Building fake, fraudulent online stores has never been easier: fraudsters are registering domain names for a pittance, using the SHOPYY e-commerce platform to build the websites, and leveraging large language models (LLMs) to rewrite existing product listings to perfect their search engine performance. "We first observed LLM-generated retail product descriptions in July 2024, and similar behaviors continue into the holiday shopping season," researcher Will Barnes has shared. READ MORE...
Auto insurance companies Geico and Travelers were fined $11 million in New York over data breaches that impacted the personal information of over 120,000 individuals. The insurance quoting tools of Government Employees Insurance Company (Geico) were targeted in several cyberattacks starting November 2020, leading to the compromise of a public-facing website's backend and the theft of driver's license numbers. READ MORE...
Flipaclip, an animation creation app that is particularly popular with youngsters, has exposed the details of over 890,000 users. A vulnerability in the frame-by-frame animation app, which is available for iOS and Android, was initially discovered this month by researcher "BobDaHacker" who responsibly reported it to FlipaClip's developers Visual Blasters. The vulnerability allowed unauthorised parties to access information about the app's users from an exposed Google Firebase server. READ MORE...
International Game Technology's internal IT systems and applications were disrupted by a cyberattack, the global gambling technology vendor said in a Tuesday securities filing. The U.K.-based company, which makes slot machines and gambling technology for lottery and sports betting operations, proactively took certain systems offline upon discovering the intrusion on Nov. 17. READ MORE...
Taiwanese NAS maker QNAP addressed 24 vulnerabilities across various products over the weekend. The flaws include two critical and nine "high" severity vulnerabilities, potentially resulting in code execution, file read/write, authentication bypass, information disclosure, and elevation of privileges. Also, a series of CVEs were published by the National Vulnerability Database on November 24, a Sunday, regarding previously disclosed bugs by enterprise data management biz Veritas. READ MORE...
Those with firsthand knowledge of Salt Typhoon's hack of several U.S. telecommunications companies have called the group's actions some of the most sophisticated cyber-espionage efforts they have ever seen. A prominent security vendor may have unearthed some malware that shows why. Trend Micro released a report Monday that gives details on the tactics, techniques and procedures used by Salt Typhoon. READ MORE...
Supply chain management firm Blue Yonder is warning that a ransomware attack caused significant disruption to its services, with the outages impacting grocery store chains in the UK. Blue Yonder (formerly JDA Software) operates as a Panasonic subsidiary with an annual revenue of over a billion USD and 6,000 employees. The company offers AI-driver supply chain solutions to retailers, manufacturers, and logistics providers. READ MORE...
The Russian-language ransomware scene isn't all that big. And despite an array of monikers for individual operations, new analysis shows these groups' members are working in close coordination, sharing tactics, botnets, and malware among one another, as well as with the Russian state. And now, a new power player ransomware group brand has emerged - BlackBasta. Since the spectacular law enforcement takedown of Conti's operations in 2022, the Russian-language ransomware landscape has been in flux. READ MORE...
IBM on Monday announced patches for multiple vulnerabilities across its products, including two high-severity remote code execution (RCE) issues in Data Virtualization Manager and Security SOAR. Tracked as CVE-2024-52899 (CVSS score of 8.5), the flaw in Data Virtualization Manager for z/OS could allow a remote, authenticated attacker to inject malicious JDBC URL parameters, which could lead to arbitrary code execution on the server. READ MORE...