CoinsPaid blames North Korea-linked APT Lazarus for theft of $37M worth of cryptocurrency

Crypto-payments service provider CoinsPaid suffered a cyber attack that resulted in the theft of $37,200,000 worth of cryptocurrency. CoinsPaid, a crypto-payment service provider, fell victim to a cyber attack,... Read more »

Monitor Insider Threats but Build Trust First

The issue of how to prevent insider threats without infringing on employee privacy is one that has been a hot topic of debate in recent years. Because insider threats... Read more »

Zimbra fixed actively exploited zero-day CVE-2023-38750 in ZCS

Zimbra addressed a zero-day vulnerability exploited in attacks aimed at Zimbra Collaboration Suite (ZCS) email servers. Two weeks ago Zimbra urged customers to manually install updates to fix a... Read more »

DepositFiles exposed config file, jeopardizing user security

DepositFiles, a popular web hosting service, left its environment configuration file accessible, revealing a trove of highly sensitive credentials. The recent tsunami of Cl0p-driven ransomware attacks via the MOVEit Transfer... Read more »

Group-IB CEO Ilya Sachkov sentenced to 14 years in a strict prison colony

Ilya Sachkov, CEO and co-founder of Group-IB was sentenced to 14 years in a high security prison colony according to the Moscow court announcement. As per the announcement from... Read more »

Two flaws in Linux Ubuntu affect 40% of Ubuntu users

Wiz researchers discovered two Linux vulnerabilities in the Ubuntu kernel that can allow an unprivileged local user to gain elevated privileges. Wiz Research discovered two privilege escalation vulnerabilities, tracked... Read more »

Two ambulance services in UK lost access to patient records after a cyber attack on software provider

Swedish software firm Ortivus suffered a cyberattack that has resulted in at least two British ambulance services losing access to electronic patient records. Two British ambulance services were not... Read more »

FraudGPT, a new malicious generative AI tool appears in the threat landscape

FraudGPT is another cybercrime generative artificial intelligence (AI) tool that is advertised in the hacking underground. Generative AI models are becoming attractive for crooks, Netenrich researchers recently spotted a... Read more »

CISA adds Ivanti EPMM flaw to its Known Exploited Vulnerabilities catalog

US CISA added actively exploited Ivanti ‘s Endpoint Manager Mobile (EPMM) vulnerability to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added actively exploited Ivanti... Read more »

Over 500K MikroTik RouterOS systems potentially exposed to hacking due to critical flaw

Experts warn of a severe privilege escalation, tracked as CVE-2023-30799, in MikroTik RouterOS that can be exploited to hack vulnerable devices. VulnCheck researchers warn of a critical vulnerability, tracked as... Read more »
Subscribe to our Newsletter