The FBI urges all organizations using Red Hat’s OpenShift AI platform to address a 9.9/10 security flaw. It allows an attacker with authenticated access to a low-privileged account to escalate privileges, potentially leading to stolen data, disrupted services, and complete takeover of the underlying infrastructure. If you have OpenShift deployed in your environment, urgent action is […]
CSO reports: Three of the most notorious ransomware-as-a-service operations have formed a criminal cartel aimed at coordinating attacks and sharing resources in what they describe as an increasingly “challenging” ransomware business environment. DragonForce, Qilin, and LockBit announced the partnership in early September, with DragonForce proposing the collaboration shortly after LockBit reemerged with its LockBit 5.0 […]
Bleeping Computer reports: Discord says they will not be paying threat actors who claim to have stolen the data of 5.5 million unique users from the company’s Zendesk support system instance, including government IDs and partial payment information for some people. The company is also pushing back on claims that 2.1 million photos of government IDs […]
The Vicksburg Daily News reports on the findings by the state auditor: According to Mississippi State Auditor Shad White, a third of state offices are at risk of cybercrimes due to not meeting cybersecurity assessment requirements according to a report released yesterday, Tuesday, Oct. 7. Auditor Shad White stated in the release, “Part of our […]
IT Pro reports two men have been arrested in connection with the attack on Kido schools in which individuals calling themselves Radiant Group first posted pictures, names, and details of nursery school kids and threatened to dump all 8,000, and then deleted the data and apologized. The UK’s Metropolitan Police have arrested two teenagers for […]
Reuters reports an update on the attack on a prominent Japanese brewery: Qilin, a ransomware group with a track record of cyberattacks on major entities around the world, claimed responsibility on Tuesday for a hack on Japan’s Asahi Group Holdings that disrupted production at the beer and beverage giant. Asahi Group’s beer-making subsidiary, Asahi Breweries, said on […]
Becker’s Health IT reports: The Health Information Sharing and Analysis Center, a nonprofit organization that works to share threat intelligence, issued an alert Oct. 1 regarding LockBit 5.0, a ransomware variant that represents an elevated risk to healthcare and other enterprises. The variant is the latest iteration of the ransomware-as-a-service group, which resurfaced in September after a […]
Infosecurity Magazine reports: Read more at Infosecurity Magazine.
Bleeping Computer reports: ParkMobile has finally wrapped up a class action lawsuit over the platform’s 2021 data breach that hit 22 million users. But there’s a catch: victims are receiving compensation in the form of a $1 in-app credit, which they must claim manually. And, it comes with an expiration date. In-app $0.25 credit can be […]
DarkReading reports: After announcing its farewell last month, the cyber extortion group known as Scattered Lapsus$ Hunters returned on Friday with a website featuring stolen Salesforce data and a list of dozens of alleged victims. Scattered Lapsus$ Hunters is an apparent combination of the Scattered Spider, Lapsus$, and ShinyHunters cybercriminal groups, which first emerged over the summer […]
