International

Bitdefender has released a decryptor for the ShrinkLocker ransomware after months of concern from responders regarding attacks involving this malware. Bitdefender released a detailed blog explaining how a ransomware strain utilizes Microsoft’s BitLocker to encrypt files and removes recovery options. “ShrinkLocker is a novel ransomware strain that leverages a unique …

Russia’s media censor, Roskomnadzor, has blocked thousands of local websites using Cloudflare’s encryption feature that enhances online privacy and security. Local media reports indicate that several websites were blocked overnight on October 6. These sites use Cloudflare’s Encrypted Client Hello (ECH) feature, which enhances user privacy by making it harder …

Advertisement for selling the credentials of allegedly belonging to Indian government emails surfaced on the dark web marketplace. A hacker on a private forum claims that purchasing access to these government email accounts can make anyone willing to pay a few thousand rupees “become” a government officer. The forum post …

Interbank, a major financial institution in Peru, has confirmed a data breach after a hacker leaked stolen data online. Formerly the International Bank of Peru, the company offers financial services to over 2 million customers. “To our clients: We regret this situation and understand the inconvenience this may cause you. …

The US Cybersecurity and Infrastructure Security Agency (CISA) has released its first international strategic plan to enhance global cooperation in addressing cyber threats to critical infrastructure. The plan recognizes that cyber risks are complex and spread across different regions, highlighting the importance of quickly sharing threat information and risk reduction …

Cybersecurity researcher Jeremiah Fowler found a non-password-protected database with 115,000 records linked to the UN Trust Fund to End Violence against Women. This fund aims to prevent violence against women and girls by supporting organizations that address gender-based violence and promote women’s rights. The unprotected database contained sensitive financial reports, …

The Internet Archive was breached again, this time through their Zendesk email support platform, following warnings that threat actors had stolen exposed GitLab authentication tokens. Bleeping computer reported, Since last night, the authority received numerous messages from people who received replies to their old Internet Archive removal requests, warning that …

ISACA 2024 survey report reveals that 66% of cybersecurity professionals find their jobs more stressful now than five years ago. The annual study, sponsored by Adobe, showcases the feedback of more than 1,800 cybersecurity professionals on topics related to the cybersecurity workforce and threat landscape. According to the data, the …

On October 1, 2024, CISA released two advisories regarding Industrial Control Systems (ICS), highlighting current security issues, vulnerabilities, and exploits in the field. ICSA-24-275-01 Optigo Networks ONS-S8 Spectra Aggregation Switch: Successful exploitation of these vulnerabilities could allow an attacker to achieve remote code execution, arbitrary file upload, or bypass authentication. …

The National Institute of Standards and Technology (NIST) has issued new guidelines for password security, representing a major change from standard practices. These new recommendations, outlined in NIST Special Publication 800-63B, aim to enhance cybersecurity while improving user experience. NIST has changed its approach to password complexity. Instead of requiring …