Microarchitectural side-channel attacks misuse shared processor state to transmit information between security domains. Although they can be used in isolation, they are frequently employed as building blocks for more sophisticated attacks such as Spectre, which uses side channels to achieve co…
Category: Cyber Attack
DailyDarkWeb researchers recently detected the emergence of a new ransomware group dubbed SpaceBears. Some of the targets of SpaceBears include prominent organizations such as Thinkadam, Fliesenstudio am Rhein, Fifisystems, Surewerx USA, SM EMBALLAGE, Mr Bean, and CORTEX Chiropractic. These attacks pose potential dangers that could significantly disrupt the business continuity of…
In a startling revelation, a security breach at Spanish bank EvoBanco has exposed a series of lapses in data protection, put the data of millions of customers at risk. The attack begins with the discovery of a vulnerability in the bank’s registration process, allowing unrestricted access to user data through GET…
Czech cybersecurity software leader Avast has been hit with a hefty $14.8 million fine by the Czech Republic’s Office for Personal Data Protection (ÚOOÚ) for alleged violations of the European Union’s General Data Protection...
The post Avast Faces $14.8 Million Penalty for Data Protection Violations appeared first on Penetration Testing….
Reports emerge of a significant security breach as a threat actor alleges to be selling a database purportedly containing 49 million customer records from Dell, a leading technology company. The alleged data encompasses information on systems purchased from Dell between 2017 and 2024, comprising a comprehensive repository of customer details. The…
Financial Business and Consumer Solutions (FBCS) suffered a data breach that exposed information 2 million individuals. Debt collection agency Financial Business and Consumer Solutions (FBCS) disclosed a data breach that may have impacted 1,955,385 individuals. FBCS, a third-party debt collection agency, collects personal information from its clients to facilitate debt collection…
The Los Angeles County Department of Health Services reported a data breach that exposed thousands of patients’ personal and health information. The Los Angeles County Department of Health Services disclosed a data breach that impacted thousands of patients. Patients’ personal and health information was exposed after a phishing attack impacted over…
In a recent development, QNAP, a leading manufacturer of network attached storage (NAS) devices, has identified three critical vulnerabilities within its suite of NAS software products. These vulnerabilities, if exploited, could have severe implications, prompting an urgent call to action from QNAP to its user base. Identifying the Vulnerabilities The vulnerabilities…
The KaliHunt group, Russian hacker groups, has allegedly a string of Distributed Denial of Service (DDoS) attacks target on several US airports and Baltic countries. The group made announcements about these attacks through their telegram channel. Among the targeted US airports are Philadelphia, Jacksonville, Grand Forks, Portland, Missouri, Long Beach, Durango,…
Threat Actor Selling Exploit: Claims Access to Customer Data from Apple, Samsung, and 100+ Companies
Allegedly, a threat actor has put up for sale an exploit that provides customer information from purchases made by 100+ companies (such as Apple, Hp, Huawei, Samsung, Lenovo, Dell, and many others popular companies). The data includes billing and shipping addresses, serial numbers, company names, account numbers, phone numbers, tracking numbers…
Threat actors accessed more than 19,000 online accounts on a California state platform for welfare programs. Threat actors breached over 19,000 online accounts on a California state platform dedicated to welfare programs. Officials reported that the security breach occurred on February 9, when someone logged into some BenefitsCal users’ accounts. Threat…
In a recent announcement, a new botnet known as Coconut has emerged in the cyber threat landscape, boasting an array of formidable capabilities. The features of this botnet include Layer 4 servers with a bandwidth ranging from 100 to 200G, ensuring reliable bypasses through Layer 4 defenses. Marketed as the “best…
Reports emerge of a concerning development as a threat actor alleges to be offering for sale the database and source code of Lucky, a prominent app for credit products, renowned for its offerings and cashback services in Egypt. Developed by Dsquares, Lucky boasts over 5 million installs across various platforms, establishing…
Moldova faces a grave cybersecurity threat as Russian hacker groups launch coordinated attacks, targeting critical government institutions and services. ZulikGroup, in collaboration with NoName057(16), claims to have breached several key resources in Moldova, including the Ministry of Economics, Ministry of Finance, Defense Department, Ministry of Education, and Ministry of Culture. The…
A significant data breach has been reported at Kintetsu World Express, Inc. (KWE), a major Japanese freight forwarding company, with ramifications extending across its global operations. The breach, claimed by a threat actor identified as 888, has resulted in the leakage of sensitive information from the company’s First Freight CRM Billing…