Brazilian Government Discloses Ransomware Attack On National Treasury Secretariat
he Brazilian Ministry of Economy has disclosed a ransomware attack on the internal network of the National Treasury Secretariat.
BadAlloc Vulnerability Affecting BlackBerry QNX RTOS: CISA
BadAlloc is a collection of vulnerabilities affecting multiple RTOSs and supporting libraries. A remote attacker could exploit CVE-2021-22156 to cause a denial-of-service condition or execute arbitrary code on affected devices.
Nearly 2 Million Terrorist Watchlist Records Leaked Online
Security researcher Bob Diachenko says he discovered a terrorist watchlist on July 19th that included information like the name, date of birth, and passport number of those listed in the database. The cluster also included “no-fly” indicators.
XSS Vulnerability Patched In WordPress Plugin ‘SEOPress’
The flaw made it possible for an attacker to inject arbitrary web scripts on a vulnerable site which would execute anytime a user accessed the “All Posts” page.
SEC Charges Pearson $1M For Misleading Investors About Cyber Breach
The Securities and Exchange Commission announced that Pearson plc, a London-based public company that provides educational publishing and other services to schools and universities, agreed to pay $1 million to settle charges that it misled investors about a 2018 cyber intrusion involving the theft of millions of student records, including dates of births and email addresses, and had inadequate disclosure controls and procedures.
Hacker Claims To Steal Data Of 100 Million T-Mobile Customers
The stolen data allegedly contains the data for approximately 100 million T-Mobile customers and can include customers’ IMSI, IMEI, phone numbers, customer names, security PINs, Social Security numbers, driver’s license numbers, and date of birth.
Hacker Returns Stolen Crypto Worth Over $610 Million
Hackers behind one of the biggest ever digital coin heists have now returned over half of the $610 million-plus they stole, the cryptocurrency platform targeted by the hack said on Thursday.
Hackers Reportedly Threaten To Leak Data From Gigabyte Ransomware Attack
The hackers who claim to have carried out the attack are reportedly threatening to release data from the company, including confidential documents from Intel, AMD, and American Megatrends.
Threat Actor Leaks One Million Stolen Credit Cards To The Deep Web
Last week, the D3Lab team of analysts spotted an underground forum called ‘AllWorld Cards’ on the deep web where a file containing one million credit cardholder records was shared for free.
FlyTrap Android Malware Hijacks Thousands Of Facebook Accounts
t least 140 countries since March 2021 and has spread to over 10,000 victims through social media hijacking, third-party app stores, and sideloaded applications.
Freshly Disclosed Vulnerability CVE-2021-20090 Bypass Authentication On Millions Of Routers
CVE-2021-20090 is a path traversal vulnerability that leads to an authentication bypass. When exploited, the attacker can take over control of the affected device.
Taiwanese Motherboard Manufacturer GIGABYTE Hit By RansomEXX Ransomware
Gigabyte, a Taiwanese manufacturer and distributor of computer hardware has been hit by the RansomEXX ransomware gang.
CISA Launches New Initiative To Combat Ransomware
The Cybersecurity and Infrastructure Security Agency (CISA) has officially unveiled the Joint Cyber Defense Collaborative (JCDC), a new effort to combat ransomware attacks by expanding info sharing between the public and private sectors, with Amazon, Google and Microsoft all signing onto the initiative.
Ransomware Attacks Hit Record 300 Million In 1st Half Of 2021: SonicWall
A new report from SonicWall found that attempted ransomware attacks skyrocketed in the first half of 2021, with 304.7 million attempted attacks seen by the company.
Multiple Vulnerabilities Patched In WordPress Download Manager
The Wordfence Threat Intelligence Team found two separate vulnerabilities, including a sensitive information disclosure as well as a file upload vulnerability which could have resulted in Remote Code Execution in some configurations on WordPress Download Manager, a WordPress plugin installed on over 100,000 sites.
NSA Issues Guidance On Securing Wireless Devices In Public Settings
the Cybersecurity Information Sheet, “Securing Wireless Devices in Public Settings” today to help National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) teleworkers identify potential threats and minimize risks to their wireless devices and data.
No More Ransom Saves Nearly €1 Billion In Ransomware Payments In 5 Years
The No More Ransom project celebrates its fifth anniversary after helping over six million ransomware victims recover their files and saving them almost €1 billion in ransomware payments.
Clubhouse Denied Data Breach Exposing Users Phone Number
The company also said that it continues to invest in industry-leading security practices as privacy and security are of the utmost importance to Clubhouse.
Nearly 4 Million Phone Number Of Clubhouse Users Allegedly Leaked On Hackers Forum
Nearly four million phone numbers of Clubhouse users have been allegedly leaked and are ‘up for sale’ on the Dark Web.