Digital payments leader PayPal has agreed to pay a $2 million fine following a cybersecurity incident in December 2022 that exposed thousands of Social Security numbers, according to New York state regulators. The penalty resolves violations of New York’s financial cybersecurity regulations, which require companies like PayPal to employ qualified personnel to manage critical cybersecurity […]
A team of researchers has uncovered over 100 security vulnerabilities affecting LTE and 5G network implementations, which could potentially be exploited to disrupt services or gain unauthorized access to cellular core networks. The study identified 119 vulnerabilities, with 97 assigned unique CVE identifiers, spanning seven LTE implementations—Open5GS, Magma, OpenAirInterface, Athonet, SD-Core, NextEPC, and srsRAN—and three […]
State-linked hackers were implicated in a series of cyberattacks in December, resulting in the theft of unclassified data from the U.S. Treasury Department, among other incidents. BeyondTrust confirmed that 17 customers were affected by the attack, which involved the compromise of a Remote Support SaaS API key. The attack, attributed to a state-linked threat actor, […]
Conduent, a New Jersey-based contractor that provides technology solutions for social service agencies and transit systems across the U.S., has confirmed that it was the target of a cyberattack. The incident disrupted operations and caused delays in child support payment processing in multiple states, including Wisconsin. The attack first came to light when Wisconsin officials […]
The growing security threats posed by advancements in artificial intelligence are well-documented, impacting billions of Gmail users, bank customers, and even individuals targeted through smartphone calls and messages. The FBI has issued warnings about such dangers, highlighting the risks AI poses when exploited by malicious actors. Adding to these concerns, researchers have recently identified GhostGPT, […]
The Pittsburgh Regional Transit (PRT) authority experienced a ransomware attack last week, causing temporary disruptions to the city’s public transportation system. The attack, initially detected on December 19, briefly affected rail services, according to a statement from PRT. Initially reported by WPXI Channel 11 as an internet outage, the incident caused delays of up to […]
Japan Airlines (JAL), the country’s second-largest airline, suffered a major cyberattack early Thursday morning, leading to significant disruptions in both domestic and international flight operations. The attack, which occurred at 7:24 AM local time (2224 GMT), targeted JAL’s internal and external network systems, causing widespread malfunctions that impacted communication and operational workflows. In a statement […]
A Brazilian national has been indicted in the United States on charges of extortion after allegedly hacking into a company’s network and stealing sensitive customer data in March 2020. Junior Barros De Oliveira, a 29-year-old from Curitiba, Brazil, faces four counts of extortion and four counts of making threatening communications, according to an indictment unsealed […]
The Matrix botnet, operated by a likely lone Russian actor, has been linked to a large-scale distributed denial-of-service (DDoS) campaign exploiting vulnerabilities and misconfigurations in Internet of Things (IoT) devices. This campaign exemplifies the ease with which accessible tools and basic technical skills can be weaponized for significant cyberattacks. A “One-Stop Shop” for Cybercrime The attack, […]
A major INTERPOL-led operation, Operation Serengeti, has resulted in the arrest of 1,006 suspects across 19 African nations and the dismantling of 134,089 malicious infrastructures. The initiative, conducted between September 2 and October 31, 2024, aimed to disrupt cybercrime operations across the continent, targeting activities such as ransomware, business email compromise (BEC), digital extortion, and online […]