The Daily Times reports: The personal data of nearly 300,000 people who applied for Hajj has been leaked to the dark web, the Pakistan Telecommunication Authority (PTA) chairman revealed on Friday. Major General (R) Hafeez ur Rehman made the disclosure during a Senate IT Committee meeting, chaired by Senator Palwasha Khan. The PTA chief said […]
Autocar reports: The UK government has officially stepped in to help JLR as it looks to restart car production following a cyber attack that has severely affected the firm’s operations. On Tuesday, the Jaguar and Land Rover company said it would attempt to restart production lines from 24 September. No cars have been built globally since the 1 September hack. A […]
Bleeping Computer reports: The ShinyHunters extortion group claims to have stolen over 1.5 billion Salesforce records from 760 companies using compromised Salesloft Drift OAuth tokens. For the past year, the threat actors have been targeting Salesforce customers in data theft attacks using social engineering and malicious OAuth applications to breach Salesforce instances and download data. The stolen data […]
The Record reports: Shares in a British automaker supplier plummeted 55% Wednesday as it warned that a cyberattack on Jaguar Land Rover (JLR) was impacting its business, adding to concerns that the incident is sending a “shockwave” through the country’s industrial sector, according to a senior politician. Shares in Autins, a company providing specialist insulation components for Jaguar […]
The Korea Herald reports that 2.97 million users, almost one third of the payment card’s 9.6 million customers, had their payment card data breached in an attack on Lotte Card’s online payments server: The stolen information comprises that which was generated and collected during online transactions processed through the compromised server between July 22 and […]
The Register reports that coming soon, entities in China will have only one hour from discovery to report a serious cyber incident — or even only 30 minutes if it is very serious: From November 1, the Cyberspace Administration of China (CAC) will enforce its new National Cybersecurity Incident Reporting Management Measures, a sweeping set of […]
Autocar reports: JLR car production will not restart until 24 September at the earliest, the company has confirmed. The Jaguar and Land Rover maker was targeted by hackers on 1 September and is still in the process of rebuilding its computer systems. The group that hit Marks & Spencer earlier this year has claimed responsibility. This has led to […]
Chosun Biz reports an update to a previously disclosed breach affecting Tiffany Korea: Tiffany & Co., the luxury jewelry brand of LVMH (Louis Vuitton Moët Hennessy), announced that it became aware of a leak of key personal information, including customers’ names, postal and email addresses, and phone numbers. Through a notice on the 15th, Tiffany […]
Public Technology reports: The UK’s data-protection watchdog has warned of a growing trend of cyberattacks on schools being perpetrated by pupils. The Information Commissioner’s Office recently analysed the details of 215 data breaches that took place across the education sector between January 2022 and August 2024 and were classified as “insider attacks”. Almost three in […]
Self-Replicating Worm Hits 180+ Software Packages
KrebsOnSecurity.com reports: At least 187 code packages made available through the JavaScript repository NPM have been infected with a self-replicating worm that steals credentials from developers and publishes those secrets on GitHub, experts warn. The malware, which briefly infected multiple code packages from the security vendor CrowdStrike, steals and publishes even more credentials every time an infected package is installed. […]