In August, hackers leaked 2.7 billion records from National Public Data on a dark web forum. The data includes Social Security numbers and other sensitive information. The breach, tied to the cybercriminal group USDoD, affected individuals in the U.S., U.K., and Canada. The stolen records, shared in two CSV files …
A recent survey revealed that 74% of ransomware victims experienced multiple attacks within a year, highlighting the increasing threat severity and the need for stronger cyber resilience. Despite widespread cybersecurity measures, many organizations paid multiple ransoms, with 33% of victims paying four or more times. These repeated attacks led to …
The recent DARPA-led AI Cyber Challenge at DEF CON showcased the potential of artificial intelligence to revolutionize cybersecurity. Ninety teams participated, each developing autonomous systems to identify and patch vulnerabilities in widely-used open-source software. The competition demonstrated the promise of AI in addressing the growing number of vulnerabilities that outpace …
Researchers at Bitdefender found serious vulnerabilities in solar power systems that could have allowed hackers to cause major disruptions. These flaws exist in platforms from Solarman and Deye, which manage millions of solar installations worldwide. Hackers could exploit these vulnerabilities to manipulate inverters, disrupt power generation, and trigger blackouts. The …
The Senate Intelligence Committee has introduced a bill that could change how the U.S. addresses this cyber threat. By equating it with terrorism, the bill aims to give the U.S. intelligence community more power to target these actors and the nations that support them. If passed, this would be the …
Aqua Security researchers uncovered six critical vulnerabilities in AWS services, leading to risks like remote code execution, data theft, AI model manipulation, and account takeover. AWS promptly patched these vulnerabilities, but the researchers warn that similar flaws might exist in other AWS and open-source services. They advised organizations on general …
SafeBreach Labs’ researcher Alon Leviev exposed flaws in Microsoft’s Windows Update system. These flaws allow attackers to launch undetectable downgrade attacks. Hackers can revert fully patched Windows machines to vulnerable states, turning fixed issues into zero-day threats. Leviev demonstrated how a manipulated Update process can bypass security features, exposing systems …
Ransomware attacks surged in the first half of 2024, with Rapid7 reporting more than 2,570 incidents—an average of 14 attacks per day. The number of criminal groups has expanded, increasing pressure on victims, as 68 groups posted 2,611 data leaks, a 23% rise from last year. Despite law enforcement efforts, …
The UnDisruptable27 project, led by Josh Corman, launches with a $700,000 grant to tackle growing cybersecurity threats against critical US infrastructure. The project aims to engage utility operators, municipalities, and the public in understanding the risks we face and inspiring them to take action. Focusing on the interdependence of essential …
Hunters International, a ransomware group thought to be a rebrand of Hive, now uses SharpRhino malware against IT professionals. This C# remote access trojan (RAT) helps the group gain access, escalate privileges, and run PowerShell commands to deploy ransomware on corporate networks. SharpRhino spreads through a site that mimics the …
