Cyber Insurance Merck Settles NotPetya Insurance Claim, Leaving Cyberwar Definition Unresolved In a landmark case that blurs the lines between cyber and kinetic warfare, Merck reached a settlement with insurers over a $1.4 billion claim... Kevin TownsendJanuary 5, 2024
Mobile & Wireless RIPE Account Hacking Leads to Major Internet Outage at Orange Spain Orange Spain’s internet went down for several hours after its RIPE account was hacked, likely after malware stole the credentials. Eduard KovacsJanuary 4, 2024
Data Breaches Xerox Confirms Data Breach at US Subsidiary Following Ransomware Attack Xerox says personal information was stolen in a cyberattack at US subsidiary Xerox Business Solutions. Ionut ArghireJanuary 3, 2024
ICS/OT States and Congress Wrestle With Cybersecurity After Iran Attacks Small Town Water Utilities The hacking of a municipal water plant is prompting new warnings from U.S. security officials at a time when governments are wrestling with how... Associated PressJanuary 2, 2024
Vulnerabilities Critical Apache OFBiz Vulnerability in Attacker Crosshairs Shadowserver sees possible in-the-wild exploitation of a critical Apache OFBiz vulnerability tracked as CVE-2023-49070. Eduard KovacsDecember 29, 2023
Mobile & Wireless Mysterious Apple SoC Feature Exploited to Hack Kaspersky Employee iPhones iOS zero-click attack targeting Kaspersky iPhones bypassed hardware-based security protections to take over devices. Ionut ArghireDecember 28, 2023
Email Security Chinese Hackers Deliver Malware to Barracuda Email Security Appliances via New Zero-Day Chinese hackers exploited a zero-day tracked as CVE-2023-7102 to deliver malware to Barracuda Email Security Gateway (ESG) appliances. Eduard KovacsDecember 27, 2023
Vulnerabilities Google Rushes to Patch Eighth Chrome Zero-Day This Year Google warns of in-the-wild exploitation of CVE-2023-7024, a new Chrome vulnerability, the eighth documented this year. Ionut ArghireDecember 21, 2023
Ransomware BlackCat Strikes Back: Ransomware Gang “Unseizes” Website, Vows No Limits on Targets The BlackCat/Alphv ransomware group is dealing with the government operation that resulted in website seizures and a decryption tool. Eduard KovacsDecember 20, 2023
Data Breaches Xfinity Customer Data Compromised in Attack Exploiting CitrixBleed Vulnerability Comcast’s Xfinity says customer data, including credentials, were compromised in an attack exploiting the CitrixBleed vulnerability Eduard KovacsDecember 19, 2023
Data Breaches VF Corp Disrupted by Cyberattack, Online Operations Impacted VF Corporation (NYSE: VFC), which owns and operates some of the biggest apparel and footwear brands, has been hit by a ransomware attack that... Ryan NaraineDecember 18, 2023
Data Breaches MongoDB Confirms Hack, Says Customer Data Stolen MongoDB CISO Lena Smart said the company was not aware of any exposure to the data that customers store in the MongoDB Atlas product. Ryan NaraineDecember 17, 2023