Data Breach

The Russia-linked ransomware group LockBit has claimed responsibility for a cyberattack on Indian pharmaceutical giant Granules India, and published portions of the data it allegedly stole. LockBit’s dark web leak site listed Granules India as one of its latest victims on Wednesday, according to a listing seen by TechCrunch. Granules …

Fortinet on Monday warned customers that a recently patched vulnerability, tracked as CVE-2023-27997, could be a zero-day flaw that has been exploited in limited attacks. The vulnerability, which is a critical heap-based buffer overflow in the SSL-VPN module, can allow a remote hacker to execute arbitrary code or commands using …

VMware has released security updates to fix a trio of flaws in Aria Operations for Networks that could result in information disclosure and remote code execution. The most critical of the three vulnerabilities is a command injection vulnerability tracked as CVE-2023-20887 (CVSS score: 9.8) that could allow a malicious actor with network access to …

Staff reporter: International media reported that the information of a Bangladeshi health care institution has been leaked. Where it is said, a hacker group named “Siegeed Sec” has gained access to the network of the organization called Telerad Bangladesh. As a result, the company’s important information, databases are under threat. …

Researchers at firmware and hardware security company Eclypsium discovered that hundreds of motherboard models made by Taiwanese computer components giant Gigabyte include backdoor functionality that could pose a significant risk to organizations. The backdoor was discovered by Eclypsium based on behavior associated with the functionality, which triggered an alert in …

Samsung smartphone users have been warned by the vendor and the US Cyber security and Infrastructure Security Agency (CISA) about a vulnerability that is being actively exploited in attacks. The vulnerability, which is tracked as CVE-2023-21492, is a kernel pointer exposure issue related to log files. It can allow a …

North Korean hackers have stolen $721 million from Japan since 2017, accounting for 30% of the crypto thefts worldwide. According to a study by a U.K.-based compliance specialist, North Korea employs hacking and ransomware to steal crypto assets, especially in Japan, Vietnam and Hong Kong, the leading Asian crypto hubs. North Korean Hackers Eye …

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned today of a critical remote code execution (RCE) flaw in the Ruckus Wireless Admin panel actively exploited by a recently discovered DDoS botnet. While this security bug (CVE-2023-25717) was addressed in early February, many owners are likely yet to patch their …

The LockBit 3.0 ransomware group on Monday leaked 600 gigabytes of critical data stolen from Indian lender Fullerton India, two weeks after the group demanded a $3 million ransom from the company. Fullerton India said on April 24 that it had suffered a malware attack that forced it to temporarily operate offline …

MSI attackers leaked the company’s firmware image signing keys, a crucial component for differentiating between legitimate and malicious updates. Over 200 MSI products are believed to be exposed. Researchers have identified leaked firmware image signing keys and Intel’s BootGuard for MSI products. According to Alex Matrosov, CEO of firmware supply …