The Register reports: Joining the long queue of retailers dealing with cyber mishaps is outdoorsy fashion brand The North Face, which says crooks broke into some customer accounts using login creds pinched from breaches elsewhere. According to a consumer notice filed with the Vermont Attorney General’s Office, the outdoor gear seller spotted unusual activity on […]
It may not seem inuitively obvious to many people, but Reuters reports that cybercrime in Germany rose to a record level last year, driven by hacker attacks from pro-Russian and anti-Israeli groups. Some 131,391 cases of cybercrime took place in Germany last year and a further 201,877 cases were committed from abroad or an unknown […]
The Korea Times reports: Luxury jewelry brand Cartier has confirmed a breach of customer data, raising concerns over data security among high-end brands following recent incidents involving Dior and Tiffany. The company sent out an email Tuesday informing its customers that an “unauthorized third party” accessed its systems temporarily and obtained certain customer information. While […]
TechRadar reports: Security and compliance automation company Vanta has confirmed sharing sensitive customer data with other customers by mistake. In a statement (via TechCrunch), the company said a change it had made in the code resulted in a security breach. In it, some sensitive data from a small subset of customers was shared with other customers. […]
When criminals note that there is an unpatched vulnerability, expect more attacks to follow. A Russian-language forum recently picked up a report from SecurityLab.ru. It begins (translation): Popular forums on vBulletin have once again been found to have holes through which arbitrary code can be executed directly on the server – without a login and […]
Ransomware gangs will swear not to reveal that you were a victim if you pay their ransom demands. SBut if they fail to secure their negotiation chat servers, researchers and intel analysts can discover who their victims are and shoulder-surf any negotiations or payment arrangements. The SuspectFile blog reports on another case like that where […]
Australia’s biggest superannuation fund was questioned by its own clients about a security weakness in its accounts before cybercriminals stole hundreds of thousands of dollars in retirement savings. ABC Australia reports: Two AustralianSuper customers have told the ABC they had asked for multi-factor authentication (MFA) on their accounts but were rebuffed — one of them […]
Yet another member of President Trump’s staff has been caught up in a data security incident. The Guardian reports: The FBI is investigating an apparent impersonator who pretended to be the White House chief of staff, Susie Wiles, in texts and calls to her contacts, including prominent Republicans. Wiles has privately informed colleagues that the contacts in her personal cellphone […]
The Record reports: Australia became on Friday the first country in the world to require victims of ransomware attacks to declare to the government any extortion payments made on their behalf to cybercriminals. The law, initially proposed last year, only applies to organizations with an annual turnover greater than AUS $3 million ($1.93 million) alongside a smaller […]
The Register reports: A Seattle cancer facility has agreed to fork out around $52.5 million as part of a class action settlement linked to a Thanksgiving 2023 cyberattack where criminals directly threatened cancer patients with swat attacks. The Fred Hutchinson Cancer Center (Fred Hutch) disclosed its November 2023 attack a month later, after it confirmed […]
