A ransomware attack against the widely used payment processor ATFS has sparked data breach notifications from numerous cities and agencies within California and Washington. Automatic Funds Transfer Services (AFTS) is used by many cities and agencies in Washington and other US states as a payment processor and address verification service. As the data is used for billing and verifying customers and residents is wide and varied, this attack could have a massive and widespread impact. READ MORE...
Carmakers Kia and Hyundai, both owned by the South Korea-based Hyundai Motor Group, said they had found no evidence that the outages they suffered in the past week in the United States were the result of a ransomware attack. Kia Motors America was the first to notify customers via its website that it had been experiencing an IT service outage impacting some of its systems, including internal, customer and dealer systems. Hyundai Motor America later also confirmed some disruptions. READ MORE...
Microsoft has completed its internal investigation about the Solorigate (SolarWinds) security incident, and has discovered that the attackers were very interested in the code of various Microsoft solutions. The attackers viewed some files here and there, but they also managed to download source code from a "small number of repositories," and this includes the code for some important Microsoft Azure components. What the attackers did and did not do? READ MORE...
The Federal Bureau of Investigation (FBI) has warned of the harsh consequences of telephony denial-of-service (TDoS) attacks and has also provided the steps needed to mitigate their impact. The FBI published this warning on Wednesday as an IC3 public service announcement and as a Private Industry Notification issued to private sector organizations in coordination with DHS-CISA. TDoS attacks are manual or automated malicious attempts to render telephone systems unavailable. READ MORE...
RIPE NCC is warning members that they suffered a credential stuffing attack attempting to gain access to single sign-on (SSO) accounts. RIPE NCC is a not-for-profit regional Internet registry for Europe, the Middle East, and parts of Central Asia. It is responsible for allocating blocks of IP addresses to Internet providers, hosting providers, and organizations in the EMEA region. Membership includes over 20,000 organizations from over 75 countries who act as Local Internet Registries. READ MORE...
Just before Christmas, the British Government became the first to approve a COVID-19 vaccine. Since that announcement, not only have several other vaccines been regulated for use, but the worldwide rollout is gaining momentum with other countries approving and accelerating populous vaccination programs. Now that we can see a proactive rollout of the vaccine, hope has sparked amongst frontline workers, at-risk individuals and members of the public. READ MORE...
A malicious adware-distributing application specifically targets Apple's new M1 SoC, used in its newest-generation MacBook Air, MacBook Pro and Mac mini devices. Three months after Apple launched its new M1 system-on-a-chip (SoC), cybercriminals have developed what may be the first malicious macOS application targeting the mobile giant's first in-house silicon. The recently uncovered malicious application, called GoSearch22, natively runs on M1. READ MORE...
The prospect of Web users being tracked by the sites they visit has prompted several countermeasures over the years, including using Privacy Badger or an alternate anti-tracking extension, enabling private or incognito browsing sessions, or clearing cookies. Now, websites have a new way to defeat all three. The technique leverages the use of favicons, the tiny icons that websites display in users' browser tabs and bookmark lists. READ MORE...
A malicious website or malicious ad can trigger an exploit for the IE zero-day bug, opening the door for data theft and code execution, new analysis notes. New details have emerged about an unpatched security vulnerability in Microsoft's Internet Explorer that was recently used in a complex campaign against security researchers. A fresh analysis from 0patch offers further insight into where the bug exists and how it can be triggered in real-world attacks - notably, by just visiting a website. READ MORE...