Author name: Biswajit Pradhan

MongoDB is warning that its corporate systems were breached and that customer data was exposed in a cyberattack that was detected by the company earlier this week. In emails sent to MongoDB customers from CISO Lena Smart, the company says they detected their systems were hacked on Wednesday evening (December 13th) and started investigating the […]

Microsoft announced a new Windows Protected Print Mode (WPP), introducing significant security enhancements to the Windows print system. “WPP builds on the existing IPP print stack where only Mopria certified printers are supported, and disables the ability to load third-party drivers. By doing this, we can make meaningful improvements to print security in Windows that

A Mirai-based botnet named ‘InfectedSlurs’ is exploiting a remote code execution (RCE) vulnerability in QNAP VioStor NVR (Network Video Recorder) devices to hijack and make them part of its DDoS (distributed denial of service) swarm. The botnet was discovered by Akamai’s Security Intelligence Response Team (SIRT) in October 2023, who observed the exploitation of two

Delta Dental of California and its affiliates are warning almost seven million patients that they suffered a data breach after personal data was exposed in a MOVEit Transfer software breach. Delta Dental of California is a dental insurance provider that covers 45 million people across 15 states and is part of the Delta Dental Plans Association. According to

Cloud storage provider Box is down in a ‘critical’ outage, preventing customers from accessing their files. The outage started at approximately 9 AM ET, with the company stating that it is a critical outage impacting logins, uploads, downloads, and API calls. “Our team is continuing to investigate and have confirmed this issue is impacting all

The Hunters International ransomware gang claimed to be behind a cyberattack on the Fred Hutchinson Cancer Center (Fred Hutch) that resulted in patients receiving personalized extortion threats. Fred Hutch is a Seattle-based cancer research and patient care and treatment center operating a network of more than ten clinical sites in the region. At the start

VoIP communications company 3CX warned customers today to disable SQL database integrations due to potential risks associated with what it describes as a potential vulnerability. Although the security advisory released today lacks any specific information regarding the issue, it advises customers to take preventive measures by disabling their MongoDB, MsSQL, MySQL, and PostgreSQL database integrations.

Today, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) urged technology manufacturers to stop providing software and devices with default passwords. Once discovered, threat actors can use such default credentials a backdoor to breach vulnerable devices exposed online. Default passwords are commonly used to streamline the manufacturing process or help system administrators deploy large numbers

Former Amazon security engineer Shakeeb Ahmed pleaded guilty this week to hacking and stealing over $12.3 million from two cryptocurrency exchanges in July 2022. The two affected companies are Nirvana Finance, a decentralized crypto exchange, and an unnamed exchange on the Solana blockchain platform that Ahmed hacked using his blockchain audit and smart contract reverse

Today’s column brings you two weeks of information on the latest ransomware attacks and research after we skipped last week’s article. The big news over the past two weeks is the continued drama plaguing BlackCat/ALPHV after their infrastructure suddenly stopped working for almost five days. Multiple sources told BleepingComputer that this outage was related to