Rail systems and locomotive manufacturer Wabtec has started sending notification letters to individuals whose personal information was stolen in a ransomware attack last year. The US-based firm provides railway equipment, systems, and services worldwide and has offices in the Americas, Australia, and Europe. The company has roughly 27,000 employees. In a data breach notice, Wabtec says branches in the US, Canada, UK, and Brazil were impacted by the cyberattack. READ MORE...
Rackspace Technology has confirmed the threat actor known as Play was behind the ransomware attack that disrupted email access for its Hosted Exchange customers in early December. The threat actor was identified following a forensic investigation led by CrowdStrike, the FBI and other experts, Rackspace told Cybersecurity Dive Monday. Karen O'Reilly-Smith, chief security officer at Rackspace, said the attack was linked to a zero-day exploit associated with CVE-2022-41080. READ MORE...
Hacking groups are using a new version of the Raspberry Robin framework to attack Spanish and Portuguese-language based financial institutions - and it's complexity quotient has been significantly upgraded, researchers said this week. According to a Jan. 2 report from cybersecurity firm Security Joes, the group has used the same QNAP server for several rounds of attacks - but victim data is no longer in plaintext but rather RC4-encrypted, and the downloader mechanism has been updated. READ MORE...
Music-streaming service Deezer has owned up to a data breach, after hackers managed to steal the data of over 200 million of its users. According to RestorePrivacy which first reported on the breach, the hacker released a sample 5 million stolen records on a well-known hacking forum, claiming to have a 60GB stash of stolen data, including 228 million email addresses. READ MORE...
A hacker is offering to sell data allegedly stolen from Swedish vehicle manufacturer Volvo Cars following a ransomware attack carried out in late December. The data was put up for sale on a public hacker forum on December 31. The seller claims Volvo Cars was the target of a new ransomware operation called Endurance, which emerged in November 2022, when its operators claimed to have obtained data associated with many US government agencies. READ MORE...
Taiwan-based NAS maker Synology has addressed a maximum (10/10) severity vulnerability affecting routers configured to run as VPN servers. The vulnerability, tracked as CVE-2022-43931, was discovered internally by Synology's Product Security Incident Response Team (PSIRT) in the VPN Plus Server software and was given a maximum CVSS3 Base Score of 10 by the company. READ MORE...
A newly identified Trojan backdoor program exploits some 30 vulnerabilities in WordPress plug-ins and themes in order to breach websites based on the WordPress content management system. It only needs to abuse one of those flaws to execute an attack. Researchers from Doctor Web said sites running outdated or unpatched versions of these WordPress tools are at risk of harboring malicious JavaScripts that redirect site visitors to nefarious websites, and should update those programs ASAP. READ MORE...
More than 60,000 Microsoft Exchange servers exposed online are yet to be patched against the CVE-2022-41082 remote code execution (RCE) vulnerability, one of the two security flaws targeted by ProxyNotShell exploits. According to a recent tweet from security researchers at the Shadowserver Foundation, almost 70,000 Microsoft Exchange servers were found to be vulnerable to ProxyNotShell attacks according to version information. READ MORE...