February 19, 2024 at 12:20PM Wyze addressed a security incident affecting thousands of users, attributing it to a third-party caching client library that struggled to handle a surge in camera activity after an outage. This led to users seeing others’ video feeds. Wyze has taken steps to enhance security and prevent reoccurrence, but hasn’t disclosed … Read more
February 12, 2024 at 12:24PM Willis Lease Finance Corporation disclosed a cybersecurity incident to US regulators after data was reportedly stolen and posted by the Black Basta ransomware group. The company took swift action, engaging third-party experts and informing law enforcement. While the extent of the breach is still being investigated, the group claimed to … Read more
February 9, 2024 at 04:09PM AnyDesk disclosed details about a recent hacker attack, revealing the breach was discovered in mid-January with initial intrusion occurring in late December 2023. The company confirmed no evidence of malicious software being distributed to customers and is revoking certificates and pushing out software updates. It also enforced a password reset … Read more
February 1, 2024 at 03:59PM Cloudflare revealed today that its internal Atlassian server was infiltrated by a ‘nation state’ attacker, who gained access to its Confluence wiki, Jira bug database, and Atlassian Bitbucket source code management system. The company detected the breach on November 23, severed access on November 24, and assured that customer data … Read more
January 26, 2024 at 04:04PM The threat actor remained undetected for over five years due to a sophisticated backdoor delivered through invisible adversary-in-the-middle attacks. It sounds like the meeting covered the discovery of a threat actor who went undetected for more than five years due to a sophisticated backdoor delivered through invisible adversary-in-the-middle attacks. This … Read more
January 25, 2024 at 09:03AM EquiLend, a major US securities lender, has suffered a cybersecurity incident leading to unauthorized access to its systems. The company is working to restore services, with experts speculating on the impact of manual operations. Founded in 2001, EquiLend’s Next Generation Trading platform is used by over 120 companies across 40 … Read more
January 24, 2024 at 09:24AM Jason’s Deli has reported potential compromise of customer accounts and personal information through credential stuffing attacks. Attackers accessed user accounts using credentials from other data breaches, leading to possible exposure of personal details such as addresses, contact lists, and payment information. Jason’s Deli is working to identify impacted users and … Read more
January 22, 2024 at 03:51PM AerCap, the world’s largest aircraft leasing company, reported a ransomware infection on January 17. Despite the intrusion by the Slug ransomware crew, the company claims to have not incurred financial losses. LoanDepot also disclosed a ransomware attack, affecting about 16.6 million individuals, prompting an ongoing investigation and restoration efforts. From … Read more
January 10, 2024 at 06:23PM Fidelity National Financial disclosed a cybersecurity incident that led to unauthorized access of 1.3 million customers’ data. The intrusion was attributed to ransomware group ALPHV/BlackCat. FNF’s forensic investigation revealed that certain data was exfiltrated, though it claimed no direct customer impact. The company is providing credit monitoring and identity services … Read more
January 9, 2024 at 09:06AM Mortgage firm LoanDepot was hit by a ransomware attack, leading to system disruptions. The company took immediate steps to contain the incident and initiated an investigation. It shut down certain systems and started notifying regulators and law enforcement. It’s uncertain if personal information was compromised, and the company is assessing … Read more