Volkswagen Data Breach: 800,000 Electric Car Owners’ Data Leaked
Volkswagen has inadvertently exposed the personal information of 800,000 electric vehicle owners, including their location data and contact details.
The breach, which occurred due to a misconfiguration in the systems of Cariad, VW's software subsidiary,...
US to Ban TP-Link Routers, as They Fuel Chinese Cyber Attacks
US authorities are considering a ban on TP-Link routers due to concerns over their potential role in Chinese cyber attacks. The popular router manufacturer, which holds approximately 65% of the US market for home...
CISA Urges Use of End-to-End Encrypted Messaging Services like Signal, Following U.S. Telecoms Hack
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a stark warning to senior government officials and political figures to adopt end-to-end encrypted messaging services like Signal.
This recommendation follows a series of cyber espionage...
CISA Warns of Cleo 0-Day Vulnerability Exploited by Ransomware Gangs
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about a critical vulnerability in Cleo's file transfer software being actively exploited by ransomware gangs.
The vulnerability, initially identified as CVE-2024-50623, affects Cleo...
Citrix NetScaler Devices Under Attack, Brute-force Attacks Exploiting Zero-days
A significant surge in brute-force attacks targeting Citrix NetScaler devices across multiple organizations.
The attacks, primarily originating from a Hong Kong-based cloud provider, are exploiting misconfigured and outdated systems, coinciding with recent critical vulnerability disclosures...
14 North Korean IT Workers Charged, US to Offer $5 Million Rewards for Info
A federal court in St. Louis, Missouri, has indicted 14 North Korean nationals in a sophisticated scheme involving IT workers who allegedly defrauded US companies and funneled millions of dollars to North Korea's weapons...
Chrome Security Update, Patch for 3 High-severity Vulnerabilities
Google has released a critical security update for its Chrome browser, addressing three high-severity vulnerabilities that could potentially expose users to significant risks.
The latest update, version 131.0.6778.139/.140 for Windows and Mac and 131.0.6778.139 for...
Let’s Encrypt to End Support for Online Certificate Status Protocol (OCSP)
Let’s Encrypt, a leading provider of free SSL/TLS certificates, has officially announced its timeline for discontinuing support for the Online Certificate Status Protocol (OCSP) in favor of Certificate Revocation Lists (CRLs).
This decision, driven by...
Romania’s Leading Energy Provider Electrica Group Hit by Ransomware Attack
Electrica Group, one of Romania's most prominent energy service providers, has confirmed it is grappling with a ransomware attack. The cyber incident has prompted the company to activate its emergency response protocols and collaborate...
WAF Vulnerability in Akamai, Cloudflare, and Imperva Affected 40% of Fortune 100 Companies
A recently discovered security vulnerability dubbed "BreakingWAF" in the configuration of web application firewall (WAF) services has left numerous Fortune 1000 companies vulnerable to cyberattacks, according to Zafran, a leading cybersecurity research team.
The...