Phobos ransomware administrator faces US cybercrime charges
The Justice Department unsealed criminal charges against Evgenii Ptitsyn, 42, a Russian national, for allegedly administering the sale, distribution, and operation of Phobos ransomware. Ptitsyn made his initial appearance in the US District Court for the District of Maryland on Nov. 4 after being extradited from South Korea. Phobos ransomware, through its affiliates, victimized more than 1,000 public and private entities in the United States and around the world. READ MORE...
Ford Investigating Potential Breach After Hackers Claim Data Theft
Ford has launched an investigation after hackers claimed to have stolen customer information. The notorious hacker IntelBroker and a hacker called EnergyWeaponUser made the claims in a post on the BreachForums cybercrime forum on November 17. They claim to have targeted Ford this month and they allegedly obtained 44,000 customer records, including names, physical addresses, and information on product acquisitions. READ MORE...
US space tech giant Maxar discloses employee data breach
Hackers breached U.S. satellite maker Maxar Space Systems and accessed personal data belonging to its employees, the company informs in a notification to impacted individuals. The threat actor compromised the company network about a week before the discovery of the intrusion. Immediately after discovering the unauthorized access, the company took action to prevent the hackers from reaching further into the system. READ MORE...
Hackers Redirect $250,000 Payment in iLearningEngines Cyberattack
AI-powered learning automation firm iLearningEngines on Monday disclosed a cybersecurity incident that resulted in the theft of $250,000. iLearningEngines told the SEC that a threat actor accessed its environment and certain files on its network, deleted some emails, and misdirected a $250,000 wire payment, which has not been recovered. Maryland-based iLearningEngines has developed a platform that uses AI to deliver personalized and automated learning. READ MORE...
Spotify abused to promote pirated software and game cheats
Spotify playlists and podcasts are being abused to push pirated software, game cheat codes, spam links, and "warez" sites. By injecting targeted keywords and links in playlist names and podcast descriptions, threat actors may benefit from boosting SEO for their dubious online properties, since Spotify's web player results appear in search engines like Google. When abusing platforms, spammers and scammers leave no stone unturned to promote their agenda. READ MORE...
QuickBooks popup scam still being delivered via Google ads
Accounting software QuickBooks, by Intuit, is a popular target for India-based scammers, only rivaled for top spot by the classic Microsoft tech support scams. We've seen two main lures, both via Google ads: the first one is simply a website promoting online support for QuickBooks and shows a phone number, while the latter requires victims to download and install a program that will generate a popup, also showing a phone number. In both instances, that number is fraudulent. READ MORE...
Akira Ransomware Racks Up 30+ Victims in a Single Day
The Akira ransomware group has updated its data-leak website on Nov. 13-14, listing more than 30 of its latest victims - the highest single-day total since the gang first began its malicious operations in March of last year. The group spares no one, targeting a variety of industries globally, and operates using a ransomware-as-a-service (RaaS) model, stealing sensitive data before encrypting it. READ MORE...
Critical 9.8-rated VMware vCenter RCE bug exploited after patch fumble
Two VMware vCenter server bugs, including a critical heap-overflow vulnerability that leads to remote code execution (RCE), have been exploited in attacks after Broadcom's first attempt to fix the flaws fell short. Broadcom first patched the two flaws - CVE-2024-38812 and CVE-2024-38813 - on September 17th, but then issued an October update to the original patches after admitting its initial effort "did not completely address" either vulnerability. READ MORE...
Critical WordPress Plug-in Flaw Exposes 4M Sites to Takeover
A WordPress plug-in installed on more than 4 million websites exposes them to full administrative takeover through a scripting flaw that potentially can be used to launch large-scale automated attacks against multiple sites. Researchers from Wordfence called the authentication bypass flaw "one of the more serious vulnerabilities" that they have ever identified, uncovering it earlier this month in a plug-in from Really Simple Security that provides WordPress security features for sites. READ MORE...
- ...in 1863, President Lincoln delivers his historic Gettysburg Address at the dedication of the national cemetery at the battle site.
- ...in 1959, the Ford Motor Company announces the discontinuation of the notoriously unpopular Edsel.
- ...in 1969, Brazilian football star Pele scores his 1,000th career goal.
- ...in 1985 President Ronald Reagan and Premier Mikhail Gorbachev hold their first summit meeting.
