Sensitive personal data allegedly stolen from Arnold Clark, one of the United Kingdom’s largest car dealerships, has been posted online by the PLAY ransomware group.
A COPY OF the No Fly List from 2019 has leaked, uncovered by a Swiss cybersecurity researcher and hacktivist who claims to have discovered it on an unsecured internet server belonging to an airline.
Hospital technology giant NextGen Healthcare said it is responding to a cyberattack after a notorious ransomware group added the company to its list of victims. The multibillion-dollar healthcare giant produces electronic health record (EHR) software and practice management systems for hundreds of the biggest hospitals and clinics in the U.S., U.K., India and Canada.
Over 19,000 end-of-life Cisco VPN routers on the Internet are exposed to attacks targeting a remote command execution exploit chain.
By chaining two security flaws disclosed last week, threat actors can bypass authentication (CVE-2023-20025) and execute arbitrary commands (CVE-2023-2002) on the underlying operating system of Cisco Small Business RV016, RV042, RV042G and RV082 routers.
Attackers behind the BlackRock and ERMAC banking trojans are offering another malware for rent, named Hook. It is an ERMAC fork that comes with additional capabilities to access saved files and create a remote interactive session.
The CrySIS/Dharma ransomware family continues to evolve with new versions cropping up in the wild. Following the leak of the source code for one variant, several attackers began repurposing and utilizing new versions of the malware. As a result, encountering new variants of this particular ransomware became frequent.
Threat actors are distributing a new Android malware, named Gigabud, impersonating government agencies, financial institutions, and other organizations from Thailand, Peru, and the Philippines.
The Irish Data Protection Commission (DPC) has fined WhatsApp Ireland €5.5 million ($5.95m) after confirming that the messaging service violated the General Data Protection Regulation (GDPR).