Vendors
-
China-Linked APT41 Targets African IT Infrastructure in New Cyber Espionage Campaign
APT41, a Chinese-linked cyber espionage group, has launched a targeted campaign against government IT services in Africa, utilizing advanced malware techniques that involve a compromised SharePoint server for communication.
-
ExpressVPN Resolves Critical IP Leak Issue Affecting Remote Desktop Users
ExpressVPN has resolved a critical security flaw that exposed users’ IP addresses during Remote Desktop Protocol sessions, following insights from a bug bounty program. Affected users are encouraged to update their software for enhanced privacy.
-
Cloudflare Confirms 1.1.1.1 Outage Stemmed from Internal Misconfiguration, Not Attack
Cloudflare confirmed that a recent outage of its 1.1.1.1 Resolver service was caused by an internal misconfiguration, dismissing concerns of a cyberattack or BGP hijack. The incident led to significant disruptions for users globally, with full restoration achieved within hours.
-
Louis Vuitton Investigates Data Breach Affecting UK Customers Amid Ongoing Cybersecurity Concerns
Luxury fashion house Louis Vuitton is investigating a data breach that has exposed customer information tied to its UK operations. This breach is the third linked to LVMH brands in recent months, raising concerns about security practices across the luxury retail sector.
-
Paddy Power and Betfair Confirm Data Breach Affecting 800,000 Customers
Paddy Power and Betfair have confirmed a data breach affecting up to 800,000 customers, with information such as usernames and email addresses compromised. The companies assure that sensitive payment details remain secure, although partial payment data may be at risk.
-
Security Flaw in McDonald’s AI Hiring Tool Exposes Personal Data of 64 Million Job Seekers
A security flaw in McDonald’s AI hiring tool, McHire, has led to the exposure of personal data for over 64 million job seekers. Researchers discovered that default credentials and an Insecure Direct Object Reference vulnerability allowed unauthorized access to sensitive information.
-
Cisco Issues Urgent Update to Address Critical Vulnerability in Unified Communications Manager
Cisco has issued an urgent security alert regarding a critical vulnerability in its Unified Communications Manager systems, urging users to upgrade to new software updates to prevent potential exploitation.
-
Major Mobile Ad Fraud Operation IconAds Discovered
The IconAds mobile ad fraud operation, involving 352 Android apps, has been disrupted, according to HUMAN. The malicious apps generated 1.2 billion daily bid requests, primarily targeting users in Brazil, Mexico, and the US, before their removal from the Play Store.
-
Cisco Addresses Critical Security Vulnerability in Unified Communications Manager
Cisco has released updates to mitigate a serious security vulnerability in its Unified Communications Manager that allowed for unauthorized remote access through a hardcoded backdoor account.
-
U.S. Sanctions Russian Bulletproof Hosting Provider Amid Cybercrime Crackdown
The U.S. Treasury has imposed sanctions on Russian bulletproof hosting provider Aeza Group for its facilitation of cybercrime activities, marking a significant step in the government’s ongoing efforts to combat ransomware and related threats.
