News

WordPress WP Statistics vulnerability

WP Statistics plugin for WordPress exposes database

A vulnerability in the popular WordPress plugin, WP Statistics, allows sensitive data from within the WordPress database to be extracted without logging in. WP Statistics is used by over 600,000 WordPress sites globally and allows site owners to monitor and …

New Zealand Waikato cyberattack

New Zealand Hospital experiences cybersecurity attack

A major cybersecurity attack has brought down Information Systems at a New Zealand hospital in the Waikato region. The attack has caused the closure of all its clinical services today. The cyberattacks are against the Waikato District Health Board (DHB), …

Colonial Pipeline ransomware

Cyberattack shuts down U.S Colonial Pipeline

Developing story, updates below A ransomware attack against one of the U.S. top fuel pipeline operators, Colonial Pipeline, has forced the shutdown of its network, the company said in a statement. Colonial Pipeline provides millions of gallons of gasoline each …

Avaddon Schepisi Telstra Ransomware

Avaddon hackers steal Telstra SIM card data and demand ransom

Ransomware gang, Avaddon, has claimed to have hacked an Australian mobile phone dealer, Schepisi Communications, and are threatening to dump a large cache of stolen data unless a ransom is paid.  The threat comes after Avaddon published a sample of …

Microsoft IoT vulnerabilities

Microsoft warns of vulnerabilities in IoT products

Microsoft security researchers have disclosed a series of IoT (Internet of Things) vulnerabilities that could be used to bypass security controls to execute malicious code or crash a system. The security flaws are due to memory allocation integer overflow bugs …

Flubot Android malware

FluBot malware spreading rapidly on Android devices

A malware attack on Android devices is spreading rapidly across Europe, and there are fears that the attack could spread to other countries. The FluBot Android malware begins as a simple text message with a link to track package delivery. …

UnitingCare Ransomware CyberAttack

UnitingCare Queensland hit by ransomware cyberattack

Australian aged care provider, UnitingCare Queensland, has been hit with a ransomware cyberattack over Anzac weekend. The attack has crippled its IT systems, including staff email and patient management systems, forcing them to revert to manual, paper-based operations. According to …

Apple AirTag

Apple releases AirTag with focus on privacy

Apple has launched a new product at their “Spring Loaded” event called AirTag, which has long been rumored to be in development but has now been added to their product portfolio. Apple AirTag is a simple device that you can …

Monero XMR Botnet Prometei

Botnet exploits Microsoft Exchange vulnerability to mine cryptocurrency

Cybersecurity research firm, Cyberreason, has discovered a botnet that exploits the recently disclosed Microsoft Exchange server vulnerability. The botnet has been seen to be exploiting servers that continue to remain unpatched around the world.  The botnet, called Prometei, was first …

Apple Computer

REvil gang tries to sell stolen plans back to Apple

Cybercrime gang, REvil, has demanded a ransom payment from Apple to prevent the release of stolen confidential documents online. The gang has publicly claimed to have downloaded secret product plans of soon-to-be-released Apple products and is threatening to reveal the plans online unless a significant ransom is paid.

Office 365

Office 365 phishing using fake voicemail messages

An email requesting people listen to a voicemail recording is being used to bypass Microsoft’s protection and compromise their Office 365 account. The email avoids normal detection by attaching an audio file (disguised as a htm file) to the email. …

Codecov data breach

US Investigators probing 2.5 month long Codecov data breach

US Investigators are looking into a data breach at Codecov, a software company that provides code testing solutions with more than 29,000 customers, including customers such as Procter & Gamble, GoDaddy Inc, The Washington Post, and Australian software company Atlassian …

US Russia Solarwinds cyberattack

US blames Russia for SolarWinds cyberattack

On Thursday, the Whitehouse has announced that Russia’s foreign intelligence service, known as SVR, is to blame for the recent SolarWinds cyberattack, which led to compromised versions of the SolarWinds software being installed on thousands of customer’s computers around the …

Facebook Ireland Data Breach

Ireland launches data protection inquiry into Facebook breach

Ireland’s Data Protection Commission (DPC) has opened an inquiry over Facebook’s recent data breach. More than 533 million Facebook users shared personal information on a popular hacker forum earlier this month. The DPC confirmed that they were investigating whether any …

Microsoft Exchange Server Zero Day

Justice department to disrupt exploitation of Microsoft Exchange vulnerabilities

The United States Department of Justice has announced a court-authorized effort to disrupt vulnerable Microsoft Exchange Servers’ ongoing exploitation. The action comes just weeks after the zero-day vulnerability in Microsoft Exchange was made known to the public. “Today’s court-authorized removal …

German regulator halts WhatsApp data collection

German regulator moves to halt WhatsApp data collection

Germany’s top data protection agency is seeking to take action against Facebook to stop collecting personal data from users of the WhatsApp messaging app. The regulator from Germany’s city of Hamburg is seeking an immediate order over concerns that changes …

Who hacked my cheese?

Dutch supermarkets run out of cheese after ransomware attack

A ransomware attack against warehousing and transportation provider Bakker Logistiek has caused a shortage of cheese at Dutch supermarkets. Bakker Logistiek is one of the Netherlands’ largest logistics service providers, supplying air-conditioned warehousing and food transport to many Dutch supermarkets. …

Sant Bot Malware

New malware downloader spotted in the wild stealing credentials

Malwarebytes analysts have discovered a new phishing email attack that contains a compressed archive (zip file) with a PowerShell script. The malware, named ‘Saint Bot,’ was first detected in January 2021 with evidence that the malware is under continuous development. …

Israel Natanz nuclear cyberattack

Israel likely behind the cyber attack at Natanz nuclear plant

Israel defense force chief of staff, Aviv Kohavi, has appeared to confirm involvement in the cyberattack against Iran’s Natanz nuclear plant. In a speech during a memorial ceremony on Jerusalem’s Mount Herzl national cemetery, Kohavi stated that Israel’s “operations in …

LinkedIn 500m user profiles accounts leaked

500M LinkedIn user profiles posted for sale on hacker forum

Only a week after reporting the 533 million Facebook account data leak, LinkedIn has now suffered a data leak of their own. A user of a popular hacker forum has posted a cache of databases of user account profiles from …

Scroll to Top