Tag: cyberattack
-
Lenovo-Chatbot-Lücke wirft Schlaglicht auf KI-Sicherheitsrisiken
Über eine Schwachstelle in Lenovos Chatbot für den Kundensupport ist es Forschern gelungen, Schadcode einzuschleusen.Der Chatbot ‘Lena” von Lenovo basiert auf GPT-4 von OpenAI und wird für den Kundensupport verwendet. Sicherheitsforscher von Cybernews fanden heraus, dass das KI-Tool anfällig für Cross-Site-Scripting-Angriffe (XSS) war. Die Experten haben eine Schwachstelle entdeckt, über die sie schädliche HTML-Inhalte generieren…
-
Cyberangriff auf Orange: Hacker erbeuten Kundendaten von großem Telco-Provider
Daten von 850.000 belgischen Orange-Kunden sind in die Hände Cyberkrimineller gelangt – darunter Namen, Nummern, Tarife und PUK-Codes. First seen on golem.de Jump to article: www.golem.de/news/cyberangriff-auf-orange-grosser-telco-provider-bestaetigt-abfluss-von-kundendaten-2508-199393.html
-
Cyberattacke auf Berlins Justizsenatorin Badenberg
Berlins Senatorin für Justiz und Verbraucherschutz Felor Badenberg wurde von Cyberkriminellen angegriffen. Zu den Hinterleuten der Attacke gibt es eine Vermutung. Hans-Christian PlambeckBerlins Justizsenatorin Felor Badenberg (CDU) ist Opfer einer Cyber-Attacke geworden. Nach jetzigem Erkenntnisstand sei es zu einem gezielten Angriff auf einen Arbeitsplatzrechner im Leitungsbereich des Hauses gekommen, teilte die Senatsverwaltung für Justiz mit.…
-
Russian Hackers Accused in Wave of Water Sector Cyberattacks
Successful Breaches Renew Fears of Operational Vulnerabilities Across Water Sector. Russia is suspected of escalating cyberattacks on European water utilities, including attempts to sabotage Polish and Norwegian water facilities and dams, signaling a broader threat to global critical infrastructure as state-backed actors exploit critical OT weaknesses amid global conflict. First seen on govinfosecurity.com Jump to…
-
Drug R&D Firm’s IT, Data Encrypted in Alleged Qilin Attack
Inotiv Inc. Tells SEC Some Business Operations Disrupted, No Recovery Date in Sight. Inotiv, a drug research and development firm, told federal regulators that it’s been dealing with a cyberattack since Aug. 8 that has encrypted some IT systems and data, and is disrupting certain business operations. Ransomware gang Qilin has listed the company as…
-
Apache ActiveMQ Breach Reveals Unusual Attacker Behavior
Tags: access, apache, breach, cyberattack, exploit, flaw, linux, remote-code-execution, update, vulnerabilitySecurity researchers have confirmed that a recent wave of cyberattacks is exploiting a critical vulnerability in Apache ActiveMQ, allowing attackers to compromise Linux servers and install long-term persistence tools. The attackers are not only gaining access through a known remote code execution flaw but are also patching the vulnerability afterward to cover their tracks. The……
-
Feds charge alleged administrator of ‘sophisticated’ Rapper Bot botnet
A 22-year-old Oregon man has been charged with running a powerful botnet-for-hire service used to launch hundreds of thousands of cyberattacks worldwide, the U.S. Justice Department said. First seen on therecord.media Jump to article: therecord.media/feds-charge-botnet-admin
-
Russian investment platform confirms cyberattack by pro-Ukraine hackers
The Russian platform Investment Projects said it is working to restore its infrastructure following a cyberattack claimed by the pro-Ukraine group Cyber Anarchy Squad. First seen on therecord.media Jump to article: therecord.media/russia-cyberattack-investment-platform-ukraine
-
Major Belgian telecom firm says cyberattack compromised data on 850,000 accounts
The company said no critical data was accessed, but the hacker “gained access to one of our IT systems that contains the following data: name, first name, telephone number, SIM card number, PUK code, tariff plan.” First seen on therecord.media Jump to article: therecord.media/belgian-telecom-says-cyberattack-compromised-data-on-850000
-
Lenovo-Chatbot Lena Kritische XSS-Schwachstellen offenbaren fatale Sicherheitslücken in KI-Implementierungen
Lenovo wollte mit seinem KI-Chatbot Lena eigentlich den Kundenservice modernisieren. Stattdessen öffnete die digitale Assistentin ein Einfallstor für Angriffe, die bis hin zum Diebstahl sensibler Daten und der Kompromittierung interner Systeme reichen konnten. Cybernews-Forscher entdeckten gleich mehrere kritische XSS-Schwachstellen, die ein erschreckendes Licht auf den Umgang mit Sicherheit in KI-gestützten Services werfen. Ein einziger Prompt…
-
Senatsjustizverwaltung – Cyberattacke auf Berlins Justizsenatorin Badenberg
Tags: cyberattackFirst seen on security-insider.de Jump to article: www.security-insider.de/cyberattacke-auf-berlins-justizsenatorin-badenberg-a-7808431f72052ef1014050af2cfe463b/
-
Zuverlässigkeit digitaler Infrastrukturen – Uptime Institute: Längere IT-Ausfälle durch häufigere gezielte Angriffe
Tags: cyberattackFirst seen on security-insider.de Jump to article: www.security-insider.de/uptime-institute-laengere-it-ausfaelle-durch-haeufigere-gezielte-angriffe-a-3de9b19d16e2ab3ff5635637b2c44aa3/
-
New Salty 2FA PhaaS Platform Targets Microsoft 365 Users to Steal Login Credentials
The majority of events globally are caused by phishing, which continues to be the most common vector for cyberattacks in the constantly changing world of cyber threats. The proliferation of affordable Phishing-as-a-Service (PhaaS) platforms such as Tycoon2FA, EvilProxy, and Sneaky2FA has exacerbated this issue, enabling even novice attackers to deploy sophisticated campaigns. These services are…
-
Personal-, Lohn- und Finanzabteilungen im Fokus – Personalisierte Angriffe mit KI statt Massen-Phishing
First seen on security-insider.de Jump to article: www.security-insider.de/phishing-landskap-genai-ki-abwehr-zielgerichtete-angriffe-a-2c8bbaf002c6dd7544639fe55d38ce7c/
-
Business Council of New York State says nearly 50,000 had data leaked in February cyberattack
The Business Council of New York State, which works with more than 3,000 organizations, told regulators in multiple states that it suffered a cyberattack in February. First seen on therecord.media Jump to article: therecord.media/new-york-business-council-data-breach
-
Cyberangriff auf Colt: Support-Systeme nach Lösegelddrohung offline
Tags: access, api, china, cve, cyberattack, exploit, extortion, hacker, infrastructure, mail, microsoft, ransomware, rce, remote-code-execution, service, technology, update, vulnerabilityDer TK-Konzern Colt kämpft seit einer Woche mit den Folgen einer Ransomware-Attacke.Colt Technology Services, ein britischer Telekommunikationskonzern, der 900 Rechenzentren in Europa, Asien und Nordamerika miteinander verbindet, wurde am 12. August 2025 Opfer eines Cyberangriffs.Der Fall wurde zunächst als ‘technisches Problem” bezeichnet. Inzwischen hat das Unternehmen jedoch den Angriff bestätigt und seine interne Support-Systeme, darunter…
-
Cyberangriff auf Colt: Support-Systeme nach Lösegelddrohung offline
Tags: access, api, china, cve, cyberattack, exploit, extortion, hacker, infrastructure, mail, microsoft, ransomware, rce, remote-code-execution, service, technology, update, vulnerabilityDer TK-Konzern Colt kämpft seit einer Woche mit den Folgen einer Ransomware-Attacke.Colt Technology Services, ein britischer Telekommunikationskonzern, der 900 Rechenzentren in Europa, Asien und Nordamerika miteinander verbindet, wurde am 12. August 2025 Opfer eines Cyberangriffs.Der Fall wurde zunächst als ‘technisches Problem” bezeichnet. Inzwischen hat das Unternehmen jedoch den Angriff bestätigt und seine interne Support-Systeme, darunter…
-
Ein Viertel der CISOs wird nach Ransomware-Angriff entlassen
Tags: backup, ceo, cio, ciso, cyberattack, group, incident response, mail, phishing, ransomware, rat, risk, sophos, vulnerabilityNach einem Ransomware-Angriff werden CISOs oft dafür verantwortlich gemacht und gekündigt. Laut einem aktuellen Bericht von Sophos haben CISOs eine Chance von eins zu vier, dass ihr Arbeitsplatz einen erfolgreichen Ransomware-Angriff nicht übersteht. Die Ergebnisse des Berichts sind ein Weckruf für Sicherheitsverantwortliche, unabhängig davon, ob sie für solche Angriffe verantwortlich gemacht werden oder über die…
-
Cyberangriffe auf Industrieanlagen: Schäden in Milliardenhöhe
Tags: cyberattackIndustrieanlagen und kritische Infrastrukturen stehen weltweit vor einer massiven, oft unterschätzten Gefahr. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/cyberangriffe-auf-industrieanlagen
-
Operation Secure Saint Paul: Interlock Ransomware Hits City with 43GB Data Leak
Have you heard about Operation Secure Saint Paul? The city of St. Paul, Minnesota, has confirmed the July 25 cyberattack was a ransomware assault carried out by the group Interlock. The hackers claim they posted 43 gigabytes of stolen city data online”, including HR files and even personal items. The city refused to pay ransom…
-
Workday Confirms Data Breach Tied to Salesforce Attacks
A New Corporate Victim in a Broader CRM Exploitation Campaign Workday, one of the world’s leading human capital management (HCM) software providers, has confirmed it was impacted in a recent string of coordinated cyberattacks targeting Salesforce CRM instances through sophisticated social engineering. While the company says no customer tenants or internal systems were compromised, attackers……
-
Workday Breach Likely Linked to ShinyHunters Salesforce Attacks
The HR giant said hackers mounted a socially engineered cyberattack on its third-party CRM system, but did not gain access to customer information; only ‘commonly available’ business contact info was exposed. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/workday-breach-shinyhunters-salesforce-attacks
-
Cyberangriffe auf Industrieanlagen: Schäden in Milliardenhöhe drohen
Tags: cyberattackFirst seen on datensicherheit.de Jump to article: www.datensicherheit.de/cyberangriffe-industrieanlagen-schaeden-milliardenhoehe
-
Manpower Data Breach Hits 144K, Workday Confirms 3rd-Party CRM Hack
A cyberattack on Manpower’s Michigan office compromised data for 144,000 people. Meanwhile, Workday reveals a data breach in… First seen on hackread.com Jump to article: hackread.com/manpower-data-breach-workday-3rd-party-crm-hack/
-
Bragg Gaming Group Confirms Cyberattack, Says No Customer Data Impacted
Toronto-based Bragg Gaming Group, a provider of content and technology solutions for the online gaming sector, announced that it was the target of a cybersecurity incident early on Saturday, August 16, 2025, CEST time. The company discovered the Bragg Gaming Group cyberattack over the weekend and immediately took decisive action to limit potential damage. First seen on…
-
Bragg Confirms Cyberattack, Internal IT Systems Breached
Bragg Gaming Group (NASDAQ: BRAG, TSX: BRAG), a prominent content and technology provider in the online gaming industry, has disclosed a cybersecurity incident that compromised its internal computer systems over the weekend. The company discovered the breach on August 16, 2025, and has immediately implemented containment measures while engaging independent cybersecurity experts to assist with…
-
UK’s Colt hit by cyberattack, support systems offline amid ransom threat
Tags: api, attack, china, communications, cve, cyberattack, data, data-breach, exploit, finance, flaw, group, infrastructure, Internet, microsoft, network, programming, ransom, rce, remote-code-execution, russia, service, software, threat, update, vulnerabilitywith samples on a Russian Tor site.”We’ve seen already this year that telecom is particularly vulnerable to attacks, and I think this WarLock attack highlights some recurring issues that telecom and large-scale network service providers are starting to see,” said Gabrielle Hempel, Security Operations Strategist at Exabeam. “There’s this operational ripple effect when you’re a…
-
Colt Technology Services Hit by Ongoing Cyberattack, Services Disrupted
Colt Technology Services, a major UK-based telecommunications provider, continues to experience service disruptions following a serious cyberattack that began on August 12. The Colt cyberattack has impacted several of the company’s critical systems, including hosting and porting services, the Colt Online customer portal, and its Voice API platform. First seen on thecyberexpress.com Jump to article:…
-
By gutting its cyber staff, State Department ignores congressional directives
Without strong cyber capabilities at State, America’s partners will turn to unreliable associates in China for infrastructure investment and succumb to cyberattacks that place U.S. forces overseas at risk. First seen on cyberscoop.com Jump to article: cyberscoop.com/state-department-cyber-diplomacy-setback-congress-action-op-ed/
-
‘Angriff auf politische Willensbildung” – Hacker nehmen sich politischen Raum in Sachsen-Anhalt vor
First seen on security-insider.de Jump to article: www.security-insider.de/ddos-angriffe-ministeriums-landtagswebseiten-a-0b23be825b80b8de56be7294c954c783/