UnitedHealth Group has reportedly paid a ransom of $22 million to the ALPHV/Blackcat ransomware gang to regain access to data and systems encrypted during a cyberattack on its subsidiary, Change Healthcare. The payment was disclosed through a post on a Russian cybercriminal forum by an affiliate of
The North Korean threat actor Lazarus Group exploited a previously unknown vulnerability in the Windows operating system to help perform cyberattacks. This exploit, discovered by researchers at cybersecurity firm Avast, allowed the hackers to gain kernel-level access. According to Bleeping
What Does it Mean for Personal Privacy, Secure Communication, and Access to Information? Russian sources have announced that a ban on VPN services will go into effect on March 1st. The ban encompasses advertisements and websites that provide information about how to bypass blocked resources in
Despite recent global law enforcement efforts, the notorious LockBit ransomware gang has made a swift comeback and launched a new leak site on the dark web. This move comes after a coordinated crackdown on the criminal group, which involved the FBI, the UK's National Crime Agency, Europol, and
In a landmark operation that marks a significant blow to global cybercrime, federal authorities from the United States and the United Kingdom, in collaboration with international partners, have successfully disrupted the operations of the notorious LockBit ransomware gang. The operation,
Security researchers have identified a widespread campaign where cybercriminals are misusing Google Cloud Run to disseminate banking trojans, namely the malware known as Astaroth, Mekotio, and Ousaban. As reported by Cisco Talos researchers, the first surge of misuse was observed in September
A critical vulnerability in the Bricks Builder theme for WordPress, tracked as CVE-2024-25600, has been actively exploited by hackers. The flaw, affecting over 25,000 websites, allows unauthenticated attackers to execute arbitrary PHP code on a site or server. It was discovered by a security
A newly discovered critical vulnerability in Microsoft Outlook, CVE-2024-21413, poses a significant threat to users by enabling remote code execution (RCE) through emails with malicious links. This flaw, identified by Check Point researcher Haifei Li, allows threat actors to bypass built-in
A new malware, named Ov3r_Stealer, is spreading through fake job advertisements on Facebook. Discovered by Trustwave SpiderLabs, the threat actors behind the malware target users by offering bogus management positions, leading them to download a weaponized PDF. Within the file, the user is directed
Mastodon, an open source and decentralized social media platform, is currently in the midst of a security alert. Cybersecurity experts have disclosed a critical vulnerability, dubbed CVE-2024-23832, that leaves millions of accounts at risk of being hijacked by malicious actors. The flaw scored a
