Ransomware Attack Cost Keytronic Over $17 Million
Keytronic says the recent ransomware attack resulted in expenses and lost revenue totaling more than $17 million.
The post Ransomware Attack Cost Keytronic Over $17 Million appeared first on SecurityWeek.
SecurityWeek – Read More
Critical Flaw in Rockwell Automation Devices Allows Unauthorized Access
A high-severity security bypass vulnerability has been disclosed in Rockwell Automation ControlLogix 1756 devices that could be exploited to execute common industrial protocol (CIP) programming and configuration commands.
The flaw, which is assigned the CVE identifier CVE-2024-6242, carries a CVSS v3.1 score of 8.4.
“A vulnerability exists in the affected products that allows a threat actor to
The Hacker News – Read More
China-Linked Hackers Compromise ISP to Deploy Malicious Software Updates
The China-linked threat actor known as Evasive Panda compromised an unnamed internet service provider (ISP) to push malicious software updates to target companies in mid-2023, highlighting a new level of sophistication associated with the group.
Evasive Panda, also known by the names Bronze Highland, Daggerfly, and StormBamboo, is a cyber espionage group that’s been active since at least 2012,
The Hacker News – Read More
New Android Trojan “BlankBot” Targets Turkish Users’ Financial Data
Cybersecurity researchers have discovered a new Android banking trojan called BlankBot targeting Turkish users with an aim to steal financial information.
“BlankBot features a range of malicious capabilities, which include customer injections, keylogging, screen recording and it communicates with a control server over a WebSocket connection,” Intel 471 said in an analysis published last week.
The Hacker News – Read More
CISA Names Lisa Einstein as First Chief AI Officer
Einstein has led CISA’s AI efforts since 2023 as CISA’s Senior Advisor for AI.
The post CISA Names Lisa Einstein as First Chief AI Officer appeared first on SecurityWeek.
SecurityWeek – Read More
DOJ and FTC Sue TikTok for Violating Children’s Privacy Laws
The U.S. Department of Justice (DoJ), along with the Federal Trade Commission (FTC), filed a lawsuit against popular video-sharing platform TikTok for “flagrantly violating” children’s privacy laws in the country.
The agencies claimed the company knowingly permitted children to create TikTok accounts and to view and share short-form videos and messages with adults and others on the service.
They
The Hacker News – Read More
US Hands Over Russian Cybercriminals in WSJ Reporter Prisoner Swap
Plus: Meta pays $1.4 million in a historic privacy settlement, Microsoft blames a cyberattack for a major Azure outage, and an artist creates a face recognition system to reveal your NYPD “coppelganger.”
Security Latest – Read More
UK Shuts Down ‘Russian Coms’ Fraud Platform Defrauding Millions
The UK’s National Crime Agency has dismantled Russian Coms, a major fraud platform responsible for global financial losses.…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Hackers Exploit Misconfigured Jupyter Notebooks with Repurposed Minecraft DDoS Tool
Cybersecurity researchers have disclosed details of a new distributed denial-of-service (DDoS) attack campaign targeting misconfigured Jupyter Notebooks.
The activity, codenamed Panamorfi by cloud security firm Aqua, utilizes a Java-based tool called mineping to launch a TCP flood DDoS attack. Mineping is a DDoS package designed for Minecraft game servers.
Attack chains entail the exploitation
The Hacker News – Read More