Search Results for: data breach
Fake Palo Alto GlobalProtect used as lure to backdoor enterprises
Threat actors target Middle Eastern organizations with malware disguised as the legitimate Palo Alto GlobalProtect Tool that can steal data and execute remote PowerShell commands to infiltrate internal networks further. Palo Alto GlobalProtect is a legitimate security solution offered by Palo Alto Networks that provides secure VPN access with multi-factor authentication support. Organizations widely use the […]
Halliburton cyberattack linked to RansomHub ransomware gang
The RansomHub ransomware gang is behind the recent cyberattack on oil and gas services giant Halliburton, which disrupted the company’s IT systems and business operations. The attack caused widespread disruption, and GeekFeed was told that customers couldn’t generate invoices or purchase orders because the required systems were down. Halliburton disclosed the attack last Friday in an SEC […]
Researchers find SQL injection to bypass airport TSA security checks
Security researchers have found a vulnerability in a key air transport security system that allowed unauthorized individuals to potentially bypass airport security screenings and gain access to aircraft cockpits. Researchers Ian Carroll and Sam Curry discovered the vulnerability in FlyCASS, a third-party web-based service that some airlines use to manage the Known Crewmember (KCM) program and the Cockpit Access […]
Qilin ransomware now steals credentials from Chrome browsers
The Qilin ransomware group has been using a new tactic and deploys a custom stealer to steal account credentials stored in Google Chrome browser. The credential-harvesting techniques has been observed by the Sophos X-Ops team during incident response engagements and marks an alarming change on the ransomware scene. Attack overview The attack that Sophos researchers analyzed […]
US oil giant Halliburton confirms cyberattack behind systems shutdown
Halliburton, one of the world’s largest providers of services to the energy industry, has confirmed a cyberattack that forced it to shut down some of its systems earlier this week. “On August 21, 2024, Halliburton Company (the “Company”) became aware that an unauthorized third party gained access to certain of its systems,” the oil services […]
Microchip Technology discloses cyberattack impacting operations
American chipmaker Microchip Technology Incorporated has disclosed that a cyberattack impacted its systems over the weekend, disrupting operations across multiple manufacturing facilities. Headquartered in Chandler, Arizona, the company has roughly 123,000 customers across multiple industry sectors, including industrial, automotive, consumer, aerospace and defense, communications, and computing markets. Due to an incident, some Microchip Technology manufacturing […]
CISA warns of Jenkins RCE bug exploited in ransomware attacks
CISA has added a critical Jenkins vulnerability that can be exploited to gain remote code execution to its catalog of security bugs, warning that it’s actively exploited in attacks. Jenkins is a widely used open-source automation server that helps developers automate the process of building, testing, and deploying software through continuous integration (CI) and continuous delivery […]
Microsoft August 2024 Patch Tuesday fixes 9 zero-days, 6 exploited
Today is Microsoft’s August 2024 Patch Tuesday, which includes security updates for 89 flaws, including six actively exploited and three publicly disclosed zero-days. Microsoft is still working on an update for a tenth publicly disclosed zero-day. This Patch Tuesday fixed eight critical vulnerabilities, which were a mixture of elevation of privileges, remote code execution, and […]
FBI disrupts the Dispossessor ransomware operation, seizes servers
The FBI announced on Monday that it seized the servers and websites of the Radar/Dispossessor ransomware operation following a joint international investigation. The joint operation was carried out in collaboration with the U.K.’s National Crime Agency, the Bamberg Public Prosecutor’s Office, and the Bavarian State Criminal Police Office (BLKA). Law enforcement seized three U.S. servers, […]
Ransomware gang targets IT workers with new SharpRhino malware
The Hunters International ransomware group is targeting IT workers with a new C# remote access trojan (RAT) called SharpRhino to breach corporate networks. The malware helps Hunters International achieve initial infection, elevate their privileges on compromised systems, execute PowerShell commands, and eventually deploy the ransomware payload. Quorum Cyber researchers who discovered the new malware report that it […]