July 26, 2024 at 04:55PM Researchers discovered a Python package called “lr-utils-lib” on PyPi, designed to target specific macOS machines and steal Google Cloud Platform credentials. The package conceals malicious code in its setup, posing as a legitimate package, and uses social engineering tactics. The campaign is unique due to its highly targeted nature, posing … Read more
July 24, 2024 at 09:40AM Internal documents stolen from IT services provider Leidos Holdings, contracted with the US Department of Defense and other agencies, have been leaked. The files are said not to contain “sensitive customer data,” but the incident emphasizes the need for stronger security measures. The company, with a workforce of 47,000, and … Read more
July 15, 2024 at 01:48PM A sophisticated criminal network based in Iraq has been uncovered, revolving around a Telegram bot with over 90,000 messages mainly in Arabic. Checkmarx researchers found the bot to be central to a larger cybercriminal ecosystem offering various illicit services. They also discovered malicious Python packages on PyPI facilitating data theft, … Read more
July 12, 2024 at 09:42AM AT&T experienced a major data breach, with threat actors stealing call logs for nearly all mobile customers, involving around 109 million customers. The breach occurred in April 2024, compromising call and text records for a specific period. Although no sensitive personal information was exposed, potential identity correlation is a concern. … Read more
July 11, 2024 at 10:24AM Advance Auto Parts has notified over 2.3 million people about a data breach of personal information during Snowflake data theft attacks. This incident affected current and former employees and job applicants, with stolen data including names, Social Security numbers, and driver’s licenses. Advance is providing complimentary identity theft protection and … Read more
July 10, 2024 at 09:58AM Fujitsu Japan confirmed an “advanced” malware strain, not ransomware, was responsible for a March data theft affecting individuals with personal and customer information. Despite isolating infected machines and enhancing monitoring, the company didn’t disclose the scale but notified affected individuals. It aims to further bolster information security following the incident. … Read more
July 10, 2024 at 06:08AM Ransomware groups are evolving beyond encrypting and demanding payments to stealing sensitive information with custom malware. Cisco Talos revealed key tactics and identified 14 prominent ransomware groups, emphasizing their unique goals and activities. These groups employ double-extortion tactics and offer bespoke malware for data exfiltration. They utilize social engineering and … Read more
July 9, 2024 at 05:13PM July’s Microsoft security update addresses 139 CVEs, including actively exploited vulnerabilities and a public Intel microprocessor issue. Notably, two zero-day bugs were identified, posing a moderate threat. Additionally, critical vulnerabilities affecting Windows Remote Desktop Licensing Service require immediate attention, with a recommendation to disable the service if not in use. … Read more
July 8, 2024 at 05:41PM Threat actors leaked 39,000 print-at-home tickets for 150 upcoming concerts and events, including artists like Pearl Jam and Foo Fighters. This was part of an ongoing extortion campaign against Ticketmaster, demanding millions in ransom. Ticketmaster claims their anti-fraud measures make the leaked data useless, but hackers argue that the barcodes … Read more
July 8, 2024 at 04:39PM In May 2024, luxury retailer Neiman Marcus experienced a data breach, exposing over 31 million customer email addresses. The breach also compromised sensitive information including names, contact details, and gift card details. Neiman Marcus linked the incident to the Snowflake data theft attacks and negotiations with the threat actor are … Read more