Windows, Linux, and ESXi systems can all be used to encrypt devices that are infected with the Luna ransomware family. Luna ransomware was found by Kaspersky security researchers thanks to a dark web ransomware forum ad picked up by the…
Latest posts - Page 49
Card Skimmers Are Served Up By Magecart On Restaurant Ordering Systems
Two distinct efforts targeting MenuDrive, Harbortouch, and InTouchPOS services resulted in the compromising of 300 restaurants and at least 50,000 credit cards. Researchers have discovered that Magecart operations have compromised tens of thousands of cards so far by skimming the…
Neopets Data Breach Exposes Personal Data of 69 Million Members
According to one security expert, e-commerce websites generally struggle to keep their sites secure and frequently include weak code from supply-chain partners or third parties that is simple for hackers to infiltrate and may have unintended consequences. Kim DeCarlis, chief…
300K Installations of Malicious Android Apps Were Discovered on Google Play
Security experts have identified three Android malware families that have infiltrated the Google Play Store and are concealing their harmful payloads inside several ostensibly innocent applications. Users who downloaded the malicious apps experienced data theft, social media account hijacking, SMS…
Black Basta Ransomware Gang Attacks Building Materials Major Knauf
The Knauf Group has disclosed that it was the victim of a cyberattack that interfered with its business operations and compelled its worldwide IT team to shut down its IT systems in order to contain the situation. On the evening…
New CloudMensis Spyware Discovered by Experts Targeting Apple macOS Users
Security experts have revealed previously unknown spyware that targets the Apple macOS operating system. The malware, known as CloudMensis by the Slovak cybersecurity company ESET, is rumoured to only use open-source cloud storage platforms like pCloud, Yandex Disk, and Dropbox…
Government of Albania Suffers “Massive Cyber-Attack”
The websites of the federal government of Albania were taken offline by a “massive cyber-attack.” The federal government claimed that the tragedy was the result of a coordinated “strike from overseas” in a statement that was distributed to local information…
Remote Code Execution is Caused via Prototype Pollution in Blitz.js.
A critical prototype pollution vulnerability in Blitz.js, a JavaScript online application framework, has been patched to prevent remote code execution (RCE) on Node.js servers. A specific kind of JavaScript flaw known as prototype pollution enables attackers to manipulate an application’s…
Password History Requirement in Windows AD to Reduce Password Reuse
Longtime advocates of password restrictions that prevent users from using their old passwords again include IT security experts. For instance, Netwrix advises configuring your password history policy to save at least the ten most recent passwords for each user. Microsoft…
Most Enterprise Vendors, According To A New Study, Are Failing To Mitigate Attacks Using Speculative Execution
In light of the fact that speculative execution assaults continue to be a vulnerability afflicting current CPUs, recent study has revealed a “industry failure” to embrace mitigations made available by AMD and Intel, creating a risk to the firmware supply…