Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2023-03-03 20:56:38 |
Chick-fil-A: 71,000 customers had financial information stolen during cyberattack (lien direct) |
Fast food giant Chick-fil-A said more than 71,000 of its customers had their financial information stolen from their website during a breach lasting from December to February. In documents filed with the attorney general offices of Maine, Montana and California, Chick-fil-A said it began an investigation after discovering “suspicious login activity” connected to an unknown [… |
|
|
★★
|
|
2023-03-03 19:57:24 |
U.S. government warns of Royal ransomware attacks against critical infrastructure (lien direct) |
The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory Thursday warning vulnerable organizations of an increased threat posed by Royal ransomware. The guidance is the second warning the U.S. government has issued about Royal ransomware in recent months. In December, the U.S. Department of Health and Human Services (HHS) warned hospitals [… |
Ransomware
Threat
|
|
★★★
|
|
2023-03-03 19:09:13 |
Online travel giant says it was not compromised through recently-discovered vulnerability (lien direct) |
Online travel agency giant Booking.com said Friday that it was not compromised through a vulnerability on the platform that was recently discovered by researchers. Several publications on Thursday reported that researchers from Salt Security said they found several critical security flaws on Booking.com and its sister company Kayak. The flaws involved the tool that allows [… |
Tool
Vulnerability
|
|
★★★
|
|
2023-03-03 17:16:28 |
Cybercrime site shows off with a free leak of 2 million stolen card numbers (lien direct) |
A recent payment-card leak by the dark web shop BidenCash might be mostly a marketing ploy, experts say, but there are still dangers |
|
|
★★
|
|
2023-03-03 17:11:07 |
Oakland officials say ransomware group may release personal data on Saturday (lien direct) |
The government of Oakland acknowledged on Friday that the ransomware group responsible for the cyberattack on city systems is planning to publish the information it stole. On Thursday evening, the Play ransomware group said it was behind the wide-ranging attack, writing on its leak site that it planned to publish sensitive stolen data on Saturday. [… |
Ransomware
|
|
★★
|
|
2023-03-03 16:00:03 |
EPA takes steps to address cybersecurity weaknesses at water utilities (lien direct) |
The U.S. Environmental Protection Agency (EPA) is asking states to include cybersecurity in its audits of public water systems in a measure designed to address a spate of attacks on the sector. In a memorandum released Friday, EPA officials said several public water systems have not adopted even basic cybersecurity best practices - leaving them [… |
|
|
★★★
|
|
2023-03-02 20:51:38 |
Poland blames Russian hackers for cyberattack on tax service website (lien direct) |
Poland’s tax service website was hit by a cyberattack believed to have been carried out by Russian hackers, according to the country's top cybersecurity official. The distributed denial-of-service (DDoS) attack occurred on Tuesday, causing the website to crash for approximately one hour and blocking users’ access to the online tax filing system. In an interview [… |
|
|
★★★
|
|
2023-03-02 20:29:15 |
Tennessee State, Southeastern Louisiana universities hit with cyberattacks (lien direct) |
Tennessee State and Southeastern Louisiana are struggling with cyberattacks that have crippled campus services |
|
|
★★
|
|
2023-03-02 19:21:33 |
In mixed response to White House cyber strategy, House Republicans focus on regulations (lien direct) |
Republican leaders on the House Homeland Security Committee questioned the White House’s desire for more cyber regulations after the release of the National Cybersecurity Strategy on Thursday. Committee Chairman Mark Green and Cybersecurity Subcommittee Chairman Andrew Garbarino did praise aspects of the plan, namely the focus on threats from Russia and China as well as [… |
Guideline
|
|
★★
|
|
2023-03-02 19:02:16 |
A key post-quantum algorithm may be vulnerable to side-channel attacks (lien direct) |
As companies and governments around the world work on creating usable quantum computers, security researchers are also devising ways to protect data once those machines are available. Quantum computers have the potential to crack the cryptographic algorithms in use today, which is why “post-quantum” cryptographic algorithms are designed to be so strong that they can [… |
|
|
★★★
|
|
2023-03-02 17:03:07 |
Secret Service, ICE carried out illegal stingray surveillance, government watchdog says (lien direct) |
U.S. federal agencies failed to secure required court orders to conduct phone tracking surveillance, according to a recently redacted memorandum from a government watchdog. The report, written by the Office of the Inspector General (OIG) and dated February 23, provided details of an audit of the use of cell-site simulators (CSS) - a law enforcement [… |
Legislation
|
|
★★★
|
|
2023-03-02 12:59:55 |
Retailer WH Smith reports cyberattack, says employee data compromised (lien direct) |
U.K.-based retailer WH Smith told regulators that a cyberattack exposed data of current and former employees |
|
|
★★
|
|
2023-03-02 11:31:26 |
National Cyber Strategy to push mandatory regulations, more offensive cyber action (lien direct) |
The White House unveiled its long-awaited National Cybersecurity Strategy on Thursday, laying out a holistic approach to improving digital security across the country. The plan is built around five basic pillars: Minimum cybersecurity requirements for critical infrastructure; Offensive cyber actions against hackers and nation states; Shifting liability onto software manufacturers; Diversifying and expanding the cyber [… |
|
|
★★
|
|
2023-03-01 20:46:22 |
Canadian book giant says employee data was stolen during ransomware attack (lien direct) |
Toronto-based Indigo now says that employee data was accessed in a ransomware incident last month. The LockBit gang claims it was the perpetrator |
Ransomware
|
|
★★
|
|
2023-03-01 20:31:43 |
How Cambodia-based scammers made an estimated $3 million in \'pig butchering\' scheme (lien direct) |
Last October, Sean Gallagher received an unexpected text message from a young Malaysian woman calling herself Harley. She said she ran a wine business in Vancouver that was struggling due to the COVID-19 pandemic, and as a result Harley learned how to make money through cryptocurrency trading. She was willing to share her secrets, she [… |
|
|
★★★
|
|
2023-03-01 18:56:46 |
Washington state public bus system confirms ransomware attack (lien direct) |
Pierce Transit, which serves the Tacoma area, said a ransomware attack disrupted systems and necessitated some temporary workarounds |
Ransomware
|
|
★★
|
|
2023-03-01 13:17:45 |
Streaming service Plex unaware \'of any unpatched vulnerabilities\' following LastPass report (lien direct) |
Plex defended the security of its software after reports said it allowed hackers to get a foothold in a LastPass employee's computer |
|
LastPass
|
★★★
|
|
2023-03-01 00:34:26 |
Victims of MortalKombat ransomware can now decrypt their locked files for free (lien direct) |
Cybersecurity firm Bitdefender released a universal decryptor for the MortalKombat ransomware – a strain first observed by threat researchers in January 2023. The malware has been used on dozens of victims across the U.S., United Kingdom, Turkey and the Philippines, according to a recent report from Cisco. Bogdan Botezatu, director of threat research and reporting [… |
Ransomware
Malware
Threat
|
|
★★
|
|
2023-02-28 21:26:32 |
US Marshals Service becomes latest law enforcement agency hit by hackers (lien direct) |
The U.S. Marshals Service said it was struck by ransomware last week in an attack that affected systems holding sensitive law enforcement data and personally identifiable information related to several suspects. U.S. Marshals Service spokesperson Drew Wade told NBC News late on Monday evening that after consulting with senior officials at the agency, it was [… |
Ransomware
|
|
★★
|
|
2023-02-28 19:33:29 |
Ukraine\'s drone whisperers: What the weapons are telling us (lien direct) |
Drones have played an outsized role in the conflict in Ukraine – surveilling territory, dropping bombs, and crashing into buildings. Russia launched some 600 drones in the last three months of 2022, according to estimates from the Ukrainian consultancy Molfar. When the drones fall, or are shot down, Ukrainian forces retrieve them and hand them [… |
|
|
★★★
|
|
2023-02-28 19:30:30 |
Senior DOJ official warns lapse of surveillance law would harm cyber investigations (lien direct) |
Assistant Attorney General Matthew Olsen joined the White House in urging Congress to renew a controversial internet surveillance program |
|
|
★★★
|
|
2023-02-28 19:30:13 |
DISH tells SEC that ransomware attack caused outages; personal info may have been stolen (lien direct) |
Satellite broadcast giant DISH told the SEC on Tuesday that a ransomware attack is what caused “system issues” that occurred over the weekend. In an 8-K form filing, DISH confirmed rumors that they had been hit with ransomware, warning that on Monday they became aware that “certain data was extracted from the Corporation's IT systems [… |
Ransomware
|
|
★★★
|
|
2023-02-28 18:27:23 |
CISA red-teamed a \'large critical infrastructure organization\' and didn\'t get caught (lien direct) |
CISA is reporting what it learned when its hackers were invited to break into a critical infrastructure organization's network. |
|
|
★★★
|
|
2023-02-28 13:50:41 |
LastPass says attacker hacked employee\'s home computer to access corporate vault (lien direct) |
Password management service LastPass now says a well-publicized 2022 incident stemmed from an intrusion on one engineer's home computer |
|
LastPass
|
★★★
|
|
2023-02-27 20:46:33 |
Minneapolis Public Schools still investigating what caused \'encryption event\' (lien direct) |
Thousands of students in Minneapolis returned to school on Monday after a ransomware attack crippled the school's systems all of last week |
Ransomware
|
|
★★
|
|
2023-02-27 20:04:31 |
More trouble from an APT with Colombia and Ecuador on its mind (lien direct) |
The advanced persistent threat (APT) group known as Blind Eagle or APT-C-36 continues to phish with official-looking PDFs, researchers say |
Threat
|
APT-C-36
|
★★★
|
|
2023-02-27 19:01:20 |
Tech manufacturers are leaving the door open for Chinese hacking, Easterly warns (lien direct) |
The head of the Cybersecurity and Infrastructure Security Agency warned Monday of potentially dire consequences if technology manufacturers fail to bolster the security of their products, in a blistering speech about the dangers posed in cyberspace by China. Technology providers have “normalized the deviant behavior of operating at the bleeding edge of the accident boundary,” [… |
|
|
★★★
|
|
2023-02-27 15:24:27 |
DISH says \'system issue\' affecting internal servers, phone systems (lien direct) |
Satellite broadcast giant DISH said a “systems issue” with its corporate network was affecting several services after customers noticed that the company website and multiple subsidiaries were experiencing problems. In addition to trouble accessing DISH websites and customer service channels, some customers said they could not log into certain channels using their DISH login information. [… |
|
|
★★★
|
|
2023-02-27 12:42:51 |
Danish hospitals hit by cyberattack from \'Anonymous Sudan\' (lien direct) |
The websites of nine hospitals in Denmark went offline on Sunday evening following distributed-denial-of-service (DDoS) attacks from a group calling itself Anonymous Sudan. Copenhagen's health authority said on Twitter that although the websites for the hospitals were down, medical care at the facilities was unaffected by the attacks. It later added the sites were back [… |
Medical
|
|
★★
|
|
2023-02-27 00:53:30 |
\'Limited number\' of News Corp employees sent breach notification letters after January cyberattack (lien direct) |
Employees of News Corp are being sent breach notification letters this week following a January 2022 breach that the company believes the Chinese government was behind. On Wednesday, News Corp submitted documents to Massachusetts confirming the breach. A News Corp spokesperson would not tell The Record how many people were sent letters but at least [… |
|
|
★★
|
|
2023-02-25 00:42:12 |
DNA Diagnostics Center to pay $400,000 fine for 2021 data breach (lien direct) |
One of the largest commercial DNA testing companies in the world agreed to pay a $400,000 fine to Ohio and Pennsylvania after a 2021 data breach compromised the information of more than 2 million people. The announcement from DNA Diagnostics Center (DDC) comes after a lawsuit filed by the two states’ attorneys general accused the [… |
Data Breach
|
|
★★★
|
|
2023-02-24 21:41:36 |
Smuggler provided sensitive US tech to Russian, N. Korean governments, prosecutors say (lien direct) |
Ilya Balakaev worked on behalf of the FSB intelligence agency to bring U.S. counterintelligence tech into Russia, according to an indictment |
General Information
|
|
★★★
|
|
2023-02-24 20:37:32 |
Treasury Department hits Russian disinformation operators with sanctions (lien direct) |
The Treasury Department announced a swath of sanctions on Russian companies and individuals on Friday, including a handful of entities connected to cybersecurity and disinformation operations with links to Russia's intelligence services. The move by the Office of Foreign Assets Control especially targets Russia's mining and minerals sector, but also goes after a range of [… |
|
|
★★★
|
|
2023-02-24 17:24:24 |
Oakland says 311, business license systems still down, but National Guard is helping (lien direct) |
IT experts from the California National Guard and other state agencies are helping Oakland deal with a crippling ransomware attack |
Ransomware
|
|
★★★
|
|
2023-02-24 16:16:13 |
Ohio\'s largest oil producer says \'no impact\' seen after cyberattack (lien direct) |
Encino Energy, which is based in Houston and has a large operation in Ohio, said a recent cyberattack was remediated after it was discovered |
|
|
★★★
|
|
2023-02-23 21:57:12 |
Russian accused of developing password-cracking tool extradited to US (lien direct) |
A 28-year-old Russian malware developer was extradited to the U.S. where he could face up to 47 years in federal prison for allegedly creating and selling a malicious password-cracking tool. Dariy Pankov, also known as “dpxaker,” developed what the Department of Justice called “powerful” password-cracking program that he marketed and sold to other cybercriminals for a [… |
Malware
Tool
|
|
★★
|
|
2023-02-23 21:30:23 |
Popular IBM file transfer tool vulnerable to cyberattacks, CISA says (lien direct) |
A vulnerability in the IBM Aspera Faspex file transfer tool is actively being exploited by malicious hackers, CISA says |
Tool
Vulnerability
|
|
★★
|
|
2023-02-23 20:46:30 |
Google bug bounty program paid a record $12 million last year (lien direct) |
Cybersecurity researchers from 68 countries reported more than 2,900 vulnerabilities to Google's bug bounty program in 2023 |
|
|
★★
|
|
2023-02-23 19:31:29 |
Mozilla: Nearly 80% of Google Play Store apps have discrepancies in privacy reporting (lien direct) |
What apps actually do with user data often differs from what companies tell Google Play Store about their policies, a Mozilla study says |
Studies
|
|
★★★★
|
|
2023-02-23 19:02:13 |
Hackers use ChatGPT phishing websites to infect users with malware (lien direct) |
Cyble says cybercriminals are setting up phishing websites that mimic the branding of ChatGPT, an AI tool that has exploded in popularity |
Malware
Tool
|
ChatGPT
|
★★★
|
|
2023-02-23 18:00:41 |
UK military intelligence team wins Western Europe\'s \'largest cyber warfare exercise\' held in Estonia (lien direct) |
A team from British military intelligence placed first at a cyber warfare exercise described as “Western Europe's largest” hosted at the CR14 cyber range in Estonia, the Ministry of Defence (MoD) announced this week. The exercise, titled Defence Cyber Marvel 2 (DCM2), was organized by the British Army and featured 34 teams from 11 countries, [… |
|
|
★★★
|
|
2023-02-23 15:18:46 |
Russians accused of using DeFi platform for $340 million Ponzi scheme (lien direct) |
Four Russian nationals were indicted for allegedly creating Forsage - a decentralized finance (DeFi) platform - as a Ponzi scheme |
|
|
★
|
|
2023-02-23 14:38:49 |
Food producer Dole confirms ransomware attack (lien direct) |
Dole confirmed the incident following a report that an attack had forced some of the company's production plants to close |
Ransomware
|
|
★★
|
|
2023-02-23 13:00:00 |
Russian covert influence operations have become \'low-quality,\' says Meta (lien direct) |
Russian operatives are creating many “low-quality" social media accounts, "in the hope that at least a few might survive,” Meta says |
|
|
★★
|
|
2023-02-22 22:42:55 |
Shipping companies, medical laboratories in Asia targeted in espionage campaign (lien direct) |
Several shipping companies and medical laboratories in an Asian country have been targeted in an ongoing espionage campaign, Symantec says |
Medical
|
|
★★
|
|
2023-02-22 21:25:30 |
House Democrats want briefing on domestic terrorism at energy facilities, including malware (lien direct) |
Democrats in the House asked CISA and DHS for a briefing about domestic terrorists, including cyberattacks against energy infrastructure |
Malware
|
|
★★
|
|
2023-02-22 20:06:07 |
New Stealc malware-as-a-service targets web browsers, crypto wallets, email clients (lien direct) |
Sekoia.io says the Stealc malware-as-a-service has is a popular tool for stealing data from many types of software, including crypto wallets |
Tool
|
|
★★
|
|
2023-02-22 19:33:35 |
Venture capital financing of cyber companies slid to $18.5 billion in 2022 (lien direct) |
VC investments in cybersecurity startups began to dip in the second half of 2022, but private equity firms spent billions buying companies |
|
|
★★★
|
|
2023-02-22 14:50:12 |
Dutch intelligence: Many cyberattacks by Russia are not yet public knowledge (lien direct) |
Two Dutch intelligence agencies cited the volume of Russian cyber operations as one reason many are not yet publicly known |
|
|
★★★
|
|
2023-02-22 13:22:19 |
Russia blames hackers as commercial radio stations broadcast fake air strike warnings (lien direct) |
Fake air raid and missile strike warnings blared from Russian radio stations. Officials blamed the incident on a hack of satellite tech |
Hack
|
|
★★★
|