October 21, 2023 at 12:41PM The International Criminal Court (ICC) has provided more information about a cyberattack it experienced five weeks ago, stating that it was a targeted operation for espionage. The ICC has taken necessary steps to address any compromise to data and is reinforcing its risk management framework. The impact of the attack … Read more
October 21, 2023 at 05:09AM Identity services provider Okta disclosed a security incident where threat actors used stolen credentials to access its support case management system. Okta confirmed that customer data in the support system was compromised, but its production Okta service was not affected. The breach has also impacted customers Cloudflare and BeyondTrust. This … Read more
October 20, 2023 at 10:09AM Vietnamese actors linked to the Ducktail stealer have been using DarkGate malware to target entities in the UK, US, and India. The increase in DarkGate campaigns is attributed to the decision to rent it out on a malware-as-a-service basis. The campaigns also involve LOBSHOT and RedLine Stealer, with similar tactics … Read more
October 19, 2023 at 07:41AM Japanese electronics manufacturer Casio experienced a data breach on its ClassPad education platform. The breach exposed customer information from 149 countries, including personal details, service usage information, and purchase information. Casio has confirmed that credit card information was not compromised. The company is cooperating with law enforcement and conducting an … Read more
October 19, 2023 at 07:06AM Healthcare solutions company Henry Schein disclosed a recent cybersecurity incident that disrupted its business operations and may have led to a data breach. The incident affected its manufacturing and distribution businesses, causing temporary disruption. The company has engaged cybersecurity experts to investigate and has notified law enforcement authorities. Details of … Read more
October 19, 2023 at 06:39AM Between February and September 2023, the Iran-linked threat actor, OilRig, conducted an eight-month cyber espionage campaign against an unnamed Middle East government. The attack involved the theft of files and passwords, as well as the deployment of a PowerShell backdoor called PowerExchange. Additional malware used included Tokel, Dirps, and Clipog. … Read more
October 18, 2023 at 11:03AM The Lazarus Group, a North Korea-linked hacking organization, has been using trojanized versions of Virtual Network Computing (VNC) apps to target the defense industry and nuclear engineers. They trick job seekers on social media into opening malicious apps for fake job interviews. The malware operates discreetly to avoid detection and … Read more
October 17, 2023 at 05:18PM Kwik Trip has released a statement indicating that it may have experienced a cyberattack that led to disruptions in its IT systems. The company assures customers that no evidence suggests any data was stolen, but encourages them to monitor their credit history and be cautious of suspicious emails. Kwik Trip … Read more
October 17, 2023 at 02:55PM Networking equipment manufacturer D-Link confirmed a data breach in which customer and employee information, including the CEO’s details, were stolen and put up for sale. The attacker claims to have also taken source code for D-Link’s software. The company shut down affected servers, disabled user accounts, and clarified that only … Read more
October 17, 2023 at 02:09AM Between May and September 2023, at least 11 telecommunication service providers in Ukraine were targeted by threat actors. The attacks, carried out under the name UAC-0165, caused service interruptions for customers. The attackers used reconnaissance and exploitation techniques from previously compromised servers, employing specialized programs for credential theft and remote … Read more