Ford Blames Third-Party Supplier for Data Breach
Ford has completed an investigation launched after hackers claimed to have stolen customer information. Hackers named IntelBroker and EnergyWeaponUser claimed in a post on the BreachForums cybercrime forum on November 17 that they had obtained 44,000 Ford customer records, including names, physical addresses, and information on acquisitions. The data sample made public by the hackers represented the physical addresses of car dealers, which is not considered sensitive information. READ MORE...
Healthcare org Equinox notifies 21K patients and staff of data theft
Equinox, a New York State health and human services organization, has begun notifying over 21 thousand clients and staff that cyber criminals stole their health, financial, and personal information in a "data security incident" nearly seven months ago. Adding insult to injury, it appears the LockBit ransomware gang - which was supposed to have been shut down at the time of the incident - may be to blame. READ MORE...
Fintech Giant Finastra Investigating Data Breach
The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecurity has learned. Finastra, which provides software and services to 45 of the world's top 50 banks, notified customers of the security incident after a cybercriminal began selling more than 400 gigabytes of data purportedly stolen from the company. READ MORE...
China-linked group abuses Fortinet 0-day with post-exploit VPN-credential stealer
Chinese government-linked snoops are exploiting a zero-day bug in Fortinet's Windows VPN client to steal credentials and other information, according to memory forensics outfit Volexity. The Volexity threat intelligence team reported the zero-day vulnerability to Fortinet on July 18 after identifying its exploitation in the wild. Fortinet acknowledged the issue on July 24, according to a November 15 report by the vendor's Callum Roxan, Charlie Gardner, and Paul Rascagneres. READ MORE...
'Water Barghest' Sells Hijacked IoT Devices for Proxy Botnet Misuse
A cybercriminal group is exploiting vulnerabilities in Internet of Things (IoT) devices and then turning a tidy profit by putting them up for sale on a residential proxy marketplace, where they can be turned into proxy botnets by state-sponsored advance persistent threats (APTs) and other malicious actors. The gang, tracked as "Water Barghest," has already compromised more than 20,000 IoT devices, including small office and home office (SOHO) routers used by businesses. READ MORE...
Update now! Apple confirms vulnerabilities are already being exploited
Apple has released security patches for most of its operating systems, including iOS, Mac, iPadOS, Safari, and visionOS. The updates for iOS and Intel-based Mac systems are especially important, as they tackle vulnerabilities that are being actively exploited by cybercriminals. You should make sure you update as soon as you can. It's also worth turning on Automatic Updates if you haven't already, which you can do on the same screen. READ MORE...
Amazon and Audible flooded with 'forex trading' and warez listings
Amazon, Amazon Music, and Audible, an Amazon-owned online audiobook and podcast service, have been flooded with bogus listings that push dubious "forex trading" sites, Telegram channels, and suspicious links claiming to offer pirated software. Yesterday, BleepingComputer reported how threat actors were abusing Spotify playlists and podcasts to promote pirated software and game cheats. READ MORE...
Palo Alto Networks customers grapple with another actively exploited zero-day
Palo Alto Networks customers are confronting another actively exploited zero-day, a critical authentication bypass vulnerability in the security vendor's PAN-OS operating system, which runs some of the company's firewalls, the company said Monday in an updated security advisory. "Palo Alto Networks has identified threat activity targeting a limited number of device management web interfaces," the security vendor's threat intelligence firm Unit 42 said in a Monday threat brief. READ MORE...
D-Link Warns of RCE Vulnerability in Legacy Routers
D-Link this week issued an alert on a remote code execution (RCE) vulnerability affecting six router models that have been discontinued. The issue, which does not have a CVE identifier, is described as a buffer overflow that could be exploited by remote, unauthenticated attackers to execute arbitrary code on vulnerable products. According to D-Link, all hardware revisions of certain router models are affected by this security defect and no patch will be released for them. READ MORE...
CISA tags Progress Kemp LoadMaster flaw as exploited in attacks
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added three new flaws in its Known Exploited Vulnerabilities (KEV) catalog, including a critical OS command injection impacting Progress Kemp LoadMaster. The flaw, discovered by Rhino Security Labs and tracked as CVE-2024-1212, was addressed via an update released on February 21, 2024. However, this is the first report of it being under active exploitation in the wild. READ MORE...
- ...in 1900, cartoonist Chester Gould, creator of the long-running "Dick Tracy" comic strip, is born in Pawnee, OK.
- ...in 1924, scientist/mathematician Benoit Mandelbrot, known for his work with fractal geometry, is born in Warsaw, Poland.
- ...in 1945, the Nuremberg trials concerning Nazi war crimes during WWII begin in Germany.
- ...in 1963, actress Ming-Na Wen ("Mulan", "ER", "Agents of S.H.I.E.L.D.") is born in Coloane, Macau.
