CISA Unveils Ransomware Notification Initiative
Provides businesses with early warnings to evict threat actors before they can encrypt data
WooCommerce Patches Critical Plugin Flaw Affecting Half a Million Sites
The vulnerability could allow an unauthenticated attacker to gain admin privileges and take over a website
GitHub Updates Security Protocol For Operations Over SSH
The move reportedly did not stem from a compromise of GitHub systems or customer information
Now UK Parliament Bans TikTok from its Network and Devices
Further blow for Chinese social media app
IRS Phishing Emails Used to Distribute Emotet
Monster 500MB attachment hides a nasty surprise
Fifth of Execs Admit Security Flaws Cost Them New Biz
Business leaders still underestimate importance of security to growth
China-Aligned “Operation Tainted Love” Targets Middle East Telecom Providers
The deployment of custom credential theft malware is the main novelty of the new campaign
SharePoint Phishing Scam Targets 1600 Across US, Europe
Cyber-criminals used the scam to steal the credentials for various email accounts
New Post-Exploitation Attack Method Found Affecting Okta Passwords
The flaw derives from the way the Okta system records failed login attempts to instances
UK Government Sets Out Vision for NHS Cybersecurity
Plans to boost cyber-resilience in the health service by 2030
Malicious ChatGPT Chrome Extension Hijacks Facebook Accounts
Software was unwittingly downloaded thousands of times
Irish Food Giant Dole Admits Employee Data Breach
Incident was linked to previously disclosed ransomware attack
BreachForums Shuts Down After Admin's Arrest
The forum's admin said the move might be temporary and that they will set up a new Telegram group
New Android Banking Trojan 'Nexus' Promoted As MaaS
Nexus offers overlay attacks and keylogging activities designed to steal victims' credentials
CISA and NSA Enhance Security Framework With New IAM Guide
Guidance includes best practices for identity governance, environmental hardening, SSO, MFA and IAM auditing
Microsoft Warns of Stealthy Outlook Vulnerability Exploited by Russian Hackers
Microsoft on Friday shared guidance to help customers discover indicators of compromise (IoCs) associated with a recently patched Outlook vulnerability.
Tracked as CVE-2023-23397 (CVSS score: 9.8), the critical flaw relates to a case of privilege escalation that could be exploited to steal...
OpenAI Reveals Redis Bug Behind ChatGPT User Data Exposure Incident
OpenAI on Friday disclosed that a bug in the Redis open source library was responsible for the exposure of other users' personal information and chat titles in the upstart's ChatGPT service earlier this week.
The glitch, which came to light on...
US Charges 20-Year-Old Head of Hacker Site BreachForums
The US Justice Department charged Conor Brian Fitzpatrick, founder of BreachForums, a major underground website for computer hackers.
The post US Charges 20-Year-Old Head of Hacker Site BreachForums appeared first on SecurityWeek.
Dish customers struggle with service disruptions weeks after ransomware attack
Customers complain that they are still having payment issues and are not able to contact customer service weeks after Dish Network suffered a ransomware attack.
CISA announced the Pre-Ransomware Notifications initiative
The US Cybersecurity and Infrastructure Security Agency (CISA) announced the Pre-Ransomware Notifications service to help organizations stop ransomware attacks before damage occurs.
The US Cybersecurity and Infrastructure Security Agency announced a new Pre-Ransomware Notification initiative that aims at alerting organizations of...
