In April, Meduza faced two large-scale distributed denial-of-service (DDoS) attacks, prompting it to reach out to Qurium to investigate their origin and composition, the researchers said.
Source: The Record Date: April 29, 2024
Local reports claimed that the hackers targeted as many as 83 defense contractors and subcontractors, and managed to steal sensitive information from 10 of them between October 2022 and July 2023, although the campaign lasted over a year.
Source: Infosecurity Magazine Date: April 24, 2024
An unidentified attacker hacked a Czech news service's website and published a fake story on Tuesday claiming that an assassination attempt had been made against the newly elected Slovak president Petr Pellegrini.
Source: The Record Date: April 24, 2024
The website Spy.pet has been involved in a major privacy breach, selling billions of private messages from Discord users. This breach exposes personal information, private photos, financial details, and potentially company secrets.
Source: Hackread Date: April 23, 2024
Cybersecurity researchers have discovered a new campaign exploiting a recently disclosed security flaw in Fortinet FortiClient EMS devices. The attackers utilize this vulnerability to deliver ScreenConnect and Metasploit Powerfun payloads, posing a significant threat to affected systems.
Source: The Hacker News Date: April 18, 2024
Talos has issued a warning regarding a global surge in brute-force attacks targeting VPN and SSH services. These attacks employ both generic and valid usernames and indiscriminately target a wide range of sectors across various geographical locations.
Source: The Hacker News Date: April 18, 2024
The Handala threat group, allegedly backed by Iran, has sent 500,000 threatening text messages to Israeli citizens. These messages contain anti-government rhetoric, posing a potential risk to national security.
Source: Dark Reading Date: April 16, 2024
A series of SteganoAmor attacks utilizing steganography has targeted 320 organizations globally. These attacks begin with malicious emails containing seemingly innocuous document attachments exploiting the CVE-2017-11882 flaw in Microsoft Office Equation Editor.
Source: Bleeping Computer Date: April 16, 2024
Hackers have deployed crypto drainers on thousands of WordPress sites, monetizing compromised platforms to promote fake NFT offers and crypto discounts. This poses a significant risk to site visitors' security and privacy.
Source: Bleeping Computer Date: April 9, 2024
A police investigation has been launched after UK MPs were targeted in a spear[1]phishing attack. Security experts believe this attack could be an attempt to compromise the UK Parliament's security and integrity.
Source: The Guardian Date: April 8, 2024
A suspected ransomware attack has led to a state of emergency declaration in a Missouri county. Critical systems, including tax and online property payments, have been rendered inoperable, causing significant disruptions.
Source: ARS Technica Date: April 3, 2024
Highly sensitive files have disappeared from EUROPOL headquarters, posing a serious risk to ongoing investigations and agency operations. EUROPOL has notified impacted individuals and initiated an investigation into the incident.
Source: Security Affairs Date: April 3, 2024
The INC Ransom group has claimed responsibility for a cybersecurity incident at Leicester City Council. This underscores the disruptive impact of ransomware attacks on public services and institutions.
Source: The Register Date: April 3, 2024
OWASP has disclosed a data breach resulting from a misconfiguration of its old Wiki web server. This breach compromised old member resumes, emphasizing the importance of robust security measures for protecting sensitive information.
Source: Security Affairs Date: April 2, 2024
Recently Stolen by Malware An infostealer malware campaign has apparently collected millions of logins from users of various gaming websites, including players that use cheats and pay-to-cheat services
Source: Bleeping Computer Date: April 1, 2024
The incidents reported in April 2024 demonstrate the diverse range of cyber threats facing organizations and individuals globally. These incidents underscore the critical importance of implementing proactive cybersecurity measures, including patch management, employee training, and incident response planning, to mitigate the risks posed by cyber attacks. Organizations must remain vigilant and proactive in safeguarding their digital assets against evolving threats in the cybersecurity landscape.