On Feb. 13, Adobe patched a critical vulnerability that affected its Commerce and Magento platforms, which customers use to manage their businesses' e-commerce. But a proof-of-concept exploit for the latest patch has resulted in yet another out-of-band patch update from Adobe for CVE-2022-24087.
Cisco's Email Security Appliance is affected by a high-rated vulnerability that can allow an unauthenticated remote attacker to launch a denial-of-service attack, the company says. The company and CISA advise that affected software be updated at the earliest.
Cyberattacks in the aviation sector over the past several years have been tied to a single advanced persistent threat group named TA2541, which - since at least 2017 - has consistently used more than a dozen remote access Trojans to control compromised machines, according to a report from Proofpoint.
The January cyberattack on the International Committee of the Red Cross, which compromised the data of more than 515,000 highly vulnerable people, was specifically targeted at the organization, using code designed for execution on the ICRC servers, according to Director General Robert Mardini.
The Office of the Privacy Commissioner for Personal Data in Hong Kong has begun an investigation into a data leak reported by Harbour Plaza Hotel Management on Feb. 9. The report says it appears that approximately 1.2 million customers of the Harbour Plaza hotel chain seem to have been affected.
A 60-second TV advertisement, paid for by cryptocurrency exchange platform Coinbase. aired during the Super Bowl on Sunday. It featured a QR code that took those who scanned it to the trading website. Some cybersecurity experts have voiced concerns about using vulnerable QR code on live TV.
Spain's National Police Department says it has arrested eight members of an undisclosed cybercriminal gang over SIM swapping fraud. The suspects posed as trustworthy representatives of banks and other organizations and used phishing and smishing techniques to obtain PII and bank details of victims.
Several global Computer Emergency Response Teams have issued alerts as well as fixes for Google Chrome browser and Android operating system vulnerabilities. Countries issuing the alerts include France, India and Canada.
A "deliberate and malicious" cyberattack struck Vodafone Portugal, including its 4G/5G network, fixed voice, TV, SMS and voice/digital answering services. ATM networks of large banks connected to its 4G network were also disrupted. The company says its 4G network has now been partially restored.
The U.S. Internal Revenue Service says it will pull back plans to use facial recognition for authentication of new users of its online accounts. The move comes amid concerns from Congress members and privacy advocates about cybersecurity, software bias and third-party transparency issues around the IRS' proposal to...
Swissport, a global company that provides aviation-related services, confirmed it was hit by a ransomware attack on Thursday. The incident has now been contained, and a full system cleanup and recovery process is underway with no significant delays in sight, a company spokesperson says.
Eset says it has patched a high-severity privilege escalation bug affecting its clients who use Windows-based systems. The company has released software updates for all affected versions of its product, as well as a workaround, and says no exploits have been reported.
Greek data protection authority Hellenic DPA has imposed fines totaling more than $10 million on two telecommunication companies for GDPR violations including inadequate information disclosure to subscribers in the wake of data breaches, illegal data processing and inadequate security measures.
The European Systemic Risk Board has proposed a new systemic cyber incident coordination framework called EU-SCICF. This framework will be designed to counter any major cross-border cyber incidents in the financial sector space with a coordinated response.
A new malware dubbed DazzleSpy has been found targeting macOS users in Hong Kong. The malware is being planted through pro-democracy radio station D100's news website, which was earlier compromised through a watering hole campaign, researchers from cybersecurity firm ESET report.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.
