Month: October 2022

Malware & Threats

Issued by: Security Week

The two, Eric Meiggs, 24, of Brockton, and Declan Harrington, 22, of Beverly, employed SIM swapping, computer hacking, and other techniques as part of their nefarious activities, the US Department of Justice says. According to documents presented in court, the two targeted executives of cryptocurrency companies and individuals who had large amounts of cryptocurrency or…

Vulnerabilities

Issued by: Security Week

WordPress 6.0.3 fixes nine stored and reflected cross-site scripting (XSS) vulnerabilities, as well as open redirect, data exposure, cross-site request forgery (CSRF), and SQL injection flaws. WordPress security company Defiant has shared a description of each vulnerability. Four of them have a ‘high severity’ rating, and the rest have ‘medium’ or ‘low’ severity. “We have…

Network Security

Issued by: Security Week

Cybersecurity Awareness Month, which was previously known as National Cybersecurity Awareness Month, is in its 19th year. Launched under the guidance of the U.S. Department of Homeland Security and the National Cyber Security Alliance (NCSA), it aims to help Americans stay safe and secure online. This year’s campaign theme – See Yourself in Cyber –…

Network Security, Software Security

Issued by: Security Week

Active since at least 2007 and also tracked as APT41, Barium, Blackfly, Double Dragon, Wicked Panda, and Wicked Spider, the Winnti Group is believed to be formed of multiple subgroups engaging in both cyberespionage and financially motivated operations. As part of a campaign ongoing since early August, the threat actor has been deploying various payloads…

Malware & Threats

Issued by: Security Week

In a data breach notification published on its website, Keystone is disclosing a cybersecurity incident identified on August 19 and which has resulted in the disruption of some systems. The healthcare provider says it immediately launched an investigation into the incident, which discovered that certain patient information might have been compromised. “Our investigation found that…

Software Security

Issued by: Security Week

The funding round was led by AlbionVC, with participation from Forward Partners, Gapminder, Innovate UK, and TriplePoint Capital. Founded in 2019, the London, UK-based company proposes a new approach to security awareness training. The company’s SaaS solution helps organizations identify and manage human risk, to improve employee behavior. The platform combines human intelligence with data…

Malware & Threats

Issued by: Security Week

Initially observed last week, the activity surrounding the new malware family, which labels itself Prestige, does not appear to be connected with any of the ransomware or threat groups that Microsoft currently tracks, and is currently referred to as DEV-0960. However, the tech giant warns of potential overlaps with previously observed Russian state-sponsored activity through…

Malware & Threats

Issued by: Security Week

Woolworths acquired 80% of the MyDeal online marketplace in September, but says MyDeal systems are completely separate from its own systems, which have not been impacted by the incident. According to the company, a threat actor leveraged a user’s compromised credentials to access the MyDeal customer relationship management (CRM) system. This gave the attacker access…