News in the Security category

PHP fixes critical RCE flaw impacting all versions for Windows

A new PHP for Windows remote code execution (RCE) vulnerability has been disclosed, impacting all releases since version 5.x, potentially impacting a massive number of servers worldwide.
- Bill Toulas
- June 07, 2024
- 10:32 AM
- 0
Los Angeles Unified School District investigates data theft claims

Los Angeles Unified School District (LAUSD) officials are investigating a threat actor's claims that they're selling stolen databases containing records belonging to millions of students and thousands of teachers.
- Sergiu Gatlan
- June 06, 2024
- 06:44 PM
- 0
Hackers exploit 2018 ThinkPHP flaws to install ‘Dama’ web shells

Chinese threat actors are targeting ThinkPHP applications vulnerable to CVE-2018-20062 and CVE-2019-9082 to install a persistent web shell named Dama.
- Bill Toulas
- June 06, 2024
- 05:26 PM
- 0
Ukraine says hackers abuse SyncThing tool to steal data

The Computer Emergency Response Team of Ukraine (CERT-UA) reports about a new campaign dubbed "SickSync," launched by the UAC-0020 (Vermin) hacking group in attacks on the Ukrainian defense forces.
- Bill Toulas
- June 06, 2024
- 04:43 PM
- 0
New Fog ransomware targets US education sector via breached VPNs

A new ransomware operation named 'Fog' launched in early May 2024, is using compromised VPN credentials to breach the networks of educational organizations in the U.S.
- Bill Toulas
- June 06, 2024
- 02:29 PM
- 0
New Gitloker attacks wipe GitHub repos in extortion scheme

Attackers are targeting GitHub repositories, wiping their contents, and asking the victims to reach out on Telegram for more information.
- Sergiu Gatlan
- June 06, 2024
- 01:53 PM
- 1
PandaBuy pays ransom to hacker only to get extorted again

Chinese shopping platform Pandabuy told BleepingComputer it previously paid a a ransom demand to prevent stolen data from being leaked, only for the same threat actor to extort the company again this week.
- Bill Toulas
- June 06, 2024
- 11:18 AM
- 4
Sponsored Content
mWISE: The security conference built by practitioners, for practitioners

Mark your calendar for mWISE 2024, a global conference where cybersecurity professionals come together to tackle the industry's biggest challenges. It runs from September 18 & 19, 2024 in Denver, Colorado. Register early for the best discount available.
- Sponsored by mWise Conference
- June 06, 2024
- 10:02 AM
- 0
Linux version of TargetCompany ransomware focuses on VMware ESXi

Researchers observed a new Linux variant of the TargetCompany ransomware family that targets VMware ESXi environments using a custom shell script to deliver and execute payloads.
- Bill Toulas
- June 05, 2024
- 07:17 PM
- 0
FBI recovers 7,000 LockBit keys, urges ransomware victims to reach out

The FBI urges past victims of LockBit ransomware attacks to come forward after revealing that it has obtained over 7,000 LockBit decryption keys that they can use to recover encrypted data for free.
- Sergiu Gatlan
- June 05, 2024
- 06:48 PM
- 9
Advance Auto Parts stolen data for sale after Snowflake attack

Threat actors claim to be selling 3TB of data from Advance Auto Parts, a leading automotive aftermarket parts provider, stolen after breaching the company's Snowflake account.
- Sergiu Gatlan
- June 05, 2024
- 05:56 PM
- 1
Check-in terminals used by thousands of hotels leak guest info

Ariane Systems self check-in systems installed at thousands of hotels worldwide are vulnerable to a kiosk mode bypass flaw that could allow access to guests' personal information and the keys for other rooms.
- Bill Toulas
- June 05, 2024
- 04:43 PM
- 2
Club Penguin fans breached Disney Confluence server, stole 2.5GB of data

Club Penguin fans hacked a Disney Confluence server to steal information about their favorite game but wound up walking away with 2.5 GB of internal corporate data, BleepingComputer has learned.
- Lawrence Abrams
- June 05, 2024
- 04:15 PM
- 1
Chinese hacking groups team up in cyber espionage campaign

Chinese state-sponsored actors have been targeting a government agency since at least March 2023 in a cyberespionage campaign that researchers track as Crimson Palace
- Bill Toulas
- June 05, 2024
- 04:06 PM
- 0
Qilin ransomware gang linked to attack on London hospitals

A ransomware attack that hit pathology services provider Synnovis on Monday and impacted several major NHS hospitals in London has now been linked to the Qilin ransomware operation.
- Sergiu Gatlan
- June 05, 2024
- 01:57 PM
- 0
Kali Linux 2024.2 released with 18 new tools, Y2038 changes

Kali Linux has released version 2024.2, the first version of 2024, with eighteen new tools and fixes for the Y2038 bug.
- Lawrence Abrams
- June 05, 2024
- 01:22 PM
- 2
Sponsored Content
Why (and how) threat actors target your Active Directory

Microsoft Active Directory is a common target for threat actors after breaching a network. Learn more from Specops Software about the tools attackers use and how to protect your Active Directory.
- Sponsored by Specops Software
- June 05, 2024
- 10:01 AM
- 0
RansomHub extortion gang linked to now-defunct Knight ransomware

Security researchers analyzing the relatively new RansomHub ransomware-as-a-service believe that it has evolved from the currently defunct Knight ransomware project.
- Bill Toulas
- June 05, 2024
- 08:39 AM
- 0
Australian mining company discloses breach after BianLian leaks data

Northern Minerals issued an announcement earlier today warning that it suffered a cybersecurity breach resulting in some of its stolen data being published on the dark web.
- Bill Toulas
- June 04, 2024
- 06:10 PM
- 0
TikTok fixes zero-day bug used to hijack high-profile accounts

Over the past week, attackers have hijacked high-profile TikTok accounts belonging to multiple companies and celebrities, exploiting a zero-day vulnerability in the social media's direct messages feature.
- Sergiu Gatlan
- June 04, 2024
- 05:57 PM
- 0