A criminal hacking group claims to have stolen the World-Check database with millions of records. The database is used by companies to check if potential customers have connections to financial crime or sanctions. The group called GhostR stole 5.3 million records from the World-Check database in March and are threatening …

Cisco has issued security advisories for vulnerabilities in the Cisco integrated management controller. These vulnerabilities could allow a remote cyber threat actor to gain control of a compromised system. Cisco Integrated Management Controller CLI Command Injection Vulnerability:  A vulnerability in the CLI of the Cisco Integrated Management Controller (IMC) could …

Frontier Communications, a Texas-based telecom company, reported a cyberattack to the Securities and Exchange Commission. The company offers internet services in over 25 states and had $5.75 billion in revenues in 2023. The company said it detected unauthorized access to its IT systems on April 14 and began instituting “containment …

CISA, FBI, Europol’s EC3, and NCSC-NL released a joint Cybersecurity Advisory called #StopRansomware: Akira Ransomware. It shares known tactics, techniques, and procedures of Akira ransomware, as well as indicators of compromise from FBI investigations up until February 2024. Akira threat actors started with Windows systems but shifted to Linux for …

Oracle announced 441 new security patches for its April 2024 Critical Patch Update, with over 200 of them fixing flaws that could be exploited by remote, unauthenticated attackers. Oracle’s advisory reported that about 230 unique CVEs were found in Oracle’s April 2024 CPU, with over 30 security patches addressing critical-severity …

18 companies in Sweden pretended to be legitimate data centers for AI or other activities, but actually evaded taxes and exploited tax incentives to mine cryptocurrency. The Swedish tax agency Skatteverket is requiring almost 1 billion kronor ($91 million) in extra taxes. The Swedish Tax Agency audited 21 companies running …

CISA released four advisories about Industrial Control Systems (ICS) on April 16, 2024. They contain important information about security issues, vulnerabilities, and exploits related to ICS. ICSA-24-107-01 Measuresoft ScadaPro ICSA-24-107-02 Electrolink FM/DAB/TV Transmitter ICSA-24-107-03 Rockwell Automation ControlLogix and GuardLogix ICSA-24-107-04 RoboDK RoboDK CISA encourages users and administrators to review the …

Utilizing Fortinet’s FortiClient EMS a news campaign has emerged. According to Vedere labs of forescout’s report this campaign leverages a critical vulnerability identified as CVE-2023-48788 and The campaign has been active since at least 2022 as stated the report. CVE-2023-48788: According to the official documentation, FortiClient Enterprise Management Server (EMS) …

The NSA AISC recently released a cybersecurity information sheet called “Deploying AI Systems Securely”. This sheet was developed in partnership with CISA, the FBI, ASD ACSC, CCCS, NCSC-NZ, and NCSC-UK. The guidance provides best practices for deploying and operating externally developed artificial intelligence (AI) systems and aims to: Improve the …

LightSpy mobile espionage campaign, which focuses on targets in Southern Asia and probably India, potentially indicating a renewed focus and grow tensions in the region. VirusTotal submissions from India suggest potential victims within its borders, aligning with recent warnings by Apple on detections within the same country. Technical Details: Infection …