Vulnerabilities, News
January 25, 2025
771 views 24 secs 0

Simple STARLINK Bug Let Hackers Control Every Connected Subaru

Security researchers gained complete control of Subaru vehicles worldwide using only basic customer information like license plates or ZIP codes Motor Illustrated reports: Security researchers discovered a critical vulnerability in Subaru‘s STARLINK connected vehicle service that allowed unauthorized access to vehicles and customer data across the United States, Canada, and Japan, according to a blog post published by […]

Data Breach News, News
January 22, 2025
755 views 14 secs 0

Government IT contractor Conduent says ‘third-party compromise’ caused outages

What third party, you wonder? They don’t say. Recorded Future reports: A recent outage affecting the government technology contractor Conduent was due to a cyberattack that compromised the company’s operating systems.  A Conduent spokesperson told Recorded Future News the company recently “experienced an operational disruption due to a third-party compromise” of one of their operating […]

Data Breach News, News
January 21, 2025
847 views 2 mins 0

Personal information of Toronto District School Board students going back 4 decades may have been breached in PowerSchool incident

The PowerSchool breach that is giving school districts throughout the U.S. major headaches also affected school districts in Canada. The Toronto Star reports: Toronto’s public school board says personal information of its students dating back to 1985 may have been breached during a recent cybersecurity incident that affected many districts across North America. … The […]

Malware Ransomware, News
January 19, 2025
804 views 9 secs 0

Russian couple on trial for large-scale ransomware attacks

Two Russians are on trial in Brussels for infecting tens of thousands of computers with ransomware and raking in more than 3 million euros. Belga News Agency reports: The couple allegedly used the highly malicious Crylock ransomware to remotely lock computer files and hold some 400,000 victims for ransom. Crylock first appeared in Belgium in […]

Data Breach News, News
January 17, 2025
1060 views 2 mins 0

Blue Yonder investigating Clop gang’s threat linked to exploited Cleo CVEs

The Cl0p gang that previously successfully attacked file transfer software platforms by exploiting zero-day vulnerabilities is now starting to leak data from yet another campaign targeting file transfer software. This time, it’s CLEO. Cybersecurity Dive reports: Blue Yonder said it is investigating a threat after Clop listed the supply chain management company among nearly 60 […]

Malware Ransomware, News
January 16, 2025
802 views 6 mins 0

Justice Department and FBI Conduct International Operation to Delete Malware Used by China-Backed Hackers

Court-Authorized Operation Removes PlugX Malware from Over 4,200 Infected U.S. Computers Note: View the affidavit here. The Justice Department and FBI today announced a multi-month law enforcement operation that, alongside international partners, deleted “PlugX” malware from thousands of infected computers worldwide. As described in court documents unsealed in the Eastern District of Pennsylvania, a group of […]

Vulnerabilities, News
January 13, 2025
236 views 52 secs 0

Researcher Uncovers AWS S3 Ransomware Vulnerabilities

As if there weren’t enough concerns with misconfigured Amazon AWS s3 buckets exposing data, now we read this: Security researchers at Rhino Security Labs have uncovered a concerning vulnerability in Amazon Web Services (AWS) S3 storage systems that could allow attackers to execute ransomware attacks against cloud-stored data.  The research demonstrates how attackers can encrypt S3 bucket […]