Infosecurity News
Charity Fined After Destroying “Irreplaceable” Records
A Scottish charity has been fined £18,000 for systematic data protection failings
Pro-Ukraine Hacktivists Ground Dozens of Aeroflot Flights
Two pro-Ukraine hacktivists have claimed responsibility for a destructive attack on Aeroflot
Critical Flaws in WordPress Plugin Leave 10,000 Sites Vulnerable
10,000 WordPress sites vulnerable to takeover due to critical flaws in HT Contact Form Widget plugin
New Scattered Spider Tactics Target VMware vSphere Environments
Scattered Spider has targeted VMware vSphere environments, exploiting retail, airline and insurance sectors
Third-Party Breach Impacts Majority of Allianz Life US Customers
Insurance firm Allianz Life said that a threat actor accessed personally identifiable information of the majority of its 1.4 million US customers
Naval Group Denies Hack Claims, Alleges "Reputational Attack"
Despite claims by a hacker, French defense company Naval Group has detected no intrusions into its IT environments at the time of writing
US Woman Gets Eight Years for Part in $17m North Korean Scheme
Arizonan woman sentenced to 102 months for operating laptop farm for North Korean IT workers
Dating App Breach Exposes Images of 13,000 Women
Dating app Tea has been compromised by a hacker, resulting in the exposure of 13,000 selfies
BlackSuit Ransomware Group’s Dark Web Sites Seized in Operation Checkmate
The US and partners from nine countries have taken down part of the ransomware group’s infrastructure
Prolonged Chinese Cyber Espionage Campaign Targets VMware Appliances
Sygnia observed Chinese cyber campaign dubbed Fire Ant deploying sophisticated techniques to gain full compromise of victim environments, discovering isolated assets
New Chaos Ransomware Emerges, Launches Wave of Attacks
Cisco Talos warned that the Chaos group, thought to be formed of former BlackSuit members, has launched a wave of attacks targeted a variety of sectors
Malware Campaign Masquerades as Dating Apps to Steal Data
A large-scale malware campaign known as SarangTrap has been observed using fake dating apps to steal personal data, targeting South Korean users
FBI Exposes The Com’s Criminal Activities and Involvement of Minors
The US FBI has issued public announcements warning families of The Com, an online criminal network involving minors in various illicit activities
Ransomware Deployed in Compromised SharePoint Servers
Microsoft said Chinese actor Storm-2603 is deploying Warlock ransomware following the exploitation of vulnerabilities in on-prem SharePoint systems
UK and Romania Crack Down on ATM Fraudster Network
Investigators assessed that the criminal group’s stolen funds amount to €580,000
Active Campaign Exploits Cloud Flaws for Cryptomining
Wiz believes the active campaign is part of a broader crypto-scam infrastructure, which uses a wide range of exploitation techniques
New York Proposes Cybersecurity Regulations for Water Systems
A series of new cybersecurity regulations related to the water industry have been set out by New York state agencies
Suspected XSS Forum Admin Arrested in Ukraine
The individual is accused of numerous illicit cybercrime and ransomware activities that have generated at least $7m in profit
France: New Data Breach Could Affect 340,000 Jobseekers
The French employment agency’s partner web portal has been accessed by a malicious actor
Clorox Sues IT Service Provider Cognizant for Causing 2023 Cyber-Attack
Cognizant handed over a password to the cybercriminal without asking any authentication questions
