BOCRA website




New High-Severity Vulnerabilities Discovered in Cisco IOx and F5 BIG-IP Products

                                                     LATEST CYBER HACKS 


TruthFinder, Instant Checkmate confirm data breach affecting 20M customers

PeopleConnect, the owners of the TruthFinder and Instant Checkmate background check services, confirmed they suffered a data breach after hackers leaked a 2019 backup database containing the info of millions of customers.


Data breach at Vice Media involved SSNs, financial info

A data breach involving Vice Media leaked the sensitive information and financial data of more than 1,700 people, according to filings with Maine’s Attorney General. In two separate filings on January26 and 31, Vice Media said it was alerted in March 2022 that there was a cyberattack on its network. 


Dutch, European Hospitals ‘Hit by Pro-Russian Hackers

Dutch cyber authorities said Wednesday that several hospital websites in the Netherlands and Europe were likely targeted by a pro-Kremlin hacking group because of their countries’ support for Ukraine. The UMCG hospital in the northern Dutch city of Groningen, one of the largest in the country, saw its website crash in a cyberattack on Saturday.



GoAnywhere MFT Users Warned of Zero-Day Exploit

The GoAnywhere MFT is made by Fortra, known until recently as HelpSystems, and it’s designed to enable organizations to automate and secure the exchange of data with their trading partners.

Cybersecurity blogger Brian Krebs broke the news about the zero-day vulnearbility on Thursday, saying that the company had temporarily implemented a service outage in response.


Atlassian's Jira Service Management Found Vulnerable to Critical Vulnerability

Atlassian has released fixes to resolve a critical security flaw in Jira Service Management Server and Data Center that could be abused by an attacker to pass off as another user and gain unauthorized access to susceptible instances.



Massive ESXiArgs ransomware attack targets VMware ESXi servers worldwide

Admins, hosting providers, and the French Computer Emergency Response Team (CERT-FR) warn that attackers actively target VMware ESXi servers unpatched against a two-year-old remote code execution vulnerability to deploy a new ESXiArgs ransomware.


Nevada Ransomware: Another Feather in the RaaS Ecosystem

Resecurity discovered a relatively recent ransomware family called Nevada Ransomware. Its creators have an affiliate program that was initially launched on the RAMP underground community, known for hosting IABs and other cybercriminal groups.


FormBook Malware Spreads via Malvertising Using MalVirt Loader to Evade Detection

An ongoing malvertising campaign is being used to distribute virtualized .NET loaders that are designed to deploy the FormBook information-stealing malware.

                               GENERAL NEWS


IT Leaders Reveal Cyber Fears Around ChatGPT

The majority (51%) of security leaders expect ChatGPT to be at the heart of a successful cyber-attack within a year, according to new research by BlackBerry. The survey of 1500 IT decision makers across North America, the UK and Australia also found that 71% believe nation-states are likely to already be using the technology for malicious purposes against other countries.


Why Attackers Target the Financial Services Industry

The financial services industry is consistently the most targeted industry across the board. It accounts for 28% of all the attack attempts Imperva tracks, by far the largest percentage. By comparison, the next largest industry is the business sector, at 14%. As cybercrime grows, the financial services industry will continue to be a lucrative target.