16 matches found
Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations
An Iran-nexus threat actor is suspected to be behind a password-spraying campaign targeting Microsoft 365 environments in Israel and the U.A.E. amid ongoing conflict in the Middle East. The activity, assessed to be ongoing, was carried out in three distinct attack waves that took place on March 3...
PT-2025-34192 · Undefined · Undefined
New vulnerabilities in Workhorse Software threaten sensitive data in cities and towns across Wisconsin. Key Points: - Two serious vulnerabilities discovered in Workhorse Software's accounting application. - Vulnerabilities expose sensitive personally identifiable information PII stored in the...
REvil Gang Promises a Big Video-Game Hit; Claims Massive Revenue
The REvil ransomware gang claims it will rake in $100 million by year’s end. That’s according to a REvil group leader in a rare Q&A with the YouTube Channel for tech blog “Russian OSINT.” During the live interview, the REvil hacker warned of a “big attack coming…linked to a very large video game...
N.Y. Could Ban Cities from Paying Ransomware Attackers
New York State may soon ban municipalities from paying ransomware demands in the event of a cyberattack. State Senators Phil Boyle, George M. Borrello and Sue Serino introduced Senate Bill S7246 earlier this month, in response to the rising tide of cyberattacks targeting government agencies and...
Story of the year 2019: Cities under ransomware siege
Ransomware has been targeting the private sector for years now. Overall awareness of the need for security measures is growing, and cybercriminals are increasing the precision of their targeting to locate victims with security breaches in their defense systems. Looking back at the past three year...
GandCrab Operators Resurface with REvil Malware
The malware that hit 22 Texas municipalities and various dentist offices around the country recently is likely the work of the crew behind the GandCrab ransomware – indicating that the group didn’t really retire after all. In late May, the GandCrab operators said they decided to ride off into the...
Ransomware Sees Triple-Digit Spike in Corporate Detections
LAS VEGAS — As cybercriminals continue to chase the most lucrative attack vectors they can find, ransomware attacks are migrating from consumer targets to organizations, businesses, municipalities and beyond. For the first time, consumer detections have fallen below organizational infections, as ...
Why Cities Are a Low-Hanging Fruit For Ransomware
Ransomware attacks against local governments and cities are repeatedly making headlines, with crippling results on city operations and budgets. Last month, the Florida city of Riviera Beach paid hackers $600,000 after being hit by a ransomware attack that downed its computer systems for three...
Second Florida City Pays Hackers $500k Post-Ransomware Attack
UPDATE A city in Florida has paid hackers almost $500,000 after suffering a ransomware attack that locked down its email systems and servers – only the latest municipality to be hit by ransomware and pay the ransom. The Florida municipality, Lake City, has a population of 12,046 and is located in...
SQL Injection Vulnerability in Road Transportation Driver Continuing Education Management System at Multiple Provincial and Municipal Levels
A SQL injection vulnerability exists in the road transportation driver continuing education management system at multiple provincial and municipal levels. An attacker could exploit the vulnerability to obtain sensitive information in the database...
Patched Click2Gov Flaw Still Afflicting Local Govs
A vulnerability in a popular municipality payment software, Click2Gov, has left hundreds of thousands of civilian payment cards compromised – and the hacks are ongoing, a new report found. Continual breaches of the vulnerable software have led to the compromise of at least 294,929 payment cards...
How Internet Savvy are Your Leaders?
Back in April 2015, I tweeted about receiving a letter via snail mail suggesting the search engine rankings for a domain registered in my name would suffer if I didn't pay a bill for some kind of dubious-looking service I'd never heard of. But it wasn't until the past week that it become clear ho...
U.S Charges Two Iranian Hackers for SamSam Ransomware Attacks
The Department of Justice announced Wednesday charges against two Iranian nationals for their involvement in creating and deploying the notorious SamSam ransomware. The alleged hackers, Faramarz Shahi Savandi, 34, and Mohammad Mehdi Shah, 27, have been charged on several counts of computer hackin...
Massive ransomware attack forces authorities to use typewriters
By Waqas The ransomware attack also forced employees to use hand receipts. Two municipalities in Alaska one town and one borough to be precise have become victims of sophisticated encryption-based malware ransomware attack. Reportedly, the Matanuska-Susitna Mat Su and the City of Valdez have both...
dadosenergeticos.energia.sp.gov.br XSS vulnerability
Open Bug Bounty ID: OBB-572979 Description| Value ---|--- Affected Website:| dadosenergeticos.energia.sp.gov.br Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:|...
E-Cidade Directory Traversal
Vendor: DBSeller www.dbseller.com.br Product: E-cidade - Software Publico de Gestão Municipal Published: 02/19/2016 Discovered by vesp3r [email protected] Product Description -------------------- Intended to computerize the management of Brazilian Municipalities. This includes computerized...