Cyber Security

The Groveport Madison School District in Columbus, Ohio, has reported a significant cybersecurity incident that occurred on Tuesday, leading to substantial disruptions within its network. The ransomware group BlackSuit successfully infiltrated two of the district’s servers, causing widespread issues that affected Windows-based devices, file services, and printer/copier functions. However, the district’s phone systems remained...

Nissan, the renowned Japanese automobile manufacturer, has confirmed a cybersecurity breach affecting its computer networks in Australia and New Zealand. The company disclosed the incident on Wednesday, stating that it has engaged with cybersecurity experts to determine the scope of the breach and the potential exposure of sensitive customer data. Authorities in both countries...

Austal USA, the American subsidiary of the Australian shipbuilding company and defense contractor, has confirmed a cyberattack following claims by the Hunters International ransomware group that they breached the company’s systems. Austal USA is known for its contracts with the U.S. Department of Defense (DoD) and the Department of Homeland Security (DHS), including the...

A significant security lapse has been identified in the GST Invoice Billing Inventory app, a widely-used business accounting application for small and medium-sized enterprises. The app, which has amassed over 1 million downloads, inadvertently left a database unprotected, resulting in the exposure of sensitive personal and corporate data. The GST Invoice Billing Inventory app, formerly...

In a recent development, academic researchers have unveiled a novel side-channel attack, dubbed SLAM, which poses a threat to the security of computer processors from leading manufacturers such as Intel, AMD, and Arm. The SLAM attack, which stands for Spectre based on Linear Address Masking, is designed to exploit hardware features intended to bolster...

Meta has officially launched end-to-end encryption (E2EE) for individual chats and calls in Messenger, marking a significant milestone in the company's privacy push. "This update represents the culmination of years of work and significant re-engineering of the platform," said Loredana Crisan, vice president of Messenger at Meta. The new default encryption will provide an extra layer...

Popular messaging tools like WhatsApp, Telegram, Teams, and Slack are presenting new mobile and web application vulnerabilities for organizations, according to a recent report by cybersecurity company SafeGuard Cyber. The 2023 Business Communication Risk Report indicates that nearly half (42%) of organizations have experienced new security incidents linked to employees using messaging apps on their...

A critical vulnerability in Citrix NetScaler web application delivery control and NetScaler Gateway appliances, known as Citrix Bleed (CVE-2023-4966), has been linked to cyberattacks against government and critical infrastructure organizations. The vulnerability allows attackers to bypass authentication and multifactor authentication, leading to session hijacking and potential data breaches. A recent joint advisory issued by the...

K-12 schools and colleges in several states, including Maine, Indiana, and Georgia, have recently been targeted by ransomware attacks, leading to outages and data leaks. This is a continuation of a trend that has seen educational institutions across the nation impacted throughout the year. Henry County Schools, a district serving over 44,000 students in Georgia,...

North Korean hackers have been accused of stealing sensitive data from South Korean defense companies, including information on advanced anti-aircraft weapons systems. The group, known as Andariel, reportedly stole 1.2 terabytes of data and extorted over $350,000 in ransom from various organizations. The Seoul Metropolitan Police Agency, in a joint investigation with the Federal Bureau...

Florida's St. Johns River Water Management District confirmed a recent cyberattack, adding to concerns about nation-state threats to critical infrastructure nationwide. The agency, responsible for managing the state's water resources, identified suspicious activity and implemented containment measures. The attack comes amidst warnings from U.S. officials about Iranian hackers targeting Unitronics programmable logic controllers (PLCs) used...

Tipalti, a California-based accounts payable software vendor, is investigating a ransomware attack claimed by the AlphV ransomware group. AlphV alleges gaining access to confidential information belonging to Tipalti and its customers since September 8th, stealing over 265 gigabytes of data. AlphV further claims an insider facilitated the attack and contacted specific Tipalti customers, including Roblox,...

A cyber attack originating from Iran has targeted several civilian infrastructure operations in Pennsylvania, including a water treatment facility outside Pittsburgh. The incident, which compromised multiple organizations, prompted a warning from the Cybersecurity and Infrastructure Security Agency (CISA). While the hackers primarily sought to damage the reputation of the targeted company, the attack raises concerns...

Japanese carmaker Nissan is investigating a cyber attack targeting its systems in New Zealand and Australia. The attack may have exposed customers' personal information. Nissan released a statement on its website, notifying customers of the incident and advising them to remain vigilant. The company's global incident response team is working with cybersecurity authorities in both...

The U.S. Department of Health and Human Services (HHS) is cautioning healthcare facilities nationwide about the exploitation of the "Citrix Bleed" vulnerability, urging immediate patching to thwart ransomware gangs' attacks targeting hospitals and healthcare providers. The vulnerability, CVE-2023-4966, affects Citrix's NetScaler ADC and NetScaler Gateway appliances utilized for network traffic management. Notably, this flaw has...