Tag: security

The hacker who breached education tech giant PowerSchool claimed in an extortion demand that they stole the personal data of 62.4 million students and 9.5 million teachers. PowerSchool is a cloud-based software solutions provider for K-12 schools and districts that provides tools for enrollment, communication, attendance, staff management, learning systems, analytics, and finance. On January […]

American business services giant and government contractor Conduent confirmed today that a recent outage resulted from what it described as a “cyber security incident.” Conduent has over 31,000 employees and provides services to half of Fortune 100 companies and over 600 government and transportation agencies. These include nine top U.S. health plans, four of five […]

The largest distributed denial-of-service (DDoS) attack to date peaked at 5.6 terabits per second and came from a Mirai-based botnet with 13,000 compromised devices. The UDP-based attack occurred last year on October 29 and targeted an internet service provider (ISP) in Eastern Asia in an attempt to bring its services offline. Security and connectivity services provider […]

​A high-severity vulnerability in the 7-Zip file archiver allows attackers to bypass the Mark of the Web (MotW) Windows security feature and execute code on users’ computers when extracting malicious files from nested archives. 7-Zip added support for MotW in June 2022, starting with version 22.00. Since then, it has automatically added MotW flags (special ‘Zone.Id’ alternate data streams) to […]

Hewlett Packard Enterprise (HPE) is investigating claims of a new breach after a threat actor said they stole documents from the company’s developer environments. The company has told BleepingComputer that it hasn’t found any evidence of a security breach, but it is investigating the threat actor’s claims. “HPE became aware on January 16 of claims […]

Russian nation-state actor Star Blizzard has been running a new spear-phishing campaign to compromise WhatsApp accounts of targets in government, diplomacy, defense policy, international relations, and Ukraine aid organizations. According to a Microsoft Threat Intelligence report, the campaign was observed in mid-November 2024 and represents a tactical shift for Star Blizzard as a response to the recent exposure […]

Hotel management platform Otelier suffered a data breach after threat actors breached its Amazon S3 cloud storage to steal millions of guests’ personal information and reservations for well-known hotel brands like Marriott, Hilton, and Hyatt. The breach first allegedly occurred in July 2024, with continued access through October, with the threat actors claiming to have […]

A malicious package named ‘pycord-self’ on the Python package index (PyPI) targets Discord developers to steal authentication tokens and plant a backdoor for remote control over the system. The package mimics the highly popular ‘discord.py-self,’ which has nearly 28 million downloads, and even offers the functionality of the legitimate project. The official package is a Python […]