included driver's license numbers as well as full and partial Social Security Numbers and documents like death certificates and included voter records, ballots, multiple lists, and election-rel
All Articles (2533)
Sort by
RU President Vladimir recently offered to end the war in Ukraine if Kyiv agreed to drop its NATO membership ambitions and concede the four provinces of its territory that are claimed and occupied by Russian troops. The democratically elected Ukraine government swiftly rejected these terms. However, the Russian offer suggests that they do not see a near-term military victory in the disputed territory, which could be the motive behind the evolution of its cyberwar tactics in the overall military
Iranian state-backed actors have sought to access senior US political figures’ email accounts and launched “covert news sites” aimed at US readers as part of an increase in disinformation and cyber-attacks ahead of the country’s elections, Microsoft has said. A group run by Iran’s Revolutionary Guards in June sent a spear-phishing email, or personalized hacking attempt, to a “high-ranking official of a presidential campaign” from the compromised email account of a former senior adviser, the Mic
ADT Inc. said on 8 August a small percentage of its customers’ email addresses, phone number and postal addresses were stolen in a recent cybersecurity breach. The security company that provides residential and small business electronic security, fire protection, and other related alarm monitoring services throughout the US said it took prompt steps to shut down unauthorized access to databases of customer order information.[1]
The company said it has no reason to believe any banking or credit
Internal documents from Leidos Holdings Inc.[1] a leading IT services provider to various US government agencies including the Defense Department have been leaked online by hackers. The documents are believed to have been exfiltrated during a breach of a system operated by Diligent Corp., https://www.diligent.com which Leidos used for its operations.
The breach was initially reported earlier this year when Diligent Corp., a company providing governance, risk, and compliance (GRC) software, suff
A new security report released this week revealed a record-breaking $75 million ransom paid by a single victim to the Dark Angels ransomware gang earlier this year. The payment surpasses the previous highest known ransom of $40 million paid by insurance giant CNA to Evil Corp. The specific company involved has not been disclosed at the time of this writing. However, there are speculations that pharmaceutical giant Cencora ranked #10 on the Fortune 50 list, experienced a cyberattack in February
The government of Columbus, Ohio said it is aware of claims made by a ransomware gang that troves of sensitive city information are available for sale. The Rhysida ransomware group took credit on Wednesday for the 18 July, threatening to leak 6.5 terabytes of exfiltrated information from the city’s systems allegedly containing emergency services data, access to city cameras and more.
A city spokesperson said late last week they are aware of the matter but could not comment, adding that the situ
Last week, some of Microsoft’s apps were knocked offline in an intentional cyber-attack, it said in an update. The company’s attempts to stop the hack amplified it. That meant that some of its apps and features were offline for much of 31 July. It came just days after Windows PCs were hit by a huge outage that brought much of the world to a standstill, cancelling flights and delaying hospital appointments. That was the result of a bug in cybersecurity software made by third-party company Cro
KnowBe4, a US-based security vendor specializing in security awareness training, revealed that it accidentally hired a North Korean hacker who attempted to install malware within its systems. This incident serves as a stark reminder of the sophistication and reach of cyber threats. The company’s CEO, Stu Sjouwerman, shared the details in a blog post,[1] emphasizing that no data was compromised or stolen.
The hacker, posing as a software engineer for KnowBe4’s internal IT AI team, used a stolen
Cybercriminals are now able to purchase Generative AI (GenAI) account credentials on underground hacker markets along with other various illegal goods, according to new research.
The GenAI credentials include those that belong to users of ChatGPT, Quillbot, Notion, Huggingface, and Replit, among many others. Cybersecurity research teams say that the hackers are selling the credentials for roughly 400 GenAI accounts per day, usually stolen from corporate end users' computers after they've been
The nation-state threat actor known as SideWinder has been attributed to a new cyber espionage campaign targeting ports and maritime facilities in the Indian Ocean and Mediterranean Sea. The BlackBerry Research and Intelligence Team, which discovered the activity, said targets of the spear-phishing campaign include countries like Pakistan, Egypt, Sri Lanka, Bangladesh, Myanmar, Nepal, and the Maldives.
SideWinder, which is also known by the names APT-C-17, Baby Elephant, Hardcore Nationalist, R
Cybersecurity researchers have detailed widespread phishing campaigns targeting small and medium-sized businesses (SMBs) in Poland during May 2024 that led to the deployment of several malware families like Agent Tesla, Formbook, and Remcos RAT. Some of the other regions targeted by the campaigns include Italy and Romania. Attackers used previously compromised email accounts and company servers, not only to spread malicious emails but also to host malware and collect stolen data.
See: https:/
Spyware is malicious software engineered to covertly monitor and gather information from a user’s computer without their awareness or consent. It can record activities like keystrokes, browsing behavior, and personal information, often transmitting this data to a third party for espionage or theft.
FortiGuard Labs recently detected an attack exploiting the CVE-2021-40444 vulnerability in Microsoft Office. This flaw allows attackers to execute malicious code via specially crafted documents. In th
As renewable energy generation expands across the US, the federal government is becoming more concerned about vulnerabilities in new systems being a target for cyberattacks. The US FBI recently warned the US private sector and individual owners of renewable power of the potential for hacks, saying that reductions in the cost of implementing energy infrastructure and increased clean energy incentives will not only attract investors but also the attention of cybercriminals.
Government incentives,
The rise of generative artificial intelligence (gen AI) is colliding with elections worldwide, and consumers are worried. Research shows voters worldwide are nervous about political deepfakes, with some country's citizens being far more concerned than others.
See: https://redskyalliance.org/xindustry/deepfake-dangers
Singapore, Mexico, the US, and the UK are all holding general elections this year, and voters are concerned they cannot identify deepfakes. According to a report released by digi
KnowBe4, a cybersecurity company specializing in awareness training and simulated phishing, recently disclosed an attempted infiltration by a North Korean operative posing as a software engineer.[1] This incident sheds light on the evolving tactics of state-sponsored threat actors and underscores the need for enhanced security measures in hiring processes.
KnowBe4's CEO, Stu Sjouwerman, shared the details of the incident, saying, "We posted the job, received resumes, conducted interviews, perfor
Organizations rely on many different vendors to provide and support the technical infrastructure that runs their daily operations. But what if there’s a weak link somewhere in the supply chain? In the case of something like the cyberattack-induced outage at managed IT services provider CTS, it could mean organizations relying on these third-party services experiencing costly downtime and exposing their assets and sensitive content to cyber criminals. In the case of something like the SolarWinds
GitHub’s extensive community and features make it a continued target for threat actors. This week, security researchers identified a network of 3000 fake GitHub accounts pushing infostealing malware through the platform’s repositories as well as compromised WordPress sites. The malware Distribution-as-a-Service (DaaS), dubbed ‘Stargazers Ghost Network’, delivers variants of RedLine, Lumma Stealer, Rhadamanthys, RisePro, and Atlantida Stealer, all packaged in password-protected archives.
Attrib
In California, numerous local and federal lawsuits continue to pile up against Patelco Credit Union following a devastating cyber-attack that crippled the Dublin CA-based company’s online databases and left about half a million customers locked out of their accounts. If the suits are successful, Patelco could be facing damage payouts of as much as $5 billion, which equals half of the assets managed by the company.
So far, at least six federal and four state lawsuits, some of which seek class-ac
Delta Air Lines' slogan, "Keep Climbing," is a call to action that reflects the airline's culture of service and continuous improvement. Delta CEO Ed Bastian explained that the slogan is "What's the next mountain we're going to climb?" after reaching the top of one. There have been so many articles about the CrowdStrike disaster; here is another one. But when you see what Delta Airlines has been doing to passengers five days after this one piece of destructive code ate the Internet, you can n
