News
The Akira ransomware group has developed a new method to circumvent Endpoint Detection and Response (EDR) systems by leveraging unsecured webcams. This innovative attack vector allows the cybercriminals to encrypt data on compromised networks, posing a significant threat to organizations. How the Attack Works Cybersecurity experts from the S-RM team
The ESP32 microchip, manufactured by Espressif and embedded in over a billion devices globally, has been found to contain undocumented commands. These commands could be exploited for cyberattacks, posing significant security risks. Potential Threats from Undocumented Commands These hidden commands enable malicious activities such as device spoofing, unauthorized data access,
The notorious ransomware group, Hunters International, has reportedly infiltrated Tata Technologies, a subsidiary of Tata Motors, claiming to have exfiltrated 1.4 terabytes of sensitive data. Details of the Breach According to a regulatory filing with the Indian National Stock Exchange, the cyber attack occurred in January. Tata Technologies, a
The United States has taken decisive action against Chinese cybercriminals, charging state security officers and hackers linked to APT27 and i-Soon for extensive cyberattacks since 2011. These breaches have targeted a wide range of victims, including US government agencies, foreign ministries in Asia, US-based dissidents, and a major religious organization.
In a significant breakthrough, U.S. authorities have successfully retrieved $31 million in cryptocurrency stolen during the 2021 cyberattacks on Uranium Finance, a decentralized finance (DeFi) protocol on Binance's BNB Chain. Understanding the Uranium Finance Exploit Uranium Finance, launched in April 2021, functioned as an automated market maker
Mozilla has updated its Firefox Terms of Use for the second time in a week following backlash over language suggesting broad data rights. The revised terms clarify that Mozilla only requires rights necessary to operate Firefox, without claiming ownership of user content. Changes in Data Licensing Language The initial terms,
Amnesty International has revealed that a zero-day exploit, sold by the controversial vendor Cellebrite, was utilized to compromise the Android phone of a Serbian student known for criticizing the government. This incident highlights ongoing concerns about the use of spyware for state surveillance. Background on Surveillance Concerns In December, Amnesty
The notorious Medusa ransomware gang has exposed a significant data breach involving UK-based HCRG Care Group, demanding a $2 million ransom. Although HCRG acknowledged the breach, they have not confirmed the extent of data affected, including patient and employee information. Unveiling the Breach On February 23, SuspectFile disclosed exclusive insights
The extensive data set known as "ALIEN TXTBASE" has been added to the Have I Been Pwned (HIBP) platform, a service that notifies users of data breaches. This integration, as noted by HIBP's founder, involves data extracted from devices compromised by infostealer malware. The data set