The hacking group responsible for recent attacks on M&S, Qantas and others has ramped up its efforts to phish companies across sectors. Scattered Spider, a sophisticated cyber threat group known for aggressive social engineering and targeted phishing, is broadening its scope, notably targeting aviation alongside enterprise environments. Check Point Research has uncovered specific phishing domain indicators, […]
A mobile ad fraud operation dubbed IconAds that consisted of 352 Android apps has been disrupted, according to a new report from HUMAN. The identified apps were designed to load out-of-context ads on a user’s screen and hide their icons from the device home screen launcher, making it harder for victims to remove them, per […]
France’s cybersecurity agency has revealed that a Chinese hacking group has targeted government, telecommunications, media, finance and transport sectors in the country using zero-day vulnerabilities in Ivanti Cloud Service Appliance devices. The campaign, detected at the beginning of September 2024, has been attributed to a distinct intrusion set codenamed Houken, which is assessed to share some […]
Researchers have confirmed what is likely to be the largest data breach ever, with an almost incredulous 16 billion login credentials, including passwords for Apple, Facebook, Google and others, exposed. The article on Forbes references an original piece by Cybernews which first broke the story in May of this year, when it reported that its […]
A new study from Palo Alto Networks says employees are using an average of 6.6 high-risk generative AI applications – including some unknown to CISOs The study, on the popularity of GenAI in organisations, analysed traffic logs from more than 7,000 PAN customers during the 12 months of 2024 to detect use of software-as-a-service apps such […]
A critical infrastructure entity within Ukraine was targeted by a previously unseen data wiper malware named PathWiper, according to new findings from Cisco Talos. “The attack was instrumented via a legitimate endpoint administration framework, indicating that the attackers likely had access to the administrative console, that was then used to issue malicious commands and deploy […]
Microsoft has launched a a European Security Programme (ESP) for government bodies in the region, throwing a protective embrace around all 27 European Union (EU) member states, EU accession candidates, European Free Trade Association members, the UK, Monaco and the Vatican. Recognising that the European cyber threat landscape is in a state of flux as […]
Global sportswear brand Adidas has confirmed that a data breach at a third-party customer service provider has compromised customer data. While no financial or password information was apparently accessed, the full extent of the breach – which stemmed from a cyberattack – remains unclear. In a statement released last Friday, the German company said it had recently […]
Sophos has warned managed service providers (MSPs) they are the targets of a ransomware attack that is hoping to exploit the systems the channel uses to monitor and service customers. The security vendor has shared its experiences tracking DragonForce attacks, which look to exploit vulnerabilities in remote monitoring and management (RMM) tools. It shared an example of […]
Arla Foods has confirmed to BleepingComputer that it was targeted by a cyber-attack that has disrupted its production operations. The Danish food giant clarified that the attack only affected its production unit in Upahl, Germany, though it expects this will result in product delivery delays or even cancellations. Arla Foods is an international dairy producer […]