A couple of days after the FBI warned that a ransomware group called BlackByte had compromised critical infrastructure in the US, the group hacked servers belonging to the San Francisco 49ers football team and held some of the team's data for ransom. Media representatives for the NFL franchise confirmed a security breach in an emailed statement following a post on BlackByte's dark web site. READ MORE...
For years, a low-skilled attacker has been using off-the-shelf malware in malicious campaigns aimed at companies in the aviation sector as well as in other sensitive industries. The threat actor has been active since at least 2017, targeting entities in the aviation, aerospace, transportation, manufacturing, and defense industries. Tracked as TA2541 by cybersecurity company Proofpoint, the adversary is believed to operate from Nigeria and its activity has been documented before. READ MORE...
Adobe has released an emergency advisory for users of its Commerce and Magento platforms. It explains that a critical zero-day vulnerability is actively being exploited in attacks against sites that use these two content management system (CMSs). Users should apply the patch as soon as possible. Publicly disclosed computer security flaws are listed in the Common Vulnerabilities and Exposures (CVE) database. READ MORE...
Apple on Thursday patched a zero-day security vulnerability in its WebKit browser engine, issuing updates for iOS, iPadOS, and macOS. Its Safari browser, based on WebKit, received the security update separately for instances where it is being used with an older version of macOS, like Big Sur. Apple's tvOS was also refreshed, but without the security fix. READ MORE...
Though we may be stuck with endless COVID-19 scams and a gradual visible rise in all manner of cryptocurrency hijinks, the old school attacks are as perilous as ever, CISA, the Cybersecurity & Infrastructure Security Agency, have released their 2021 report detailing the increasing globalised threat of the ransomware menace. It covers a lot of ground, but many of the main findings won't come as any surprise to those dealing with attacks over the last few years. READ MORE...
The developer of several popular mods for the Cities: Skylines city-building game has been banned after malware was discovered hidden in their wares. The modder, who goes by the handle Chaos as well as Holy Water, reportedly tucked an automatic updater into several mods that enabled the author to deliver malware to anybody who downloaded them. It started last year, when Chaos launched a "redesigned" version of Harmony: a core framework project that most Cities: Skylines mods rely on to work. READ MORE...