January 19, 2024 at 10:00AM The US Justice Department recently charged two Russian nationals for involvement in cybercriminal activities, including hacking retailers Michaels and Neiman Marcus in 2013. Aleksey Stroganov and Tim Stigal are accused of stealing and selling payment card data, causing $35 million in losses. Stroganov’s partner, Roman Seleznev, received multiple prison sentences … Read more
January 19, 2024 at 09:35AM VF Corporation reported a ransomware attack in December, with over 35 million customers’ personal data stolen, but no sensitive payment information affected. The attack disrupted business operations, leading to inventory and order fulfillment issues. VF Corp has restored most IT systems and is cooperating with authorities in investigating the incident. … Read more
January 19, 2024 at 09:00AM VF Corporation, parent company of popular fashion brands like Vans and North Face, reported that 35.5 million customers were affected by a cyber-attack in December. However, sensitive data such as social security numbers and financial information were unaffected, and there is no evidence that customer passwords were compromised. The attack … Read more
January 19, 2024 at 08:51AM Pirated macOS applications from Chinese websites harbor a backdoor allowing attackers remote control over infected machines. The malware, hosted on “macyy[.]cn,” uses a dropper to fetch backdoor and downloader components, which enable persistence and facilitate additional payloads. This echoes previous incidents involving the ZuRu malware, possibly indicating a successor. (Words: … Read more
January 19, 2024 at 08:31AM The growing use of AI in organizations poses new security risks. The adoption of AI tools without informing security teams leads to “shadow ML” and “shadow AI.” Legit Security’s platform provides visibility into all software components and developer tools. Securing machine learning involves finding its usage, threat modeling, and implementing … Read more
January 19, 2024 at 08:23AM VMware confirmed active exploitation of a critical vCenter Server vulnerability (CVE-2023-34048) reported by Trend Micro researcher Grigory Dorodnov. Multiple end-of-life products were patched, and ransomware gangs target VMware servers. Over 2,000 exposed servers pose breach risks. VMware urged strict network access control and previously fixed high-severity vCenter Server flaws, an … Read more
January 19, 2024 at 08:00AM 35.5 million customers’ personal information was stolen in a ransomware attack on VF Corporation in December 2023. The attack affected brands like Dickies, The North Face, and Vans. The company has restored impacted systems, but faced operational disruptions. It reported no evidence of stolen passwords and expects minimal financial impact. … Read more
January 19, 2024 at 06:54AM The US government released new guidance for the water and wastewater sector to improve cyber resilience and incident response capabilities. The document, developed by CISA, the FBI, and the EPA, outlines federal roles and resources, encourages incident reporting, and emphasizes interaction with local cyber communities. It aims to mitigate escalating … Read more
January 19, 2024 at 06:33AM Summary: The article highlights the rising significance of data in the digital world, particularly in on-premises Exchange Server environments. It elaborates on the evolving threats of data loss, the changing role of administrators, and crucial backup and recovery strategies to prevent permanent data loss. The consequences of data loss and … Read more
January 19, 2024 at 06:16AM Nigerian cybersecurity expert Chidiebere Ihediwa suggested retraining online scammers as information technology specialists to benefit the country. He highlighted that redirecting their knowledge to legitimate tech roles for educated young men among the fraudsters could be more advantageous than letting them sit in jail. This strategy aims to utilize their … Read more