X-Industry

Have I Been Pwned (HIBP) warns that an alleged data breach exposed the personal information of 56,904,909 accounts for Hot Topic, Box Lunch, and Torrid customers.  Hot Topic is an American retail chain specializing in counterculture-related clothing, accessories, and licensed music merchandise.  The company operates over 640 stores across the United States and Canada, primarily located in shopping malls, and has a vast customer base.  According to HIBP, the exposed details include full names, em

For those of you old enough to remember party lines when using your telephones, you could not just pick up the phone and start talking, as there were likely two others on the same ‘line,’ until those talking would hang up their phones. So, you didn’t want to begin sharing any personal information with these two strangers. A party line (multiparty line, shared service line, party wire) is a local loop telephone circuit shared by multiple telephone service subscribers. Fast forward to 2024. The US

New research shows that criminal cyber actors are seemingly targeting Australians with a penchant for Bengal cats, a breed of hybrid feline created from crossing an Asian leopard with domestic breeds. Using Gootloader, a popular malware strain often used as an infostealer or as malware dropped before ransomware attacks, Sophos found that the threat actors target users who search "Are Bengal cats legal in Australia?" and other similar questions.

In one example, the researchers found that one webs

Six unpatched vulnerabilities in a Mazda in-vehicle infotainment (IVI) system could be exploited with a simple USB in a moment’s time, and one of them has legitimate consequences to vehicle safety.  Cars are just computers on wheels, and IVIs are their user interface.  The IVI in most Mazda vehicles of recent years like the Mazda3 and CX-3, 5, and 9 are built with the Mazda Connect Connectivity Master Unit (CMU), developed by the Michigan-based Visteon Corporation.[1]  The CMU is a core hardware

Researchers recently discovered that suspected Iranian hackers impersonated recruiters on LinkedIn to target the aerospace industry in a new espionage campaign.  So-called “fake worker” schemes are typically associated with North Korean threat actors.  However, the Israel-based cybersecurity company ClearSky has attributed this latest campaign to the Iranian operation tracked as TA455, likely a subgroup of the Iranian government cyberwarfare group Charming Kitten.[1]

Researchers suggest that TA4

Thousands of people, including many who use applications such as AutoCAD, JetBrains, and the Foxit PDF editor, have become victims of a sophisticated data-stealing and crypto-mining malware campaign active since February 2023. The as-yet-unidentified threat behind it is distributing the malware via forum posts and illegal torrents. What makes the malware challenging to mitigate is its use of SSL pinning and TLSv1.3 encryption to protect its command-and-control (C2) communications and data exfilt

Amazon confirmed a data breach involving employee information after data allegedly stolen during the May 2023 MOVEit attacks was leaked on a hacking forum.  The threat actor behind this data leak, known as Nam3L3ss, published over 2.8 million lines of Amazon employee data, including names, contact information, building locations, email addresses, and more.  Amazon spokesperson Adam Montgomery confirmed Nam3L3ss' claims, adding that this data was stolen from systems belonging to a third-party ser

Cryptocurrency-related businesses have been targets of North Korean-affiliated threat actors for some time now, with multiple campaigns aiming to steal funds and/or insert backdoor malware into targets. In April 2023, researchers detailed an APT campaign targeting macOS users with multi-stage malware that culminated in a Rust backdoor capable of downloading and executing further malware on infected devices. ‘RustBucket,’ as they labeled it, was attributed with strong confidence to the BlueNoroff

Threat analysts have observed a new ransomware group called Interlock conducting targeted attacks across sectors, including US healthcare, IT and government, and European manufacturing. According to a recent report by Cisco Talos, Interlock employs “big-game hunting” and double extortion tactics, where compromised data is stolen and threatened to be released publicly unless a ransom is paid.

This group operates a data leak site called “Worldwide Secrets Blog” to publish stolen data. It offers vi

The cost of zero-day exploits has always been high, especially if they allow an attacker to remotely execute code on a host machine.  But why pay hundreds of thousands of dollars for a 0-day when a relatively simple drive-by attack doesn’t need one and can achieve much the same result?  That’s what interested an Imperva security researcher who has published a report on new drive-by attack using something called the Evil Code Editor.  Here’s what you need to know.

“A remote code execution chain i

In a recent opinion piece, Linus Torvalds shares his views on C and C++.  “I must be a glutton for punishment.  Not only was my first programming language IBM 360 Assembler, but my second language was C.  Programming anything in them wasn't easy.  Programming safely in either is much harder.”  So, when the US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigations (FBI announced they were doubling down on their efforts to persuade software manufacturers t

ByteDance is being exiled from Canada, though the TikTok app is not. Following the US's example, Canada has spent recent years questioning the world's most popular Chinese app. In February 2023, TikTok was banned from all government devices, citing security concerns. Later that year, the government called for a broader national security review under the 1985 Investment Canada Act, which empowers the government to scrutinize foreign investments.

In concluding that review, the Minister of Innovati

In a recent Forbes article, technical author Davey Winder shared insights into a Check Point blog post.  Hackers have been seen using AI which very nearly compromised the account of a Gmail user, as explained in a recent report by Winder.  Now both Gmail and AI are back in the forefront, but now as part of a large-scale hacking campaign targeting both consumers and corporates with a financially-motivated payload.  Check Point analyzes the new campaign the CopyRh(ight)adamantys cyber-attack.

Unli

The holiday shopping season is almost upon us, and with all the great sales and promotions come the usual cyber scams. While generally quick and convenient, shopping online can leave you vulnerable to scammers if you are not cautious. Based on a consumer survey, a new report from Norton looks at how scams are a common concern among shoppers and how to protect yourself while holiday shopping online.

Check out the 2024 Cyber Safety Insights Report.

Norton incorporated the results of a survey condu

Ukraine is accusing Google of exposing the locations of its military sites in recent updates to its online mapping service.  Andrii Kovalenko, the head of the counter-disinformation department at Ukraine's National Security and Defense Council, said the images were spotted last week and have already been “actively distributed” by Russians.  He did not provide further details about what was specifically revealed or how Moscow could use the obtained data.

Kovalenko said Google hasn’t yet fixed the

The hacker suspected of launching a series of major breaches involving data stored on Snowflake accounts was arrested in Canada last week after a request was issued by US officials.  The individual in question, Alexander "Connor" Moucka (aka Judische and Waifu), was apprehended on 30 October 2024, on the basis of a provisional arrest warrant, following a request by the US.[1]  The arrest of Moucka was first reported by Bloomberg and 404Media on earlier this week.  “He appeared in court later tha

Securonix Threat Research has discovered a sophisticated phishing campaign, “CRON#TRAP,” that leverages a unique approach to infiltrate systems and establish persistent backdoors. This creative attack method involves deploying emulated Linux environments within compromised endpoints, specifically Tiny Core Linux.

Multi-Stage Attack Process of CRON#TRAP - The CRON#TRAP campaign employs a multi-stage attack method to compromise target systems and establish persistent backdoors. The initial infecti

The Five Eyes are the intelligence agencies of the UK, US, Canada, New Zealand, and Australian governments. This group has launched a new program designed to help their tech startups improve baseline cybersecurity measures in the face of escalating state-backed threats. Secure Innovation was originally a UK initiative run by GCHQ’s National Cyber Security Centre (NCSC) and MI5’s National Protective Security Authority (NPSA). However, it has now been adopted and promoted by all Five Eyes intellig

A notorious hacker known as Intel Broker has announced a data breach involving the telecommunications giant Nokia. Posting on the infamous cybercrime forum BreachForums, Intel Broker claims to have gained unauthorized access to sensitive Nokia information through a third-party contractor linked to Nokia’s internal tool development.
The hacker claims that no customer information was accessed, but they have obtained critical internal data from Nokia’s systems, which they’re now selling for $20,000.

Researchers at Google said last week that they have discovered the first vulnerability using a large language model.  In a blog post, Google said it believes the bug is the first public example of an AI tool finding a previously unknown exploitable memory-safety issue in widely used real-world software.  The vulnerability was found in SQLite, an open-source database engine popular among developers.

Google researchers reported the vulnerability to SQLite developers in early October, who fixed it