November 21, 2023 at 01:09PM AutoZone, the leading automotive spare parts retailer in the US, has suffered a data breach as part of the Clop MOVEit file transfer attacks. Approximately 185,000 people were affected by the breach, which occurred on May 28, 2023. While the specific data compromised has not been disclosed, identity theft protection … Read more
November 21, 2023 at 02:06AM The China-linked cyber espionage group Mustang Panda targeted a Philippines government entity using legitimate software to sideload malicious files. Mustang Panda, also known as Bronze President and other aliases, is a Chinese advanced persistent threat (APT) that has been active since at least 2012. The group has targeted NGOs and … Read more
November 20, 2023 at 07:12AM The Rhysida ransomware group claims responsibility for the October cyberattack on the British Library, leaking stolen data including passport scans and HMRC employment documents. They have initiated an auction for the data with a starting bid of 20 Bitcoin ($745,000). The British Library confirmed the ransomware attack in November and … Read more
November 20, 2023 at 06:42AM The LummaC2 malware has added a new anti-sandbox technique that uses trigonometry to evade detection and steal valuable information from infected hosts. The malware also incorporates control flow flattening and can deliver additional payloads. It requires the use of a crypter to conceal itself and relies on trigonometry to detect … Read more
November 18, 2023 at 02:24AM Russian cyber espionage actors affiliated with the Federal Security Service (FSB) are using a USB worm called LitterDrifter in attacks on Ukrainian entities. The worm spreads malware via USB drives and communicates with the threat actor’s command-and-control servers. The cybersecurity firm Check Point has observed signs of possible infection outside … Read more
November 16, 2023 at 04:28PM Rackspace has revealed that its expenses from a ransomware attack last year have now reached $12 million. The attack, initially described as a security incident, disrupted email services for thousands of customers. Rackspace attributed the intrusion to the Play crew, who exploited a critical Exchange bug. The company incurred costs … Read more
November 16, 2023 at 11:52AM Four separate cyberattack groups have exploited a former zero-day vulnerability in the Zimbra Collaboration Suite (ZCS) to steal email data, user credentials, and authentication tokens from government organizations worldwide. The bug, which was patched on July 25, enabled the attackers to set up auto-forwarding rules to an attacker-controlled email address. … Read more
November 15, 2023 at 09:04PM The ALPHV/BlackCat ransomware group has filed a complaint with the U.S. Securities and Exchange Commission (SEC) against software company MeridianLink for not disclosing a cyberattack within the four-day rule. The ransomware group threatened to leak stolen data unless a ransom was paid. MeridianLink confirmed the cyberattack and stated that it … Read more
November 15, 2023 at 06:12PM Samsung Electronics has experienced a data breach in the UK, affecting customers who made purchases between July 2019 and June 2020. The breach was caused by a hacker exploiting a vulnerability in a third-party application used by the company. Customer names, phone numbers, addresses were exposed, but financial information and … Read more
November 13, 2023 at 04:35PM Four major ports in Australia, operated by DP World, experienced a cyber attack that caused disruptions over the weekend. The company is responsible for 40% of freight in and out of the country. The exact nature of the attack is still unknown, but some experts speculate it may involve ransomware. … Read more