Victoria's Secret takes down website after security incident
Fashion giant Victoria's Secret has taken down its website and some store services because of an ongoing security incident. Victoria's Secret manages approximately 1,380 retail stores in nearly 70 countries and reported an annual revenue of $6.23 billion for the fiscal year ending February 1, 2025. The company says in a message on its website that its Victoria's Secret and PINK stores remain open while operations are being restored. READ MORE...
Data broker LexisNexis discloses data breach affecting 364,000 people
Data broker giant LexisNexis Risk Solutions, a Georgia-based American data analytics company, has revealed that attackers stole the personal information of over 364,000 individuals in a December breach. As disclosed in data breach notifications sent to affected people starting May 24th, LexisNexis was informed on April 1st that some of its data had been stolen from GitHub by an unknown threat actor using a compromised company account. READ MORE...
CFOs, financial execs in crosshairs of 'highly targeted' spearphishing campaign
The hackers are preying on corporate leaders at banks, investment firms, utilities and insurance companies worldwide. A "highly targeted" spearphishing campaign is attempting to ensnare financial executives at banks, investment firms, energy utilities and insurance companies around the world, Trellix said in a report published Wednesday. The malicious emails are rigged with installers that allow the hackers to remotely access victim computers. READ MORE...
Chinese hackers used Google Calendar to aid attacks on government entities
Google Threat Intelligence Group said it developed means to counter the activity, which it linked to APT41. Google said Wednesday that it caught suspected People's Republic of China-backed hackers leveraging its Calendar service to help stealthily stage attacks on government agencies. In late October of last year, Google Threat Intelligence Group said it "discovered an exploited government website hosting malware being used to target multiple other government entities," Patrick Whitsell wrote. READ MORE...
Thousands of Asus routers are being hit with stealthy, persistent backdoors
Thousands of home and small office routers manufactured by Asus are being infected with a stealthy backdoor that can survive reboots and firmware updates in an attack by a nation-state or another well-resourced threat actor, researchers said. The unknown attackers gain access to the devices by exploiting now-patched vulnerabilities, some of which have never been tracked through the internationally recognized CVE system. READ MORE...
184 million logins for Instagram, Roblox, Facebook, Snapchat, and more exposed online
A recent discovery by cybersecurity researcher Jeremiah Fowler of an unsecured database containing over 184 million unique login credentials has once again highlighted the growing threat posed by infostealers. While the sheer volume of exposed data-including emails, passwords, and authorization URLs-is alarming, the real concern is not just about the exposure itself, but in how cybercriminals collect and weaponize these credentials. READ MORE...
Pakistan Arrests 21 in 'Heartsender' Malware Service
Authorities in Pakistan have arrested 21 individuals accused of operating "Heartsender," a once popular spam and malware dissemination service that operated for more than a decade. The main clientele for HeartSender were organized crime groups that tried to trick victim companies into making payments to a third party, and its alleged proprietors were publicly identified by KrebsOnSecurity in 2021 after they inadvertently infected their computers with malware. READ MORE...
Vulnerabilities found in NASA's open source software
Vulnerabilities in open source software developed and used in-house by NASA could be exploited to breach their systems, claims Leon Juranic, security researcher and founder of cybersecurity startup ThreatLeap. Juranic, whose AppSec credentials include founding and leading DefenseCode, is no stranger NASA: in 2009, he discovered and reported a number of serious vulnerabilities in NASA's Common Data Format (CDF) software library, which ended up getting fixed by the developers. READ MORE...
- ...in 1848, Wisconsin becomes the 30th state.
- ...in 1913, Igor Stravinsky's score for "The Rite of Spring" has its debut performance in Paris. It provoked a riot that broke out inside the theatre.
- ...in 1953, Sir Edmund Hillary and Tenzing Norgay become the first individuals to reach the top of Mount Everest.
- ...in 1999, The Space Shuttle Discovery executes the first-ever docking maneuver with the International Space Station.
