Illinois Hospital Blames Ransomware Attack for Unprecedented Closure
St. Margaret’s Health in Spring Valley, Illinois, will permanently shut down as a result of a debilitating cyberattack, making it the first hospital to publicly attribute its closure to criminal hackers. The hospital’s parent organisation, SMP Health, had previously announced plans to close due to various factors, including the cyberattack, staff shortages, and the ongoing […]
Zero-Day Alert: Google Issues Patch for New Chrome Vulnerability – Update Now!
On Monday 5th June 2023, Google released security updates to patch a high-severity flaw in its Chrome web browser that it said is being actively exploited in the wild. Tracked as CVE-2023-3079, the vulnerability has been described as a type confusion bug in the V8 JavaScript engine. Clement Lecigne of Google’s Threat Analysis Group (TAG) has […]
SAS Airlines hackers ransom demand up again – now $10M
Anonymous Sudan, the pro-Russian hacker group that has been targeting SAS Airlines for more than a week, has increased its ransom demand again – this time to $10 million. The hacktivist gang has been bullying Scandinavian Airlines with intermittent attacks, knocking the SAS website and app offline at various hours of the day, since May 24th. What […]
Predator Android Spyware Researchers Uncover New Data Theft Capabilities
Security researchers have detailed the inner workings of the commercial Android spyware called Predator, which is marketed by the Israeli company Intellexa (previously Cytrox). Predator was first documented by Google’s Threat Analysis Group (TAG) in May 2022 as part of attacks leveraging five different zero-day flaws in the Chrome web browser and Android. The spyware, which is delivered […]
Legion Malware Upgraded to Target SSH Servers and AWS Credentials
An updated version of the commodity malware called Legion comes with expanded features to compromise SSH servers and Amazon Web Services (AWS) credentials associated with DynamoDB and CloudWatch. “This recent update demonstrates a widening of scope, with new capabilities such the ability to compromise SSH servers and retrieve additional AWS-specific credentials from Laravel web applications,” […]
Data Stealing Malware Discovered in Popular Android Screen Recorder App
Google has removed a screen recording app named “iRecorder – Screen Recorder” from the Play Store after it was found to sneak in information stealing capabilities nearly a year after the app was published as an innocuous app. The app (APK package name “com.tsoft.app.iscreenrecorder”), which accrued over 50,000 installations, was first uploaded on September 19, […]
LoughTec Security Operations Centre stops hack on well known NI-based Contractor on day 1
Serious Unpatched Vulnerability Uncovered in Popular Belkin Wemo Smart Plugs
The second generation version of Belkin’s Wemo Mini Smart Plug has been found to contain a buffer overflow vulnerability that could be weaponised by a threat actor to inject arbitrary commands remotely. The issue, assigned the identifier CVE-2023-27217, was discovered and reported to Belkin on January 9, 2023, by Israeli IoT security company Sternum, which reverse-engineered the […]
Discord discloses data breach after support agent got hacked
Discord is notifying users of a data breach that occurred after the account of a third-party support agent was compromised. The security breach exposed the agent’s support ticket queue, which contained user email addresses, messages exchanged with Discord support, and any attachments sent as part of the tickets. Discord says it immediately addressed the breached […]
U.K. Fraudster Behind iSpoof Scam Receives 13-Year Jail Term for Cyber Crimes
A U.K. national responsible for his role as the administrator of the now-defunct iSpoof online phone number spoofing service has been sentenced to 13 years and 4 months in prison. Tejay Fletcher, 35, of Western Gateway, London, was awarded the sentence on May 18, 2023. He pleaded guilty last month to a number of cyber offences, including facilitating […]