Month: October 2023

QNAP took down a malicious server used in widespread brute-force attacks targeting Internet-exposed NAS (network-attached storage) devices with weak passwords. […]

The City of Philadelphia is investigating a data breach after attackers “may have gained access” to City email accounts containing personal and protected health information five months ago, in May. […]

Insurance giant American Family Insurance has confirmed it suffered a cyberattack and shut down portions of its IT systems after customers reported website outages all week. […]

This was a bad week for ransomware, with the Trigona ransomware suffering a data breach and law enforcement disrupting the RagnarLocker ransomware operation. […]

The International Criminal Court provided additional information about the cyberattack five weeks ago, saying that it was a targeted operation for espionage purposes. […]

Cisco disclosed a new high-severity zero-day (CVE-2023-20273) today, actively exploited to deploy malicious implants on IOS XE devices compromised using the CVE-2023-20198 zero-day unveiled earlier this week. […]

​Okta says attackers accessed files containing cookies and session tokens uploaded by customers to its support management system after breaching it using stolen credentials. […]

Law enforcement agencies arrested a malware developer linked with the Ragnar Locker ransomware gang and seized the group’s dark web sites in a joint international operation. […]

Security researchers found three critical remote code execution vulnerabilities in the SolarWinds Access Rights Manager (ARM) product that remote attackers could use to run code with SYSTEM privileges. […]

Two weeks into an ongoing IT outage, Kwik Trip finally confirmed that it’s investigating a cyberattack impacting the convenience store chain’s internal network since October 9. […]