BMW, Mercedes, Toyota, and other popular carmakers use vulnerable APIs that could have allowed attackers to perform malicious activities. Cybersecurity researcher Sam Curry and his colleagues discovered many vulnerabilities in the vehicles manufactured by tens of carmakers and services implemented by vehicle solutions providers. The vulnerabilities could have been exploited by threat actors to perform […]
CyberNews reported that Cricketsocial.com, a social platform for the cricket community, exposed private customer data and admin credentials. Cricketsocial.com, is a social platform developed for the cricket community online. CyberNews discovered that a database used by the platform was left open online, it contains a huge trove of data. The Social platform for the cricket […]
Fortinet addressed multiple vulnerabilities impacting its products and warned of a high-severity command injection flaw in FortiADC. Cybersecurity vendor Fortinet addressed several vulnerabilities impacting its products. The compaby also warned customers of a high-severity command injection flaw, tracked as CVE-2022-39947 (CVSS score of 8.6), affecting the Application Delivery Controller FortiADC. The CVE-2022-39947 flaw is an […]
Researchers discovered a new Linux malware developed with the shell script compiler (shc) that was used to deliver a cryptocurrency miner. The ASEC analysis team recently discovered that a Linux malware developed with shell script compiler (shc) that threat actors used to install a CoinMiner. The experts believe attackers initially compromised targeted devices through a […]
US. rail and locomotive company Wabtec Corporation disclosed a data breach after it was hit with Lockbit ransomware attack. Wabtec Corporation is an American company formed by the merger of the Westinghouse Air Brake Company (WABCO) and MotivePower Industries Corporation in 1999. It manufactures products for locomotives, freight cars and passenger transit vehicles, and builds new locomotives up to 6,000 horsepower. The company employs […]
Synology fixed several critical flaws in its routers, including flaws likely demonstrated at the Pwn2Own 2022 hacking contest. Taiwanese NAS maker Synology published two new critical advisories in December. The first advisory is related to the most severe vulnerability addressed by the company, which is a critical out-of-bounds write issue, tracked as CVE-2022-43931 (CVSS3 Base Score10). […]
The Canadian Copper Mountain Mining Corporation (CMMC) was hit with a ransomware attack that impacted its operations. The Canadian Copper Mountain Mining Corporation (CMMC) announced to have suffered a ransomware attack late on December 27, 2022, which impacted its operation. Copper Mountainâs flagship asset is the 75% owned Copper Mountain mine located in southern British Columbia near […]
Experts warn of a new malware campaign using sensitive information stolen from a bank as a lure to spread the remote access trojan BitRAT. Qualys experts spotted a new malware campaign spreading a remote access trojan called BitRAT using sensitive information stolen from a bank as a lure in phishing messages. BitRAT is a relatively new […]
A post published on a popular hacking forum claims Volvo Cars has suffered a new data breach, alleging stolen data available for sale. French cybersecurity Anis Haboubi yesterday first noticed that a threat actor was attempting to sell data allegedly stolen from Volvo Cars on a popular hacking forum. A member of the forum, who […]
In 2022, ransomware attacks targeted 105 state or municipal governments or agencies in the US, reads a report published by Emsisoft. According to the “The State of Ransomware in the US: Report and Statistics 2022” report published by Emsisoft, the number of ransomware attacks against government, education and healthcare sector organizations is quite similar to […]