Car insurance provider Geico has suffered a data breach where threat actors stole the driver's licenses for policyholders for over a month. Geico is the second-largest car insurance company in the United States, with over 17 million policies for more than 28 million vehicles. In a data breach notification filed with the California Attorney General's office, Geico states that, for over a month, threat actors were abusing an online sales portal to gain access to policy holder's driver's license numbers. READ MORE...
Member nations of the North Atlantic Treaty Organization have banded together in recent days to confront an apparent cyberattack carried out against a NATO member's critical infrastructure, according to the alliance. NATO is also working to battle a stream of disinformation about the attack against island state Berylia that has flooded social media, the alliance said. While many world leaders have faced off with blended cyber and disinformation operations in recent years. READ MORE...
Russian hackers have a long history of going after organizations in Ukraine, but one group especially has tunnel vision for the former Soviet republic. And recently, it looks like those hackers returned with a new campaign targeting Ukrainian government officials, threat researchers say. Gamaredon - also known as Primitive Bear - is behind the malicious cyber activity, Anomali concluded with "high confidence" in research shared with CyberScoop in advance of its publication. READ MORE...
Security researchers have uncovered a batch of Google Play apps that stole users' text messages and made unauthorized purchases on users' dime. The malware, which was hidden in eight apps that had more than 700,000 downloads, hijacked SMS message notifications and then made unauthorized purchases, McAfee mobile researchers Sang Ryol Ryu and Chanung Pak said Monday. McAfee is calling the malware Android/Etinu. READ MORE...
Google Alerts continues to be a hotbed of scams and malware that threat actors are increasingly abusing to promote malicious websites. While Google Alerts has been abused for a long time, BleepingComputer has noticed a significant increase in activity over the past couple of weeks. For example, I use Google Alerts to monitor for various terms related to cyberattacks, security incidents, malware, etc. READ MORE...
Researchers share a list of passwords that Purple Fox attackers commonly brute force when targeting the SMB protocol. Weak passwords used over the Windows Server Message Block (SMB) protocol are often part of attacks that result in the spread of Purple Fox malware, Specops researchers report. Purple Fox, first detected in 2018, is a malware campaign that targets Windows machines. Until recently, its operators used phishing emails and various privilege escalation exploits to target I.E devices. READ MORE...
Rogers is currently affected by a nationwide outage in Canada that prevents customers from accessing wireless voice and data services. The outage started at approximately 1 AM, with users taking to social media to voice their frustration that they can't access voice or data. Rogers has acknowledged the outage in their community forums where they state "some wireless customers" are experiencing a service interruption. READ MORE...