Russian hackers target Ukrainian Telecoms with new ‘AcidPour’ malware
Cyber Safe
by Priyanka R
6d ago
A new variant of the data wiping malware AcidRain, known as AcidPour, has been discovered by SentinelOne’s threat intelligence team that may have been deployed in attacks targeting four telecom providers in Ukraine. AcidPour’s expanded capabilities would enable it to better disable embedded devices including networking, IoT, large storage (RAIDs), and possibly ICS devices running Linux x86 distributions. AcidPour is a variant of AcidRain, a wiper that was used to render Viasat KA-SAT modems operable at the onset of the Russo-Ukrainian war in early 2022 and cripple Ukraine’s military communicat ..read more
Visit website
Hackers earn $1,132,500 at Pwn2Own Vancouver
Cyber Safe
by Priyanka R
6d ago
Trend Micro’s Zero Day Initiative (ZDI) announced that security researchers earned $1,132,500 on the Pwn2Own Vancouver 2024 hacking competition for uncovering 29 unique zero-day vulnerabilities. Throughout the event, the researchers targeted software and products in the web browser, cloud-native/container, virtualization, enterprise applications, server, local escalation of privilege (EoP), enterprise communications, and automotive categories, all up-to-date and in their default configuration. The total prize pool was over $1,300,000 in cash prizes and a Tesla Model 3, which was won by Team Sy ..read more
Visit website
Chinese Earth Krahang hackers breach 70 orgs in 23 countries
Cyber Safe
by Priyanka R
1w ago
Trend Micro researchers uncovered a sophisticated campaign conducted by a threat actor tracked as Earth Krahang that breached 70 organizations worldwide. The campaign seems active since at least early 2022 and focuses primarily on government organizations. The group often exploited access to government infrastructure to target other government entities. The threat actors used this infrastructure to host malicious payloads, proxy attack traffic, and send spear-phishing emails to government-related targets, leveraging compromised government email accounts. The APT group also established access i ..read more
Visit website
Fujitsu suffered malware attack, confirms data breach
Cyber Safe
by Priyanka R
1w ago
Japanese tech giant Fujitsu discovered that several of its systems were infected by malware and threat actors may have stolen personal and customer information. Fujitsu is the world’s sixth largest IT services provider, employing 124,000 people and having an annual revenue of $23.9 billion. The company has a strong presence in the global market, operating in over 100 countries. The data breach announcement was published on the firm’s news portal stating that a major cybersecurity incident has compromised systems and data, including sensitive information of customers. After confirming the prese ..read more
Visit website
French employment agency data breach impacts up to 43M people
Cyber Safe
by Priyanka R
1w ago
France’s Employment Agency has suffered a data breach in its systems that could result in the leak or exploit of personal details of around 43 million potential users. France Travail, the French national employment agency, is responsible for registering unemployed individuals, providing financial aid, and assisting them in finding jobs. The agency announced that its IT systems and those of Cap Emploi, a government employment service that supports people with disabilities, were breached. According to France Travail, the hackers stole details belonging to job seekers registered with the agency i ..read more
Visit website
Acer Philippines reports data breach in third-party vendor hack
Cyber Safe
by Priyanka R
2w ago
Acer Philippines disclosed a data breach after employee data was compromised in an attack on a third-party vendor who manages the company’s employee attendance data after a threat actor leaked the data on a hacking forum. Acer Inc. is a Taiwanese multinational company that produces computer hardware and electronics. The hacked third-party company manages the Acer employee attendance data. Threat actors with the moniker ph1ns, leaked the stolen data on a hacking forum claiming that it was stolen from the HR department of the Taiwanese company. ph1ns published a link to download a stolen databas ..read more
Visit website
Hackers exploit WordPress plugin flaw to compromise 3,300 sites
Cyber Safe
by Priyanka R
2w ago
Hackers are breaching WordPress sites by exploiting a vulnerability in outdated versions of the Popup Builder plugin, infecting over 3,300 websites with malicious code. The flaw used in the attacks tracked as CVE-2023-6000, is a cross-site scripting (XSS) vulnerability impacting Popup Builder versions 4.2.3 and older, which was initially disclosed in November 2023. A Balada Injector campaign uncovered this year exploited the particular vulnerability to infect over 7100 websites, indicating that many site admins hadn’t patched quickly enough. Now Sucuri researchers report spotting a new campaig ..read more
Visit website
Ex Google engineer charged with stealing AI secrets
Cyber Safe
by Priyanka R
2w ago
A Chinese national who was a former Google software engineer has been charged with stealing intellectual property from the tech giant connected to its work on artificial intelligence (AI). Linwei Ding (aka Leon Ding), who was hired by Google in 2019, worked on developing software deployed in Google’s supercomputing datacenters. So, he had access to sensitive information regarding the AI models running on their servers. The indictment claimed that between May 2022 and May 2023, he began secretly uploading IP to a personal Google Cloud account – collecting over 500 files containing confidential ..read more
Visit website
Ukraine claims it hacked Russian Ministry of Defense servers
Cyber Safe
by Priyanka R
3w ago
The Main Intelligence Directorate (GUR) of Ukraine’s Ministry of Defense announced it had breached the Russian Ministry of Defense (Minoborony) servers as part of a special operation, and stolen confidential documents. The stolen documents include: Confidential documents, including orders and reports circulated among over 2000 structural units of the Russian military service. Software used by the Russian Ministry of Defense to encrypt and protect its data. Data that helped identify senior heads of structural units of the Minoborony, as well as deputies, assistants, and specialists who used so ..read more
Visit website
American Express credit cards exposed in third-party data breach
Cyber Safe
by Priyanka R
3w ago
American Express is warning customers that its credit cards were exposed in a third-party data breach after a merchant processor was hacked. This incident was not caused by a data breach at American Express, but rather at a merchant processor in which American Express Card member data was processed. In a data breach notification filed with the state of Massachusetts under “American Express Travel Related Services Company,” the company warned customers their credit card details may have been stolen. The breach has led to customers’ American Express Card account numbers, names, and card expirati ..read more
Visit website

Follow Cyber Safe on FeedSpot

Continue with Google
Continue with Apple
OR