Cybersecurity News

In a significant cybersecurity incident, Agence France-Presse (AFP), one of the world’s leading news agencies, has fallen victim to a sophisticated cyberattack. The breach, which occurred on September 27, 2024, has impacted the organization’s IT systems and content delivery services, raising concerns about the vulnerability of major media outlets to digital threats. The Nature and … Read more

In a significant development in the ongoing battle against cybercrime, law enforcement agencies have reported a new wave of arrests and sanctions targeting the notorious LockBit ransomware group. This latest action marks a crucial step in the global effort to dismantle one of the most prolific cybercriminal operations in recent years. Operation Cronos: A Continuing … Read more

A sophisticated phishing campaign exploiting Microsoft Sway, a cloud-based presentation tool, has been uncovered by cybersecurity researchers. The attack, which saw a staggering 2000-fold increase in July 2024, primarily targets Microsoft 365 users in Asia and North America, focusing on the technology, manufacturing, and financial sectors. Anatomy of the Attack: From Email to QR Codes … Read more

Cybersecurity researchers at Aqua Security have uncovered a new Distributed Denial of Service (DDoS) campaign targeting misconfigured Jupyter Notebook instances. This sophisticated attack, dubbed Panamorfi, leverages a Java-based tool called mineping to launch TCP flood attacks, raising concerns about the security of widely-used data science platforms. Understanding the Panamorfi Attack The Panamorfi campaign exploits internet-exposed … Read more

In a recent cybersecurity incident, white-hat hackers successfully exploited a vulnerability in the Ronin Network bridge, temporarily withdrawing $12 million worth of cryptocurrency. This ethical hack exposed a critical flaw that could have led to substantial losses if discovered by malicious actors. The Vulnerability and Its Potential Impact The ethical hackers managed to withdraw 4,000 … Read more

Cybersecurity researchers have uncovered a significant vulnerability in Windows Smart App Control and SmartScreen, two key security features designed to protect users from potentially malicious software. This flaw, which has reportedly been exploited by hackers since at least 2018, allows malicious actors to bypass security warnings and execute unauthorized software on Windows systems. Understanding Smart … Read more

Cybersecurity researchers at Certitude have unveiled a concerning vulnerability in Microsoft 365’s anti-phishing protection, potentially exposing users to sophisticated email-based attacks. This discovery highlights the ongoing challenges in safeguarding against evolving phishing techniques and underscores the importance of robust email security measures. Bypassing the First Contact Safety Tip The vulnerability centers around the “First Contact … Read more

In a significant development for online privacy and data protection, Meta Platforms Ireland Limited (MPIL) has been hit with a €91 million fine by the Irish Data Protection Commission (DPC). This penalty comes as a result of a years-long investigation into a major security oversight that left hundreds of millions of user passwords exposed in … Read more

In a sophisticated cyber attack uncovered by security experts at Volexity, the Chinese hacker group known as Evasive Panda has successfully compromised an unnamed internet service provider (ISP) to distribute malware through automatic software updates. This alarming development highlights the growing threat of supply chain attacks and the importance of secure update mechanisms. The Evasive … Read more

A large-scale malware campaign targeting Google Chrome and Microsoft Edge users has been uncovered by cybersecurity experts at ReasonLabs. This sophisticated attack has resulted in the installation of malicious browser extensions over 300,000 times, putting users’ data and privacy at significant risk. The Evolution of the Attack The campaign, active since 2021, has evolved from … Read more