Website of Israel's largest oil refinery operator, BAZAN Group is inaccessible from most parts of the world as threat actors claim to have hacked the Group's cyber systems. The Haifa Bay-based BAZAN Group, formerly Oil Refineries Ltd., generates over $13.5 billion in annual revenue and employs more than 1,800 people.
Canadian heart monitoring and medical electrocardiogram solutions provider CardioComm this week announced it has taken systems offline following a cyberattack.
Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to WebbsitePlanet a non-password protected database that contained 680k records. Upon further investigation, it was identified that these records were related to educational institutions. Documents inside the database suggested that it belonged to the Southern Association of Independent Schools, Inc (SAIS).
Multiple security vulnerabilities have been disclosed in the Ninja Forms plugin for WordPress that could be exploited by threat actors to escalate privileges and steal sensitive data. The flaws, tracked as CVE-2023-37979, CVE-2023-38386, and CVE-2023-38393, impact versions 3.6.25 and below, Patchstack said in a report last week. Ninja Forms is installed on over 800,000 sites.
Hackers are actively exploiting a 'BleedingPipe' remote code execution vulnerability in Minecraft mods to run malicious commands on servers and clients, allowing them to take control of the devices. BleedingPipe is a vulnerability found in many Minecraft mods caused by the incorrect use of deserialization in the 'ObjectInputStream' class in Java to exchange network packets between servers and clients.
The P2PInfect peer-to-peer (P2) worm has been observed employing previously undocumented initial access methods to breach susceptible Redis servers and rope them into a botnet.
MalwareHunterTeam recently uncovered a new variant of Abyss Locker ransomware specifically designed to target Linux-based VMware ESXi servers. This variant is a part of the larger Abyss ransomware family, which has been active since 2019, targeting various platforms and systems.
More details have emerged about a botnet called AVRecon, which has been observed making use of compromised small office/home office (SOHO) routers as part of a multi-year campaign active since at least May 2021.
The rumour mill for the upcoming iPhone 15 series is swirling fast as new leaks have shed light on some exciting changes coming to the upcoming flagship, ranging from reduced bezel size to a new charging port.
The service, called NASA Plus, will livestream NASA missions. It will also feature original video series, including new shows being produced for the streaming service.