GitHub: How Stolen OAuth Tokens Helped Breach Dozens of Orgs GitHub has shared a timeline of this month’s security breach when a threat actor gained access to and stole private repositories belonging to dozens of organizations. The attacker used stolen OAuth app tokens issued to Heroku and Travis-CI to breach Read more…
QNAP Warns Users to Disable AFP Until it Fixes Critical Bugs Taiwanese corporation QNAP has asked customers this week to disable the AFP file service protocol on their network-attached storage (NAS) appliances until it fixes multiple critical Netatalk vulnerabilities. Netatalk is an open-source implementation of AFP (short for Apple Filing Read more…
Microsoft Says Russia Hit Ukraine with Hundreds of Cyberattacks Microsoft has revealed the true scale of Russian-backed cyberattacks against Ukraine since the invasion, with hundreds of attempts from multiple Russian hacking groups targeting the country’s infrastructure and Ukrainian citizens. These attacks also include the use of destructive malware designed to Read more…
The Week in Ransomware – April 29th 2022 – New Operations Emerge This week we have discovered numerous new ransomware operations that have begun operating, with one appearing to be a rebrand of previous operations. The Quantum ransomware gang has seen an uptick in victims, with a report showing that Read more…
Windows 11 Gets New Group Policies to Tweak the Start Menu Microsoft has released a new Windows 11 build to the Dev and Beta Channels that introduces multiple group policies that IT administrators can use to tweak the Start menu, the taskbar, and the system tray. These newly added group Read more…
Online Library App Onleihe Faces Issues After Cyberattack on Provider Library lending app Onleihe announced problems lending several media formats offered on the platform, like audio, video, and e-book files, after a cyberattack targeted their vendor. Onleihe is an app that allows users to connect to your local libraries and borrow Read more…
Google Gives 50% Bonus to Android 13 Beta Bug Bounty Hunters Google has announced that all security researchers who report Android 13 Beta vulnerabilities through its Vulnerability Rewards Program (VRP) will get a 50% bonus on top of the standard reward until May 26th, 2022. Bug hunters can get a Read more…
India to Require Cybersecurity Incident Reporting Within Six Hours The Indian government has issued new directives requiring organizations to report cybersecurity incidents to CERT-IN within six hours, even if those incidents are port or vulnerability scans of computer systems. This requirement was promoted by India’s Computer Emergency Response Team (CERT-In), who states Read more…
Russian Hacktivists Launch DDoS Attacks on Romanian Govt Sites The Romanian national cyber security and incident response team, DNSC, has issued a statement about a series of distributed denial-of-service (DDoS) attacks targeting several public websites managed by the state entities. The attack has been claimed by a pro-Russian group calling Read more…
New Bumblebee Malware Replaces Conti’s BazarLoader in Cyberattacks A newly discovered malware loader called Bumblebee is likely the latest development of the Conti syndicate, designed to replace the BazarLoader backdoor used to deliver ransomware payloads. The emergence of Bumblebee in phishing campaigns in March coincides with a drop in using Read more…
Let us help you out.
Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!
Powered by WhatsApp Chat
