Researchers discovered eight vulnerabilities in Microsoft applications for macOS, including Teams, Outlook, and Word, that could allow attackers to gain access to users’ microphones, cameras, and more. The vulnerabilities exploit permissions previously granted to the apps, enabling malicious actors to record video or audio without the user’s knowledge. According to …
Fortinet’s FortiGuard Labs has reported a surge in SnakeKeylogger infections that target Windows users. The malware, which steals credentials and captures screenshots, records keystrokes and sends sensitive information to cybercriminals. SnakeKeylogger, originally sold on Russian crime forums, has evolved into a dangerous threat. It uses obfuscation techniques to hide its …
Cybercriminals are targeting social media users by hijacking pages and rebranding them to mimic popular AI photo editors. They post malicious links leading victims to download ITarian software, disguised as a photo editor, which grants them remote access to the victim’s devices. This access allows attackers to steal sensitive information …
The city of Columbus, Ohio, is working diligently to restore its systems following a significant cybersecurity incident. The attack has disrupted multiple resident-facing IT services, although essential services like 911 and employee payroll remain operational. The city first alerted the public through a brief Facebook statement, and officials have since …
In the second quarter of 2024, ransomware and business email compromise (BEC) attacks constituted 60% of all cyber incidents, as reported by Cisco Talos. Technology was the most targeted sector, accounting for 24% of incidents, reflecting a 30% increase from the previous quarter. Attackers are focusing on tech firms as …
The Department of Health and Human Services (HHS) faces significant cloud security vulnerabilities, as highlighted in a recent audit by the Office of Inspector General (OIG). The report reveals weaknesses in a dozen security controls and inadequacies in HHS’ cloud inventory processes. Critical issues include a lack of multifactor authentication …
As cloud usage becomes vital for organizations, it has also become a target for cyberattacks. A recent report by Thales highlights that 47% of corporate data stored in the cloud is sensitive, making cloud security a top priority. SaaS applications, cloud storage, and cloud management infrastructure are the leading attack …
Alabama’s State Department of Education recently experienced a significant data breach following a thwarted ransomware attack on June 17. Although IT professionals managed to stop the attack, threat actors accessed some data and disrupted services. Superintendent Eric Mackey revealed that while the full extent of the breach is still being …
Adversary-in-the-middle (AitM) attacks are exposing vulnerabilities in passkey authentication. By stripping passkey options from login pages users are forced to rely on less secure authentication methods. This makes their accounts susceptible to compromise. Joe Stewart from eSentire’s Threat Response Unit highlights that the problem lies not in the passkeys themselves. …
Patelco Credit Union, one of the oldest and largest credit unions in the U.S., suffered a significant ransomware attack on June 29, 2024. The cyber assault forced the shutdown of Patelco’s online banking platform, mobile app, and call center operations, affecting nearly 500,000 members in the Bay Area and Northern …
