January 3, 2024 at 10:39AM Information stealers are exploiting a Google authentication vulnerability to regenerate cookies and maintain access to accounts, despite password changes. The exploit, involving a MultiLogin endpoint and Chrome tokens, allows attackers to gain persistent access to Google services. The technique has been adopted by multiple infostealers, raising concerns about widespread cyberattacks. … Read more
January 3, 2024 at 07:42AM In 2023, 21 new malware families targeting macOS systems were discovered by security researcher Patrick Wardle, representing a 50% increase from 2022. Wardle’s blog post provides detailed analysis of each family’s characteristics and their potential impact on Apple devices. Notable threats include ransomware, infostealers, APT-developed malware, and variations of existing … Read more
January 3, 2024 at 06:18AM Xerox Business Solutions experienced a data breach limited to its US operations, containing personal information. The company will notify affected individuals but hasn’t confirmed the impact on clients, employees, or partners. The ransomware gang Inc Ransom claimed responsibility, posting stolen documents on a leak site, which Xerox might have prevented … Read more
January 2, 2024 at 10:54AM Australia’s Court Services Victoria (CSV) detected a ransomware cyberattack on December 21, 2023, which led to unauthorized access of court hearing recordings dating back to November 1, 2023. The affected courts include the Supreme Court, County Court, Magistrates’ Court, Children’s Court, and Coroners Court. CSV is taking measures to address … Read more
December 30, 2023 at 10:25AM Security Research Labs (SRLabs) has developed a decryptor called the “Black Basta Buster” that allows victims of the Black Basta ransomware to potentially recover their files for free, exploiting a flaw in the encryption algorithm used by the ransomware gang. However, the developers have since fixed the bug, rendering the … Read more
December 29, 2023 at 08:54AM SecurityWeek weekly roundup provides a concise compilation of cybersecurity stories that may have been overlooked. This week’s stories include a $60 million crypto theft, Android backdoor infection, Microsoft warning of malware distribution, Mint Mobile data breach, and NASA’s space security guidance. Other topics covered are hacking claims, Chrome Safety Check, … Read more
December 29, 2023 at 05:06AM Australian and New Zealand vehicle dealer Eagers Automotive (ASX: APE) experienced a cyberattack, leading to disruptions and a trading halt on the Australian Securities Exchange. While most dealerships remain open, the incident has affected transaction finalization and some operational IT systems. The company does not anticipate a significant financial impact … Read more
December 28, 2023 at 04:20PM Eagers Automotive, the largest car dealership operator in Australia and New Zealand, suffered a cyberattack, resulting in halting stock trading. With over 300 selling points for various brands and subsidiaries, the incident impacted its systems. While external experts are investigating, concern remains about potential customer data exposure. Other recent cyberattacks … Read more
December 28, 2023 at 12:13PM Two cybercrime attacks targeted high-profile Las Vegas casinos, resulting in ransomware infections and data theft. While one company, Caesar Entertainment, chose to pay the ransom and experienced minimal disruption, the other, MGM Resorts, opted not to pay and suffered extensive downtime and financial losses. The decision to pay or not … Read more
December 28, 2023 at 07:54AM LoanCare, a mortgage servicing firm and subsidiary of Fidelity National Financial, has reported a data breach affecting over 1.3 million individuals. The breach, attributed to a cyberattack on FNF’s internal systems, exposed personal information such as names, addresses, and Social Security numbers. The company is coordinating with authorities and offering … Read more