Personal and financial information stolen from Stanford Medicine, University of Maryland Baltimore (UMB), and the University of California was leaked online by the Clop ransomware group. The threat actors obtained the documents after hacking the universities' Accellion File Transfer Appliance (FTA) software used to share and store sensitive information. Data stolen in the attack targeting Stanford Medicine's Accellion server includes names, addresses, email addresses, and Social Security numbers. READ MORE...
Luxury Italian men's clothing line Boggi Milano has confirmed what Ragnarok was already bragging about on the Dark Web: The brand was hit with a ransomware attack, according to multiple sources. Ragnarok and Boggi Milano representatives who spoke to Bloomberg agree on the facts, the ransomware attack exfiltrated 40 gigabytes of data, including human resources files and salary information. Bloomberg was provided access to documents confirming the breach. READ MORE...
A malware cyberattack on emissions testing company Applus Technologies is preventing vehicle inspections in eight states, including Connecticut, Georgia, Idaho, Illinois, Massachusetts, Utah, and Wisconsin. On Tuesday, March 30th, vehicle emissions testing platform Applus Technologies suffered a "malware" attack that caused them to disconnect their IT systems. "Unfortunately, incidents such as this are fairly common and no one is immune," said Darrin Greene, CEO of the US entity. READ MORE...
Asteelflash, a leading French electronics manufacturing services company, has suffered a cyberattack by the REvil ransomware gang who is demanding a $24 million ransom. Asteelflash is a world-leading French electronics manufacturing services (EMS) company that specializes in the design, engineering, and printing of printed circuit boards. While Asteelflash has not publicly disclosed an attack, BleepingComputer found this week a sample of the REvil ransomware. READ MORE...
Criminals have been hiding malware inside publicly available software that purports to be a cheat for Activision's Call of Duty: Warzone, researchers with the game maker warned earlier this week. Cheats are programs that tamper with in-game events or player interactions so that users gain an unfair advantage over their opponents. The software typically works by accessing computer memory during gameplay and changing health, ammo, score, lives, inventories, or other information. READ MORE...
Major U.S. insurer CNA confirmed this week that it was the victim of a ransomware attack and that it has taken several steps on the road to recovery. The company, one of the biggest players in cybersecurity insurance specifically, had previously acknowledged an attack, but stopped short of specifying exactly what kind. In an update on Thursday, the company said it had restored normal email operations after a ransomware attack. READ MORE...
Food-delivery company Delveroo thought it would be fun to play an April Fool's trick on its customers in France. After all, who wouldn't find a corporation demonstrating its human side by causing a chuckle a welcome relief amid a global pandemic? Unfortunately, what Deliveroo France did just wasn't funny. It sent an email to thousands of its customers, claiming that they had ordered €466.40 (almost USD $500) worth of pizza. READ MORE...
Halvor Molland was asleep on a brisk night in Oslo, Norway's capital, two years ago when his phone rang around 3 a.m. The computer servers of Norsk Hydro, the global aluminum producer where Molland is senior vice president for communications, had seized up as a crippling ransomware infection spread through the company's networks. "The feeling is: You really don't believe it," Molland recalled in a recent interview. "There was a decision then to shut down the network altogether [...]" READ MORE...
The U.S. government is working to draw attention to supply chain vulnerabilities, an issue that received particular attention late last year after suspected Russian hackers gained access to federal agencies and private corporations by sneaking malicious code into widely used software. The National Counterintelligence and Security Center warned Thursday that foreign hackers are increasingly targeting vendors and suppliers that work with the government to compromise their products. READ MORE...
The principle of end-to-end encryption underpins a system of communication where only the communicating users can read the messages. To this end, it exists to prevent any potential eavesdroppers (telecom providers, internet provider, law enforcement agencies) from being able to access the cryptographic keys needed to decrypt the conversation. We remain deeply concerned, therefore, that the Council of the European Union is seeking to adopt new rules that would effectively do away with encryption. READ MORE...
A bipartisan group of US senators on Friday sent letters to major digital ad exchanges, including Google and Twitter, asking whether user data was sold to foreign entities who could use it for blackmail or other malicious ends. In the real-time bidding process to decide which personalized ads a user sees when a web page loads, hundreds of businesses receive a user's personal information, including search history, IP address, age and gender. READ MORE...