In a shocking development, the well-known ransomware group, Akira, has dealt a significant blow to cosmetics powerhouse Lush. With nearly 30 years in operation and roughly 1,000 stores worldwide, Lush has been a trusted brand in the beauty industry. However, a recent ransomware incident involving unauthorized access to part of Lush’s UK IT system has showcased the increasing threat posed
In today’s digital era, students are making great use of the internet for their educational and social activities. However, this widespread reliance on the digital realm also exposes students to potential risks and limitations. This is where a Virtual Private Network (VPN) comes into play, offering a multitude of advantages that empower students with unrestricted access to knowledge while ensuring
Schneider Electric, a global leader in energy management and automation solutions, has recently become the target of a devastating ransomware attack. The attack specifically targeted its Sustainability Business division, resulting in unauthorized access to sensitive corporate data. The incident has raised concerns over the security of Schneider Electric’s infrastructure and the potential impact on its customers and partners. Cactus Ransomware
In a groundbreaking case, Banmeet Singh, a notorious dark web drugs vendor, has agreed to forfeit a staggering $150 million, marking the largest single seizure ever conducted by the US Drug Enforcement Administration (DEA). This unprecedented move highlights the government’s determination to crack down on the illegal drug trade and send a strong message to those involved in illicit activities.
In a bid to enhance the security of their SRX Series and EX Series products, Juniper Networks has released out-of-band updates to address high-severity vulnerabilities. These updates aim to protect users from potential attacks and ensure the confidentiality of sensitive information stored on these devices. The vulnerabilities, tracked as CVE-2024-21619 and CVE-2024-21620, impact all versions of Junos OS, the operating
In today’s rapidly evolving digital landscape, software development and security have become inseparable. The rise of DevSecOps, an integration of development, operations, and security practices, has emerged as a solution to address vulnerabilities early in the software development lifecycle. However, the implementation of DevSecOps is not without its hurdles. This article delves into the key challenges faced by organizations in
In a significant law enforcement operation, Brazilian authorities have successfully apprehended several individuals responsible for operating the notorious Grandoreiro malware. This operation marks a major step in combating cybercrime and protecting users from the threats posed by banking trojans. Slovak cybersecurity firm ESET played a crucial role by providing assistance that led to the identification of victimology patterns and the
In a concerning development, security researchers have recently uncovered critical vulnerabilities in WatchGuard and Panda Security products. These vulnerabilities could potentially allow attackers to cause denial of service (DoS) conditions or execute arbitrary code with system privileges. The vulnerabilities specifically affect the Panda Kernel Memory Access driver (pskmad_64.sys), which is installed alongside WatchGuard EPDR, Panda AD360, and Panda Dome for
A Canadian cybercriminal, Matthew Philbert, has been sentenced to two years in prison for his involvement in a multitude of ransomware and other cyberattacks that targeted businesses, government entities, and individuals across Canada. Philbert, a 33-year-old resident of Ottawa, Ontario, was apprehended by the Ontario Provincial Police in November 2021 after a 23-month investigation. The severity of his crimes was
Cybersecurity company Ivanti is facing significant challenges in delivering promised patches for critical vulnerabilities in their Connect Secure VPN appliances. This delay has put organizations at risk that utilize these appliances for secure virtual private networks. Ivanti acknowledges missed deadline In a recent update to their advisory, Ivanti admitted to missing the deadline for delivering the necessary patches. The company
In a recent discovery, a critical vulnerability has been identified in GitLab, a popular web-based DevOps lifecycle tool, posing a serious threat to user accounts. The exploit allows threat actors to reroute password reset emails, potentially leading to a complete account takeover. This article delves into the details of the vulnerability, GitLab’s response, and steps users can take to protect
Crypto mining in Russia has stirred controversy as power providers claim that the surge in mining activities is responsible for widespread electricity outages during recent cold snaps. With illegal mining activities on the rise, power companies are facing damages, while concerns over strain on energy systems grow. This article delves into the impact of illegal mining, the challenges faced during
