Recent Security News
-
Thieves steal 35.5M customers’ data from Vans sneakers maker
January 19, 2024 at 09:00AM VF Corporation, parent company of popular fashion brands like Vans and North Face, reported that 35.5 million customers were affected by a cyber-attack in December. However, sensitive data such as social security numbers and financial information were unaffected, and there is no evidence that customer passwords were compromised. The attack…
-
Experts Warn of macOS Backdoor Hidden in Pirated Versions of Popular Software
January 19, 2024 at 08:51AM Pirated macOS applications from Chinese websites harbor a backdoor allowing attackers remote control over infected machines. The malware, hosted on “macyy[.]cn,” uses a dropper to fetch backdoor and downloader components, which enable persistence and facilitate additional payloads. This echoes previous incidents involving the ZuRu malware, possibly indicating a successor. (Words:…
-
First Step in AI/ML Security is Finding Them
January 19, 2024 at 08:31AM The growing use of AI in organizations poses new security risks. The adoption of AI tools without informing security teams leads to “shadow ML” and “shadow AI.” Legit Security’s platform provides visibility into all software components and developer tools. Securing machine learning involves finding its usage, threat modeling, and implementing…
-
VMware confirms critical vCenter flaw now exploited in attacks
January 19, 2024 at 08:23AM VMware confirmed active exploitation of a critical vCenter Server vulnerability (CVE-2023-34048) reported by Trend Micro researcher Grigory Dorodnov. Multiple end-of-life products were patched, and ransomware gangs target VMware servers. Over 2,000 exposed servers pose breach risks. VMware urged strict network access control and previously fixed high-severity vCenter Server flaws, an…
-
VF Corp Says Data Breach Resulting From Ransomware Attack Impacts 35 Million
January 19, 2024 at 08:00AM 35.5 million customers’ personal information was stolen in a ransomware attack on VF Corporation in December 2023. The attack affected brands like Dickies, The North Face, and Vans. The company has restored impacted systems, but faced operational disruptions. It reported no evidence of stolen passwords and expects minimal financial impact.…