The INC Ransom extortion gang is threatening to publish three terabytes of data allegedly stolen after breaching the National Health Service (NHS) of Scotland. In a post yesterday, the cybercriminals shared multiple images containing medical details and said that they would leak data "soon," unless the NHS pays a ransom. Scotland's NHS is the country's public health system, providing services ranging from primary care, hospital care, dental care, pharmaceutical, and long-term care. READ MORE...
American retailer Hot Topic disclosed that two waves of credential stuffing attacks in November exposed affected customers' personal information and partial payment data. The Hot Topic fast-fashion chain has over 10,000 employees in more than 630 store locations across the U.S. and Canada, the company's headquarters, and two distribution centers. In credential stuffing attacks, cybercriminals use automated tools to trigger millions of login attempts using a list of username and password pairs. READ MORE...
India's government agencies and energy companies are facing a new threat in the form of an espionage campaign using an open source information stealer. "HackBrowersData," a modified information stealer, can collect user login credentials, cookies, and browser history, according to researchers at EclecticIQ, a Dutch cybersecurity firm. The researchers discovered the information stealer through a phishing email disguised as an invitation from the Indian Air Force. READ MORE...
The British Library has shared details on the destructive ransomware attack it experienced in October 2023. Although the attack on the national library of the UK occurred five months ago, the Library's infrastructure won't be rebuilt until mid-April 2024, and then the full restoration of systems and data can begin. The attack was destructive. Apart from exfiltrating around 600 Gb of data, the attackers deleted logs, encrypted systems, destroyed servers, and locked out all users. READ MORE...
JetBrains has patched 26 security issues in its TeamCity build management and continuous integration server, and it has taken steps to reduce the risk of vulnerabilities being exploited in malicious attacks. TeamCity 2024.03, released on March 27, patches 26 'security problems', according to JetBrains. The company highlighted that it's not sharing the details of security-related issues "to avoid compromising clients that keep using previous bugfix and/or major versions of TeamCity". READ MORE...
Several big businesses have published source code that incorporates a software package previously hallucinated by generative AI. Not only that but someone, having spotted this reoccurring hallucination, had turned that made-up dependency into a real one, which was subsequently downloaded and installed thousands of times by developers as a result of the AI's bad advice, we've learned. READ MORE...
Threat actors are widely adopting an emerging adversary-in-the-middle (AitM) phishing kit sold on Telegram to blitz Microsoft 365 and Gmail email accounts with threat campaigns that can bypass multifactor authentication (MFA) protections. The "Tycoon 2FA" phishing-as-a-service (PhaaS) platform has been active since at least last August but was updated as recently as last month to enhance its obfuscation and anti-detection capabilities. READ MORE...
Generative AI lures enterprise leaders with potential advantages, such as expanding data analytics, speeding up work and reducing administrative burdens. But cybersecurity leaders are wary the novel tech can introduce new problems in an already precarious environment. As vendors and CEOs push for CIOs to embark on swift implementation, cybersecurity pros are finding themselves in a familiar position - keep up or get pushed out. READ MORE...
In one of the biggest cybersecurity policy reforms in recent memory, the Cybersecurity and Infrastructure Security Agency on Wednesday released its much-anticipated notice of proposed rulemaking to require critical infrastructure organizations to report cybersecurity incidents, a move intended to provide the federal government with better insight about breaches that affect highly sensitive entities, such as water and power utilities. READ MORE...
Thousands of servers storing AI workloads and network credentials have been hacked in an ongoing attack campaign targeting a reported vulnerability in Ray, a computing framework used by OpenAI, Uber, and Amazon. The attacks, which have been active for at least seven months, have led to the tampering of AI models. They have also resulted in the compromise of network credentials, allowing access to internal networks and databases and tokens for accessing accounts on multiple platforms. READ MORE...
PyPI, a vital repository for open source developers, temporarily halted new project creation and new user registration following an onslaught of package uploads that executed malicious code on any device that installed them. Ten hours later, it lifted the suspension. Short for the Python Package Index, PyPI is the go-to source for apps and code libraries written in the Python programming language. READ MORE...