A federal indictment unsealed Thursday accused two Iranian nationals of engaging in a sprawling effort to interfere in the 2020 U.S. elections - including by gaining access to confidential voter information from at least one state election website and attempting to access 11 states in total. The defendants, Seyyed Mohammad Hosein Musa Kazemi, 24, and Sajjad Kashian, 27, face charges of computer fraud, voter intimidation and transmission of interstate threats for the activity. READ MORE...
California Pizza Kitchen (CPK) served up more than tasty meals recently after a data breach exposed the names and Social Security numbers (SSNs) of more than 100,000 current and former employees. The "external system breach" occurred on Sept. 15 at the popular U.S. pizza chain and affected 103,767 people, according to a Data Breach Notification posted on the website of the Maine Attorney General. CPK, founded in Beverly Hills, Calif. in 1985, has more than 250 locations across 32 states. READ MORE...
A state-sponsored North Korean threat actor tracked as TA406 was recently observed deploying custom info-stealing malware in espionage campaigns. The particular actor is attributed as one of several groups known as Kimsuky (aka Thallium). TA406has left traces of low-volume activity since 2018, primarily focusing on espionage, money-grabbing scams, and extortion. READ MORE...
?The BrazKing Android banking trojan has returned with dynamic banking overlays and a new implementation trick that enables it to operate without requesting risky permissions. A new malware sample was analyzed by IBM Trusteer researchers who found it outside the Play Store, on sites where people end up after receiving smishing (SMS) messages. These HTTPS sites warn the prospective victim that they are using an outdated Android version and offer an APK that will allegedly update them to the latest version. READ MORE...
Security researchers discovered that attackers are also deploying a Linux backdoor on compromised e-commerce servers after injecting a credit card skimmer into online shops' websites. The PHP-coded web skimmer (a script designed to steal and exfiltrate customers' payment and personal info) is added and camouflaged as a .JPG image file in the /app/design/frontend/ folder. The attackers use this script to download and inject fake payment forms on checkout pages displayed to customers by the hacked online shop. READ MORE...
Thousands of Firefox cookie databases containing sensitive data are available on request from GitHub repositories, data potentially usable for hijacking authenticated sessions. These cookies.sqlite databases normally reside in the Firefox profiles folder. They're used to store cookies between browsing sessions. And they're findable by searching GitHub with specific query parameters, what's known as a search "dork." READ MORE...