March 7, 2024 at 07:52AM Belgian beer brewer Duvel’s facility was hit by a ransomware attack, halting production. Its IT team is working on resolving the issue, with no clear timeline for recovery. The company assures no supply issues and is well-stocked. Ransomware attacks are common in the manufacturing sector, with potential financial and operational … Read more
March 7, 2024 at 07:34AM Hackers are exploiting a critical authentication bypass vulnerability (CVE-2024-27198) in TeamCity On-Premises. Hundreds of unpatched instances are being compromised, posing a risk of supply-chain attacks. Vulnerable hosts are mainly in Germany, the United States, and Russia. Rapid7 urges immediate update to fix the severe issue. (Word count: 50) Key takeaways … Read more
March 7, 2024 at 06:27AM In March, JetBrains announced patches for two critical vulnerabilities in TeamCity, leading to immediate exploitation attempts due to miscommunication between Rapid7 and JetBrains. Rapid7 disclosed the flaws to prevent silent patching, while JetBrains wanted customers to install patches first. Exploitation attempts were seen from numerous IPs, highlighting the urgency of … Read more
March 7, 2024 at 06:27AM Fidelity Investments Life Insurance Company notified 28,000 individuals of a data breach at third-party provider Infosys McCamish System, compromising personal data including names, birth dates, Social Security numbers, bank and credit card details. The breach stems from a cyberattack in October 2023. Affected individuals are offered two years of free … Read more
March 7, 2024 at 03:33AM Threat actors are using Facebook messages to distribute the Python-based information stealer called Snake, aiming to capture sensitive data like credentials and cookies. The malware is designed to transmit harvested credentials to platforms like Discord, GitHub, and Telegram. It also targets Vietnamese users and reflects a concerning rise in account … Read more
March 6, 2024 at 06:16PM The Japanese government’s analysis of the recent Line data breach has prompted a directive for the organization to separate its technology from parent company Naver. The merger with Yahoo Japan and dependence on Naver’s technology have raised concerns about cybersecurity practices. Japanese regulators are calling for regular updates and a … Read more
March 6, 2024 at 05:40PM Hackers have been targeting WordPress sites with widescale attacks, initially using crypto wallet drainer scripts to steal cryptocurrency. More recently, they have switched to injecting malicious scripts that force visitors’ browsers to conduct bruteforce attacks on other websites. The threat actor’s goal seems to be building a larger portfolio of … Read more
March 6, 2024 at 05:31PM FILI notified 30,000 individuals of a third-party data breach, affecting names, Social Security numbers, bank account details, and more. This is the second breach involving IMS this year. Jeff Margolies points to increased third-party security breaches and the need for better third-party access management. Fidelity offers 24 months of credit … Read more
March 6, 2024 at 03:41PM TA4903, a gang of hackers specializing in business email compromise attacks, has been impersonating U.S. government entities to carry out malicious activities through fake bidding processes. Proofpoint has been tracking their campaign, noting intensified activities since mid-2023 and a shift to impersonating small businesses. They pose a significant threat and … Read more
March 6, 2024 at 01:42PM A threat actor is leveraging fake Skype, Google Meet, and Zoom meetings to distribute malware targeting Android and Windows users. This campaign, discovered in December, poses a significant cybersecurity threat. By mimicking legitimate URLs and hosting on a single IP address, the attackers are successfully distributing malicious payloads, emphasizing the … Read more