Johnson Controls International, a leading multinational conglomerate, has reported a staggering $27 million in expenses tied to the remediation of a ransomware attack that occurred in September 2023. The attack, which was first reported by BleepingComputer, was orchestrated by the Dark Angels
In a recent development, Ivanti has warned of new zero-day vulnerabilities in its Connect Secure VPN appliance, first exploited by Chinese state-backed hackers in early December 2023. Identified as CVE-2023-46805, CVE-2024-21887, CVE-2024-21888, and CVE-2024-21893, these flaws put customer networks
The first-ever Pwn2Own Automotive competition has concluded with hackers collectively earning a staggering $1,323,750 by exposing 49 zero-day vulnerabilities, primarily in Tesla vehicles. Organized by Trend Micro's Zero Day Initiative (ZDI) during the Automotive World conference, the event in
The BianLian ransomware group, notorious for its evolving strategies, has now intensified its focus on the healthcare and manufacturing sectors in the United States and Europe. This move signals a significant threat to data security and operational stability in these critical
In a series of coordinated cyberattacks, state-backed hackers have been exploiting critical zero-day vulnerabilities in Ivanti Connect Secure, a widely used VPN appliance. The vulnerabilities, identified as CVE-2023-46805 and CVE-2024-21887, have put numerous organizations at
Researchers have uncovered critical vulnerabilities in the POST SMTP Mailer WordPress plugin, which potentially puts over 150,000 websites at risk of takeover by malicious actors. The vulnerabilities were first reported by cybersecurity researchers Ulyses Saicha and Sean Murphy as part of
In a troubling development in cybersecurity, multiple information-stealing malware families have been found exploiting an undocumented Google OAuth endpoint, identified as "MultiLogin," to regenerate expired authentication cookies. This discovery, initially made by a developer named PRISMA in
McAfee's Mobile Research Team has uncovered a sophisticated Android backdoor, dubbed “Xamalicious”, that has compromised an estimated 338,300 devices worldwide. The malicious software, developed using Xamarin — an open-source framework for building Android and iOS apps with .NET and C# –- has been
Europol and ENISA (European Union Agency for Cybersecurity), national law enforcement from 17 countries, and private sector allies have uncovered a massive digital skimming campaign affecting 443 online merchants. Digital skimming, a form of cyberattack, involves stealing credit card information
Android users have something to worry about this holiday season, as a new variant of the Chameleon banking trojan has been identified. Concerningly, it’s capable of bypassing any biometric security measures to steal PINs and passwords. According to ThreatFabric, which first reported the malware, it