It seems like not a day goes by where we don’t hear about a local government cyberattack. Indeed, from 911 call centers to public schools, cyberattacks on local governments are as common as they are devastating. Just how often do threat actors attack local governments? A survey of 14 mainly larger US local governments found…

Cybercriminals wielding the FARGO (aka Mallox, aka TargetCompany) ransomware are targeting Microsoft SQL (MS SQL) servers, AhnLab’s ASEC analysis team has warned. They haven’t pinpointed how the attackers are getting access to the targeted servers, but noted that typical attacks targeting database servers include brute force and dictionary attacks aimed at ferreting out the passwords…

Ukrainian authorities say they have taken down a pro-Russia hacking group that compromised user accounts and then sold them for profit on dark web portals. According to the cyber department of Ukraine’s Security Service (SSU), the hackers targeted user accounts of individuals in Ukraine and across Europe. Leveraging the unauthorized access, the hackers harvested the…

Both companies have confirmed being breached. Uber admitted that a hacker used compromised employee credentials to access internal tools, but downplayed impact, insisting that development systems, user accounts, and sensitive information were not accessed. In the case of Rockstar, the hacker leaked videos recorded during the development of the upcoming Grand Theft Auto (GTA) 6…

We’re witnessing a new malicious mass-mailing campaign aimed at company employees using Agent Tesla spyware attachments. This time, when creating their e-mail messages, the attackers pay special attention to detail — so that their messages can really be mistaken for regular business e-mails with attached documents. Their final goal is to trick the recipient into…

The Identity Theft Resource Center (ITRC) has published a research that shows nearly 40 percent of ITRC victims say their personal information was stolen, compromised or misused in the past year. The report goes beyond the known financial implications of identity crimes and explores the lost opportunities as well as the emotional, physical and psychological…

The vulnerability in question is CVE-2007-4559, initially described as a directory traversal vulnerability in Python’s ‘tarfile’ module that could allow an attacker to remotely overwrite arbitrary files by convincing users to process specially crafted tar archives. The flaw was never properly patched and instead users were warned not to open archive files from untrusted sources….

Referred to as #AttachMe and mentioned in Oracle’s July 2022 Critical Patch Update, the vulnerability could have exposed sensitive data to attackers knowing the victim’s Oracle Cloud Identifier (OCID). “OCI customers could have been targeted by an attacker with knowledge of #AttachMe. Any unattached storage volume, or attached storage volumes allowing multi-attachment, could have been…