British Retailer JD Sports Discloses Data Breach Affecting 10 Million Customers
British sports fashion retail firm JD Sports on Monday revealed that it has discovered a data breach impacting roughly 10 million of its customers.
According to the company, the cyber incident affects information provided by customers who placed online orders...
Vulnerabilities in OpenEMR Healthcare Software Expose Patient Data
Vulnerabilities in the OpenEMR healthcare software could allow remote attackers to steal sensitive patient data or execute arbitrary commands and take over systems.
OpenEMR is an open source software used for the management of health records. It also allows patients...
Russia-Linked APT29 Uses New Malware in Embassy Attacks
Russia-linked cyberespionage group APT29 has been observed staging new malware for attacks likely targeting embassy-related individuals, Recorded Future reports.
Also referred to as Cozy Bear, the Dukes, Nobelium, and Yttrium, APT29 is a Russian advanced persistent threat (APT) group believed...
Meta Awards $27,000 Bounty for 2FA Bypass Vulnerability
A researcher has disclosed the details of a two-factor authentication (2FA) vulnerability that earned him a $27,000 bug bounty from Facebook parent company Meta.
Gtm Manoz of Nepal discovered in September 2022 that a system designed by Meta for confirming...
The Effect of Cybersecurity Layoffs on Cybersecurity Recruitment
On Friday, January 20, 2023, Google announced it would lay off 12,000 employees. Amazon and Microsoft have laid off a combined 28,000 people; Twitter has reportedly lost 5,200 people; Meta (Facebook, etcetera) is laying off 11,000… This is just...
Critical Vulnerability Impacts Over 120 Lexmark Printers
Printer and imaging products manufacturer Lexmark this week published a security advisory to warn users of a critical vulnerability impacting over 120 printer models.
The issue, tracked as CVE-2023-23560 (CVSS score of 9.0), is described as a server-side request forgery...
BIND Updates Patch High-Severity, Remotely Exploitable DoS Flaws
The Internet Systems Consortium (ISC) this week announced patches for multiple high-severity denial-of-service (DoS) vulnerabilities in the DNS software suite BIND.
The addressed issues could be exploited remotely to cause named – the BIND daemon that acts both as an...
Industry Reactions to Hive Ransomware Takedown: Feedback Friday
Authorities in the United States and Europe have announced the results of a major law enforcement operation targeting the Hive ransomware.
Agencies from around the world worked together to take down Hive’s leak website and servers. In addition, agents hacked...
Microsoft Urges Customers to Patch Exchange Servers
Microsoft this week published a blog post to remind its customers of the continuous wave of attacks targeting Exchange servers and to urge them to install the latest available updates as soon as possible.
“Attackers looking to exploit unpatched Exchange...
Iranian APT Leaks Data From Saudi Arabia Government Under New Persona
The Iran-linked advanced persistent threat (APT) actor known as Moses Staff is leaking data stolen from Saudi Arabia government ministries using a recently created online persona.
Also referred to as Cobalt Sapling, Moses Staff has been likely active since November...
US Reiterates $10 Million Reward Offer After Disruption of Hive Ransomware
Following the shutdown of the Hive ransomware operation by law enforcement, the US government has reminded the public that a reward of up to $10 million is offered for information on cybercriminals.
Authorities in the United States and Europe announced...
Cyberattacks Target Websites of German Airports, Admin
The websites of German airports, public administration bodies and financial sector organizations have been hit by cyberattacks instigated by a Russian “hacker group”, authorities said Thursday.
The Federal Cyber Security Authority (BSI) had “knowledge of DDoS attacks against targets in Germany”, a...
US Infiltrates Big Ransomware Gang: ‘We Hacked the Hackers’
The FBI has at least temporarily dismantled the network of a prolific ransomware gang it infiltrated last year, saving victims including hospitals and school districts a potential $130 million in ransom payments, Attorney General Merrick Garland and other U.S....
Tenable Launches $25 Million Early-Stage Venture Fund
Vulnerability management software firm Tenable has launched a $25 million venture fund to place bets on early-stage startups in the attack surface and exposure management space.
The new Tenable Ventures plans to make seed- and early-stage investments in companies building...
820k Impacted by Data Breach at Zacks Investment Research
Stock research firm Zacks Investment Research is in the process of notifying customers that their personal information was compromised in a data breach.
Founded in 1978, Zacks Investment Research is one of the largest providers of stock research, analysis and...
Mapping Threat Intelligence to the NIST Compliance Framework Part 2
The NIST compliance framework consists of 5 core functions: identify, protect, detect, respond and recover. In my previous column, I mapped threat intelligence capabilities to the NIST core function of Identify. In this column, I will continue the discussion...
Hive Ransomware Operation Apparently Shut Down by Law Enforcement
The Hive ransomware operation appears to have been shut down as part of a major law enforcement operation involving agencies in 10 countries.
A message displayed in English and Russian on the Hive ransomware operation’s Tor-based website reads: The Federal...
US Government Agencies Warn of Malicious Use of Remote Management Software
The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Multi-State Information Sharing and Analysis Center (MS-ISAC) are warning organizations of malicious attacks using legitimate remote monitoring and management (RMM) software.
IT service providers use RMM applications to...
UK Gov Warns of Phishing Attacks Launched by Iranian, Russian Cyberspies
The United Kingdom’s National Cyber Security Centre (NCSC) has published an advisory to warn organizations and individuals about separate spearphishing campaigns conducted by Russian and Iranian cyberespionage groups.
The advisory focuses on activities conducted by the Russia-linked Seaborgium group (aka...
Chinese Hackers Adopting Open Source ‘SparkRAT’ Tool
A Chinese threat actor tracked as DragonSpark has been using the SparkRAT open source remote administration tool (RAT) in recent attacks targeting East Asian organizations, cybersecurity firm SentinelOne reports.
Relatively new, SparkRAT is a multi-platform RAT written in Golang that...