RansomwareQilin ransomware group blamed for attack disrupting London hospitalsLaura FrenchJune 5, 2024The RaaS group leverages double extortion and tends to target large enterprises and healthcare.
Cloud SecuritySnowflake says users with single-factor authentication targeted in attackShaun NicholsJune 5, 2024The cloud IT service provider acknowledged a threat actor accessed demo accounts via stolen credentials.
RansomwareRansomware report finds 43% of data unrecoverable after attackLaura FrenchJune 4, 2024More than 80% of organizations surveyed paid a ransom, but a third still did not recover their data.
AI/MLAI firm Hugging Face discloses leak of secrets on its Spaces platformLaura FrenchJune 3, 2024The AI company revoked exposed tokens and made several security changes in response.
AI/MLOpenAI report reveals threat actors using ChatGPT in influence operationsLaura FrenchMay 31, 2024The report details OpenAI’s disruption of the deceptive campaigns, which had minimal public impact.
Application securityNearly 6M WordPress sites may be affected by bugs in 3 plug-insSteve ZurierMay 31, 2024Fastly says the bugs are prone to unauthenticated XXS attacks that let threat actors inject malicious scrips via WordPress plug-ins.
Network SecurityFBI takes down 911 S5 botnet, ‘likely the world’s largest’ at 19M IPsLaura FrenchMay 30, 2024The botnet’s alleged operator was arrested last week and faces up to 65 years in prison.
IdentityOkta says Customer Identity Cloud prone to credential-stuffing attacksSteve ZurierMay 30, 2024Security pros say these type of disclosures by Okta could harm overall confidence in the short-term, but could also speed-up adoption of passwordless options.
Network SecurityCheck Point patches VPN 0-day exploited to target enterprisesLaura FrenchMay 29, 2024Exploitation attempts focused mostly on old local accounts with password-only authentication.
RansomwareNorth Korea’s ‘Moonstone Sleet’ targets victims with malicious toolsSteve ZurierMay 29, 2024Microsoft says the group leverages social-engineering techniques and has developed its own malware.