Engineering and manufacturing firm Simpson Manufacturing says it has taken some of its IT systems offline following a cyberattack this week. Headquartered in Pleasanton, California, Simpson Manufacturing produces building materials, including anchors, connectors, and new construction and retrofitting materials. In an 8K-Form filing this week, the company told the Securities and Exchange Commission that, on Tuesday, it discovered a cyberattack that impacted some of its systems. READ MORE...
Shadow PC, a provider of high-end cloud computing services, is warning customers of a data breach that exposed customers' private information, as a threat actor claims to be selling the stolen data for over 500,000 customers. Shadow (Shadow) is a cloud gaming service providing users with high-end Windows PCs streamed to their local devices (PCs, laptops, smartphones, tablets, smart TVs), allowing them to run demanding AAA games on a virtual computer. READ MORE...
A newly discovered campaign dubbed "Stayin' Alive" has been targeting government organizations and telecommunication service providers across Asia since 2021, using a wide variety of "disposable" malware to evade detection. Most of the campaign's targets seen by cybersecurity firm Check Point are based in Kazakhstan, Uzbekistan, Pakistan, and Vietnam, while the campaign is still underway. READ MORE...
Apple has released iOS and iPadOS updates to patch a kernel vulnerability that has been exploited in attacks. The flaw, tracked as CVE-2023-42824, has been described as a local privilege escalation issue, which suggests it has been used as part of an exploit chain. Apple has not shared any information on the attacks or the entity that reported the vulnerability. However, many of the recently patched iOS flaws that have been exploited in the wild have been leveraged by commercial spyware vendors. READ MORE...
Industrial routers made by Chinese company Yifan are affected by several critical vulnerabilities that can expose organizations to attacks, Cisco's Talos threat intelligence and research group reported on Wednesday. The vendor was notified in late June and given more than 90 days to release patches. However, no fixes appear to have been released and Cisco has made public the technical details in accordance with its vulnerability disclosure policy. READ MORE...
It has been a very long time since the average computer user thought about .cue files, or cue sheets, the metadata bits that describe the tracks of an optical disc, like a CD or DVD. But cue sheets are getting attention again, for all the wrong reasons. They're at the heart of a one-click exploit that could give an attacker code execution on Linux systems with GNOME desktops. READ MORE...