cybersecurity incident response – Page 2

From Cyber Security News – ChatGPT Vulnerability Actively Exploited From 10,000+ IPs to Attack US Government Organizations

Attackers are actively exploiting a Server-Side Request Forgery (SSRF) vulnerability in OpenAI’s ChatGPT infrastructure. The vulnerability, identified as CVE-2024-27564, has become a significant threat despite its medium severity classification. According to…

shaikh Saqib March 18, 2025

News

From Security Week – Western Alliance Bank Discloses Data Breach Linked to Cleo Hack

[[{"value":"The personal information of 22,000 Western Alliance Bank customers was stolen in a data breach linked to Cl0p’s hacking of the Cleo file transfer tool. The post Western Alliance Bank…

shaikh Saqib March 18, 2025

News

From Security Week – ChatGPT Vulnerability Exploited Against US Government Organizations

[[{"value":"A year-old vulnerability in ChatGPT is being exploited against financial entities and US government organizations. The post ChatGPT Vulnerability Exploited Against US Government Organizations appeared first on SecurityWeek."}]] Read More

shaikh Saqib March 18, 2025

News

From Cyber Security News – Telecom Giant NTT Admits Hackers Accessed 18,000 Corporate Customers Data

Japanese telecommunications conglomerate NTT Communications (NTT Com) disclosed this week that threat actors infiltrated its internal systems in February, compromising sensitive data belonging to 17,891 corporate clients globally. The breach,…

shaikh Saqib March 12, 2025

Vulnerabilities

From Cybersecurity Help – Former software developer sabotaged employer’s systems with malware

Davis Lu was found guilty of deploying custom malware and installing a "kill switch" that locked out thousands of employees after he was fired. Read More

shaikh Saqib March 10, 2025

News

From Security Week – Cyberattack Disrupts National Presto Industries Operations

[[{"value":"National Presto Industries says a cyberattack has resulted in a system outage and operational disruptions. The post Cyberattack Disrupts National Presto Industries Operations appeared first on SecurityWeek."}]] Read More

shaikh Saqib March 7, 2025

News

From Security Week – Black Basta Leak Offers Glimpse Into Group’s Inner Workings

[[{"value":"A massive hoard of internal chats has been leaked from Black Basta, rivalling the Conti leaks of late February 2022. The post Black Basta Leak Offers Glimpse Into Group’s Inner…

shaikh Saqib March 3, 2025

News

From The Hacker News – The New Ransomware Groups Shaking Up 2025

In 2024, global ransomware attacks hit 5,414, an 11% increase from 2023. After a slow start, attacks spiked in Q2 and surged in Q4, with 1,827 incidents (33% of the year's total). Law enforcement actions against major groups like LockBit caused fragmentation, leading to more competition and a rise in smaller gangs. The number of active ransomware groups jumped 40%, from 68 in 2023 to 95

shaikh Saqib March 3, 2025

News

From Dark Reading – Nakivo Fixes Critical Flaw in Backup & Replication Tool

The vendor's products fall in a category that ransomware operators like to target to circumvent victims' ability to recover from a successful attack. Read More

shaikh Saqib February 28, 2025

News

From Cyber Security News – Top 10 Best Dynamic Malware Analysis Tools in 2025

Dynamic malware analysis tools are critical for detecting and understanding modern cyber threats. These tools execute suspicious software in isolated environments to monitor its behavior, such as file modifications, network…

shaikh Saqib February 27, 2025

News

From Dark Reading – Water Utility Co. Still Paying the Breach Price a Year Later

The UK's Southern Water has been forced to shell out millions due to a Black Basta cyberattack, and it has come to light that the total could include a ransom…

shaikh Saqib February 27, 2025

News

From The Hacker News – New Linux Malware ‘Auto-Color’ Grants Hackers Full Remote Access to Compromised Systems

Universities and government organizations in North America and Asia have been targeted by a previously undocumented Linux malware called Auto-Color between November and December 2024, according to new findings from Palo Alto Networks Unit 42. "Once installed, Auto-color allows threat actors full remote access to compromised machines, making it very difficult to remove without specialized

shaikh Saqib February 26, 2025

News

From The Hacker News – FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services

Various industrial organizations in the Asia-Pacific (APAC) region have been targeted as part of phishing attacks designed to deliver a known malware called FatalRAT. "The threat was orchestrated by attackers using legitimate Chinese cloud content delivery network (CDN) myqcloud and the Youdao Cloud Notes service as part of their attack infrastructure," Kaspersky ICS CERT said in a Monday

shaikh Saqib February 25, 2025

News

From Cyber Security News – Hackers Exploited Confluence Server Vulnerability To Deploy LockBit Ransomware

A sophisticated ransomware attack leveraging a critical Atlassian Confluence vulnerability (CVE-2023-22527, CVSS 10.0) has been uncovered, culminating in the deployment of LockBit Black ransomware across enterprise networks within two hours…

shaikh Saqib February 24, 2025

News

From Cyber Security News – Exim Mail Transfer Vulnerability Let Attackers Inject Malicious SQL Queries

Security researchers have uncovered a critical SQL injection vulnerability (CVE-2025-26794) in Exim, the widely-used mail transfer agent (MTA) that powers over 60% of internet mail servers. The flaw enables authenticated…

shaikh Saqib February 24, 2025