IT Security Newsletter - 10/8/2024
American Water Works investigates unauthorized cyber intrusion
American Water Works said it learned of an unauthorized cyber incident Thursday that gained access to its computer networks, according to a Monday securities filing. The Camden, New Jersey-based water utility said it took steps to protect its computer network, including disconnecting and deactivating certain systems in order to protect data, and will continue to do so in the future. The firm said none of its water and wastewater facilities or operations have been affected by the hack. READ MORE...
Comcast and Truist Bank customers impacted by debt collector's breach
A data breach at Financial Business and Consumer Solutions (FBCS), a US debt collection agency, has led to the loss of data of some Comcast Cable Communications and Truist Bank customers. FBCS is in the business of collecting unpaid debts on behalf of its customers. FBCS discovered the unauthorized access to certain systems in its network on February 26, 2024. The latest count of impacted people put the number of people in the US impacted by the data breach to 4.2 million people. READ MORE...
ADT discloses second breach in 2 months, hacked via stolen credentials
Home and small business security company ADT disclosed it suffered a breach after threat actors gained access to its systems using stolen credentials and exfiltrated employee account data. ADT is a public American company that specializes in security and smart home solutions for residential and small business customers. The firm employs over 14,000 people and has an annual revenue of $4.98 billion. READ MORE...
Casio reports IT systems failure after weekend network breach
Japanese tech giant Casio has suffered a cyberattack after an unauthorized actor accessed its networks on October 5, causing system disruption that impacted some of its services. The disclosure comes from Casio Computer, the parent company of the Casio brand, widely known for its watches, calculators, musical instruments, cameras, and other electronics. "Casio Computer Co., Ltd. confirmed on October 5 of this year that its network had been accessed by a third party in an unauthorized manner." READ MORE...
MoneyGram confirms hackers stole customer data in cyberattack
MoneyGram has confirmed that hackers stole customers' personal information and transaction data in a September cyberattack that caused a five-day outage. The company first detected the attack on September 27th, causing it to shut down IT systems, preventing MoneyGram customers from accessing or transferring money to other users. In a new data breach notification published today, MoneyGram now says that the threat actors had access to its network even earlier, between September 20 and 22, 2024. READ MORE...
Large scale Google Ads campaign targets utility software
After what seemed like a long hiatus, we've observed threat actors returning to malvertising to drop malware disguised as software downloads. The campaign we identified is high-impact, going after utility software such as Slack, Notion, Calendly, Odoo, Basecamp, and others. For this blog, we decided to focus on the Mac version of communication tool Slack. Following the creation of advertiser identities belonging to real businesses, the threat actors launch their malicious ads. READ MORE...
Malicious Chrome Extensions Skate Past Google's Updated Security
Malicious browser extensions are bypassing Google's latest security and privacy standard for Chrome extensions, and they are finding their way into the Chrome Web Store - putting organizations and individuals at considerable risk. That's according to researchers at Singapore-based SquareX, who recently demonstrated how bad actors could sneak harmful browser add-ons past the protections in Google's latest Manifest V3 update for Chrome extensions. READ MORE...
Your robot vacuum cleaner might be spying on you
When Sean Kelly bought a top-of-the-line vacuum cleaner, he imagined he was making a sensible purchase. Not only would his Ecovacs Deebot X2 help him keep the house he shares with his wife and children clean, but he also felt confident that spending AU $2,500 (approximately US $1600) would ensure it would be well-secured from hackers. Little did he know that the cleaning machine scuttling about his family's feet contained a security flaw that could let anyone see and hear their every move. READ MORE...
Smart TVs are like "a digital Trojan Horse" in people's homes
The companies behind the streaming industry, including smart TV and streaming stick manufacturers and streaming service providers, have developed a "surveillance system" that has "long undermined privacy and consumer protection," according to a report from the Center for Digital Democracy (CDD) published today and sent to the Federal Trade Commission (FTC). Unprecedented tracking techniques aimed at pleasing advertisers have resulted in connected TVs (CTVs) being a "privacy nightmare." READ MORE...
- ...in 1862, The Union is victorious at the Battle of Perryville, the largest Civil War combat to take place in Kentucky.
- ...in 1897, Journalist Charles Henry Dow, founder of the Wall Street Journal, begins charting trends of stocks and bonds.
- ...in 1922, Lilian Gatlin becomes the first woman pilot to fly across the United States.
- ...in 1982, "Cats" opens on Broadway and runs for nearly 18 years, closing in September 2000.