Browsing Category
Incident Response
115 posts
Ivanti Warns of Active Exploitation of Newly Patched Cloud Appliance Vulnerability
Ivanti has revealed that a newly patched security flaw in its Cloud Service Appliance (CSA) has come under active exploitation in the wild.
The high-severity vulnerability in question is CVE-2024-8190 (CVSS score: 7.2), which allows remote code execution under certain circumstances.
"An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows
Largest crypto exchange in Indonesia pledges to reimburse users after $22 million theft
A major cryptocurrency exchange in Southeast Asia has paused operations after $22 million in coins was stolen this week.
New but ‘immature’ ransomware group CosmicBeetle targets small businesses
A group that researchers are calling CosmicBeetle has developed new ransomware and deployed it against small and medium-sized businesses, mostly in Europe and Asia, according to a new report.
Hospital system to pay $65 million for dark web data leak, including images of nude cancer patients
A Pennsylvania-based hospital network has agreed to a $65 million settlement in a class action suit tied to a massive data leak, including the publication of images of 600 nude cancer patients.
Chinese ‘Spamouflage’ operatives are mimicking disillusioned Americans online
A Chinese influence operation has ramped up its efforts to impact online discourse around the U.S. elections, creating fake personas across social media platforms to spread divisive messages about the state of the country.
FTC issues $3 million fine for security camera firm, issuing penalties for a range of violations
The Federal Trade Commission (FTC) said it will fine the security camera company Verkada $2.95 million over allegations that the firm’s poor security practices led to a hacker breaking into customers’ devices as well as accessing personal data.
‘Lifelock’ hacker pleads guilty to extorting medical clinics
An Idaho man who hacked and extorted medical clinics and a police department pleaded guilty on Tuesday in Georgia federal court to charges of computer fraud and abuse.
China-linked hackers target governments and more in Southeast Asia with new backdoors
A China-linked espionage group has been observed targeting government agencies, educational institutions and the communications industry with two custom backdoors, according to the new research.
FTC investigating Reddit plan to sell user content for AI model training
The Federal Trade Commission (FTC) is probing Reddit’s decision to license its user-generated content to artificial intelligence companies which would in turn use it to train models, the social media platform said in a Friday securities filing.
Fujitsu says it discovered malware on ‘multiple work computers’ that may expose customer data
Japanese tech corporation Fujitu warned its customers that personal information may have been obtained by hackers who deployed malware on multiple computers at the company’s offices.