Insecure password leads to Mangatoon data breach
The hugely popular Manga comics platform Mangatoon has fallen victim to a data breach. No fewer than 23 million user accounts could be at risk, thanks to a poorly secured database. Worse still, Mangatoon doesn’t seem to be responding to messages from the breacher, or people notifying it that the breach has taken place. A…
ALPHV Ransomware Gang Creates Searchable Database With Victim Data
Also known as BlackCat and Noberus, ALPHV emerged in November 2021 as the first ransomware family coded using the Rust programming language. To date, the ALPHV cybergang has compromised more than 100 organizations. Likely tied to the cybercrime group behind the Darkside/Blackmatter ransomware, ALPHV operates under the Ransomware-as-a-Service (RaaS) business model, with their affiliates compromising…
Private 5G Network Security Expectations Part 3
Trend Micro conducted a survey on private wireless network security in collaboration with 451 Research, part of S&P Global Market Intelligence, in four countries (Germany, the U.K, Spain, and the U.S.) across the manufacturing, electricity, oil and gas, and healthcare industries. We have introduced this survey’s findings on the expectations for private 5G security and…
BlackCat (aka ALPHV) ransomware is increasing stakes up to $2.5 million in demands
The notorious cybercriminal syndicate competes with Conti and Lockbit 3.0. They introduced an advanced search by stolen victim’s passwords, and confidential documents leaked in the TOR network. Resecurity (USA), a Los Angeles-based cybersecurity company protecting Fortune 500 companies, has detected a significant increase in the value of ransom demand requests by the notorious Blackcat ransomware…
July 2022 Patch Tuesday forecast: A summertime lull?
June 2022 Patch Tuesday wrapped up a few loose ends we were waiting on. The Follina remote code execution vulnerability in the Microsoft Windows Support Diagnostic Tool (MSDT) was fixed. Internet Explorer came to a quiet end in most versions of the Windows 10 operating system. And finally, the Phase 2 update for CVE-2021-26414, the…
TalonWork Mobile empowers organizations to safeguard enterprise assets
Talon Cyber Security introduced TalonWork Mobile, a version of its TalonWork browser made specifically for mobile endpoints. With TalonWork Mobile, customers can extend secure access and control to the mobile endpoints that are used to connect to corporate resources and data, yet are historically unmanaged by organizations. Talon is the first secure enterprise browser provider…
Healthcare organizations targeted with Maui ransomware
A less known ransomware threat dubbed Maui has been and is likely to continue hitting healthcare organizations, a new CISA alert warns. Maui is unusual in many ways: it does not show a ransom note, it does not rely upon external infrastructure to receive encryption keys, and it does not encrypt files and/or systems indiscriminately….
Apple Debuts Spyware Protection for State-Sponsored Cyberattacks
Apple today announced a new feature called Lockdown Mode that automatically locks down any system functionality that could be hijacked by even the most sophisticated, state-sponsored mercenary spyware to compromise a user device. While Apple acknowledged in its statement announcing the initiative that the number of users who might need Lockdown Mode is small, protecting…
Emergency Chrome 103 Update Patches Actively Exploited Vulnerability
The flaw, tracked as CVE-2022-2294, has been described as a heap buffer overflow in WebRTC. The security hole was reported to Google by a member of the Avast Threat Intelligence team on July 1. The zero-day has been patched with the release of Chrome 103.0.5060.114 for Windows. No information has been made available about the…
Hacker Claims Major Chinese Citizens’ Data Theft
A sample of 750,000 entries posted online by the hacker showed citizens’ names, mobile phone numbers, national ID numbers, addresses, birthdays and police reports they had filed. AFP and cybersecurity experts have verified some of the citizen data in the sample as authentic, but the scope of the entire database is hard to determine. Advertised…
