November 13, 2023 at 06:03AM US mortgage giant Mr. Cooper experienced a cyberattack on October 31 that led to service disruptions. Hackers gained access to certain systems, preventing the company from processing customer payments. Customer data was compromised, prompting Mr. Cooper to notify affected individuals and offer complimentary credit monitoring services. Users are advised to … Read more
November 12, 2023 at 06:56PM LockBit ransomware has leaked more than 43GB of files stolen from Boeing after the aerospace company refused to pay the ransom. The leaked data includes backups for various systems, with the most recent files dated October 22. LockBit had warned Boeing about the leak and threatened to publish a sample … Read more
November 10, 2023 at 05:00PM Mr. Cooper, the largest home loan servicer in the US, has discovered evidence of customer data being exposed during a recent cyberattack. The company is still investigating the extent of the compromised data and will provide affected customers with more information in the coming weeks. Mr. Cooper assures customers that … Read more
November 10, 2023 at 10:32AM The Industrial & Commercial Bank of China (ICBC) has confirmed that it experienced a ransomware attack on November 8, which disrupted its services. The attack impacted certain financial services systems, including its ability to connect to DTCC/NSCC and settle U.S. Treasury trades for other market participants. ICBC is conducting an … Read more
November 9, 2023 at 06:09PM A new zero-day exploit has been discovered that uses a vulnerability in on-premises deployments of SysAid IT Support software to deploy Clop ransomware. Microsoft has announced the flaw and SysAid has issued a patch. The threat actor behind the exploit is Lace Tempest, known for deploying Clop ransomware. Enterprise teams … Read more
November 9, 2023 at 12:12PM SolarWinds has strongly defended itself against the Securities and Exchange Commission’s (SEC) lawsuit over the 2020 SUNBURST cyberattack. The company called the SEC’s claims “fundamentally flawed” and stated that it had appropriate cybersecurity controls in place before the attack. SolarWinds accused the SEC of overreaching and lacking the authority to … Read more
November 9, 2023 at 07:36AM Japanese electronics manufacturer Japan Aviation Electronics Industry has been recovering from a cyberattack caused by the Alphv/BlackCat ransomware group. The incident occurred on November 2, with unauthorized access to some of the company’s servers. Though there have been delays in email communication, no data leakage has been confirmed. The ransomware … Read more
November 9, 2023 at 06:39AM Iranian state-sponsored hacking group MuddyWater is using a new command-and-control framework called MuddyC2Go in attacks targeting Israel. The framework, written in Go programming language, is believed to have been in use since early 2020. MuddyC2Go generates PowerShell payloads for post-exploitation activities, and experts recommend close monitoring of PowerShell activity. Key … Read more
November 7, 2023 at 10:04AM The recent cyberattack on MGM Resorts resulted in widespread outages and the compromise of various systems, such as slot machines and payment systems. The attack highlighted the importance of properly managing access and authentication controls. Simply adding more identity products is not the solution. Instead, organizations should focus on authentication, … Read more
November 6, 2023 at 04:06AM Google has issued a warning about a public proof-of-concept exploit called Google Calendar RAT (GCR) that utilizes its Calendar service for command-and-control infrastructure. The exploit creates a covert channel by manipulating event descriptions in Google Calendar. Although not yet observed in the wild, the exploit has been shared on underground … Read more