Poor password management is responsible for thousands of data breaches, but it doesn't have to be this way. The IT business likes to reinvent things as quickly as possible. Except passwords, that is. We've been using them since Roman times, only now they're digital. They're the fungal skin disease of tech, irritating and hard to get rid of. READ MORE...
DragonForce, a ransomware "cartel" that has gained significant popularity since its debut in 2023, attacked an MSP as part of a recent supply chain attack, via known SimpleHelp bugs. The DragonForce ransomware gang attacked a managed service provider's (MSP) remote monitoring and management (RMM) tool in order to conduct a supply chain attack. READ MORE...
An Iranian national has pleaded guilty to participating in the Robbinhood ransomware operation, which was used to breach the networks, steal data, and encrypt devices of U.S. cities and organizations in an attempt to extort millions of dollars over a five-year span. According to a U.S. Department of Justice and an unsealed indictment, 39-year-old man named Sina Gholinejad, also known as "Sina Ghaaf," and his conspirators deployed the Robbinhood ransomware on breached networks. READ MORE...
Once dismissed as Internet miscreants in hoodies, ethical hackers have hit the big time, earning millions from blue-chip firms. And they say it's their diverse backgrounds that make them top-tier bug hunters. HackerOne recently announced that over the past six years, the bug bounty platform has minted 50 fresh million-dollar bounty hunters by providing them an easily accessible platform to help companies ferret out security vulnerabilities in software, for big cash payouts. READ MORE...
The maker of patient monitoring devices said the incident will not have a material effect on its updated financial outlook. Medical device maker Masimo said Tuesday that it does not expect a cyberattack it disclosed earlier this month to have a material effect on its fiscal 2025 revenue, nor does it expect the incident to hurt its ability to fulfill existing customer orders or meet seasonal demand. READ MORE...
Authorities said malware linked to a Russia-based cybercrime group infected more than 300,000 computers around the world with the malicious code. U.S. authorities on Thursday charged 16 defendants in a massive global operation to disrupt the Russia-based cybercrime group behind the DanaBot malware. DanaBot infected more than 300,000 computers around the world, facilitating fraud and ransomware and resulting in more than $50 million in damage. READ MORE...
A vulnerability in the smart contract for liquidity pools allowed hackers to steal roughly $223 million in virtual assets from cryptocurrency exchange Cetus Protocol. The incident occurred on May 22 and led to Cetus immediately pausing its smart contract, but not before the hackers were able to siphon both native SUI tokens and other tokens. The attackers exploited a vulnerability in an open source library used in the liquidity provider's smart contract. READ MORE...