US government discloses more ransomware attacks on water plants

By: Sergiu Gatlan U.S. Water and Wastewater Systems (WWS) Sector facilities have been breached multiple times in ransomware attacks during the last two years, U.S. government agencies said in a joint advisory on Thursday. The advisory also mentions ongoing malicious activity targeting WWS facilities that could lead to ransomware attacks affecting their ability to provide […]

Facebook privacy Settings you should change now

Photo by Timothy Hales Bennett on Unsplash

by: Kaleb Brown As if Facebook didn’t have enough drama last week following the testimony from the whistleblower and the outage affecting all of its sites on October 4th, privacy research company Privacy Affairs found personal data from more than 1.5 billion Facebook users for sale on a hacker forum. According to the Statista Research […]

Enterprises Warned About Zix-Themed Credential Phishing Attacks

By Eduard Kovacs Enterprise users have been warned that cybercriminals may be trying to phish their credentials by luring them with fake emails that appear to be related to services offered by security company Zix. Zix provides cybersecurity, compliance and productivity solutions to 21,000 organizations, and cybercriminals have been leveraging the company’s reputation in a […]

US farmer cooperative hit by $5.9M BlackMatter ransomware attack

By: Lawrence Abrams U.S. farmers cooperative NEW Cooperative has suffered a BlackMatter ransomware attack demanding $5.9 million not to leak stolen data and provide a decryptor. NEW Cooperative is a farmer’s feed and grain cooperative with over sixty locations throughout Iowa. In a weekend ransomware attack, the threat actors demand a 5.9 million dollar ransom, […]

Are you backing up your Office 365? (Probably not)

By: Kaleb Brown When purchasing Office 365, you’ve probably been under the impression that your information is safe and secure. You pay a monthly (or annual) fee for this service and you’ve never noticed anything missing so is it safe to assume it is being backed up? Short answer – No. In the case that […]

The home security system that can be hacked with your email address

By: Paul Ducklin A researcher at vulnerability and red-team company Rapid7 recently uncovered a pair of risky security bugs in a digital home security product. The first bug, reported back in May 2021 and dubbed CVE-2021-39276, means that an attacker who knows the email address against which you registered your product can effectively use your […]

Cybersecurity and Infrastructure Security Agency Advisory

By: Brooke Baggett An advisory has been issued this week by the FBI and CISA (Cybersecurity and Infrastructure Security Agency). This advisory (link provided below) is not the result of a direct cyber threat, rather it reminds and warns us about the increased potential for ransomware attacks during holiday weekends. This advisory provides a list […]

T-Mobile CEO: Hacker brute-forced his way through our network

By Sergiu Gatlan Today, T-Mobile’s CEO Mike Sievert said that the hacker behind the carrier’s latest massive data breach brute forced his way through T-Mobile’s network after gaining access to testing environments. The attacker could not exfiltrate customer financial information, credit card information, debit or other payment information during the incident. However, T-Mobile says that he stole records […]

T-Mobile says hackers stole records belonging to 48.6 million individuals

By Sergiu Gatlan T-Mobile has confirmed that attackers who recently breached its servers stole files containing the personal information of tens of millions of individuals. The massive breach impacts roughly 7.8 million T-Mobile postpaid customers, 850,000 T-Mobile prepaid users, and approximately 40 million former or prospective ones. Adding it all up, the attackers stole records belonging […]

Microsoft Exchange servers scanned for ProxyShell vulnerability, Patch Now

By Lawrence Abrams Threat actors are now actively scanning for the Microsoft Exchange ProxyShell remote code execution vulnerabilities after technical details were released at the Black Hat conference. Before we get to the active scanning of these vulnerabilities, it is important to understand how they have been disclosed. ProxyShell is the name for three vulnerabilities that perform […]