Researchers at Tenable have discovered a 12-year-old flaw that has potentially left millions of routers exposed across dozens of manufacturers. If exploited, hackers could compromise these routers, commonly used in home networks, and potentially connected devices. The flaw exists in at least 20 router and modem models manufactured by 17 different vendors, used in at least 11 countries.
Author: ISBuzz Team
Advanced Technology Ventures, a Silicon Valley venture capital firm with more than $1.8 billion in assets under its management, was hit by a ransomware attack in July that saw cybercriminals steal personal information on the company’s private investors, or limited partners (LPs).
Cybercriminals have impersonated the browser’s website in order to push malware to unsuspecting users, via the use of a TLS certificate that made the malicious website appear genuine. The attackers even took out ads on Google to drive unsuspecting users to the fake website.
A new malware strain that has been discovered called Vultur and is targeting banking customers using invisible windows and keylogging to capture their banking data on Android phones.
DeadRinger Research Highlights Attack Trends Leveraging Third-Party Service Providers to Compromise Multiple Targets Cybereason, the leader in operation-centric attack protection, today announced the discovery of several previously unidentified cyber attack campaigns infiltrating major telecommunications providers across Southeast Asia. Similar to the recent SolarWinds and Kaseya attacks, the threat actors first compromised third-party service providers – but in this case instead of using them to deliver malware through a supply chain attack, the intent was to leverage them to conduct surveillance of their customers’ confidential communications. The report comes on the heels of the Biden administration’s public rebuke of China’s Ministry…
BACKGROUND: IBM Security “Cost of Data Breach,” which was conducted by Ponemon Institute, analyzed about 500 organizations that experienced data breaches and concluded that the cost of data breaches reached an all-time high of $4.24 million per incident on average during the pandemic, the highest cost in the 17-year history of IBM Security report.
BACKGROUND: The European Union Agency for Cybersecurity (ENISA) has found that 66 percent of supply chain attacks focus on the supplier’s code. Supply chain attacks have been a concern for cybersecurity experts for many years because the chain reaction triggered by one attack on a single supplier can compromise a network of providers. Malware is the attack technique used in 62% of attacks, according to the new ENISA report Threat Landscape for Supply Chain Attacks, which analyzed 24 recent attacks. ENISA says strong security protection is no longer enough for organizations when attackers have already shifted their attention to suppliers.…
BACKGROUND: As Skype for Business is reaching its end of life, companies are having to face the decision of moving all their data across to another application. Cybersecurity expert has commented on the occasion and shared advice on how to manage the move.
BACKGROUND: Hackers have compromised the Chipotle food chain’s email service and then use it to send out phishing emails with malicious links. The campaign lasted for 3 days and at least 120 malicious emails were sent.
BACKGROUND: ‘Reindeer’, a New York-based digital media advertising and marketing company that is now out of business, has left an Amazon S3 bucket exposed to public access resulting in the irreversible leak of 50,000 files that account to a total of 32 GB of size. The exposure affects roughly 306,000 people, who were customers of various Reindeer clients such as the ‘Patrón Tequila’ alcoholic beverage brand and the ‘Jack Wills’ UK clothing brand. The exposed details include full names, email addresses, physical addresses, phone numbers, and hashed passwords.
