The City of Columbus, Ohio, is notifying 500,000 individuals that their personal information was stolen in a July 2024 ransomware attack. The incident occurred on July 18 and resulted in the city taking systems offline as a containment measure, which impacted multiple services. In late July, the city announced that the attack was stopped before file-encrypting ransomware could be deployed on its systems. READ MORE...
Saint Xavier University last week started notifying over 210,000 individuals that their personal information was compromised in a data breach in July 2023. The incident was discovered on July 21, 2023, but the investigation into the matter revealed that the unauthorized access to the university's systems occurred weeks before. Between June 29 and July 18, SXU says, the attackers downloaded certain files from its systems, including files containing personal information. READ MORE...
The Housing Authority of the City of Los Angeles (HACLA), one of the largest public housing authorities in the United States, confirmed that a cyberattack hit its IT network after recent breach claims from the Cactus ransomware gang. HACLA provides affordable public housing and assistance programs to low-income families, children, and seniors in Los Angeles, California. As a state-chartered public agency, it administers over 32,000 public housing units on an annual budget of over $1 billion. READ MORE...
Researchers at the Satori Threat Intelligence and Research team have published their findings about a group of cybercriminals that infect legitimate web shops to create and promote fake product listings. The threat, dubbed "Phish 'n Ships" by the researchers, reportedly infected more than 1,000 websites and built 121 fake web stores to trick consumers. Estimated losses are in the region of tens of millions of dollars over the past five years. READ MORE...
Hackers working on behalf of the Chinese government are using a botnet of thousands of routers, cameras, and other Internet-connected devices to perform highly evasive password spray attacks against users of Microsoft's Azure cloud service, the company warned Thursday. The malicious network, made up almost entirely of TP-Link routers, was first documented in October 2023 by a researcher who named it Botnet-7777. READ MORE...
A number of cybercriminal innovations are making it easier for scammers to cash in on your upcoming travel plans. This story examines a recent spear-phishing campaign that ensued when a California hotel had its booking.com credentials stolen. We'll also explore an array of cybercrime services aimed at phishers who target hotels that rely on the world's most visited travel website. According to the market share website statista.com, booking.com is by far the Internet's busiest travel service. READ MORE...
LastPass is warning about an ongoing campaign where scammers are writing reviews for its Chrome extension to promote a fake customer support phone number. However, this phone number is part of a much larger campaign to trick callers into giving scammers remote access to their computers, as discovered by BleepingComputer. LastPass is a popular password manager that utilizes a LastPass Chrome extension to generate, save, manage, and autofill website passwords. READ MORE...
In potentially bad news for those with long names and/or employers with verbose domain names, Okta spotted a security hole that could have allowed crims to pass Okta AD/LDAP Delegated Authentication (DelAuth) using only a username. But why is that bad news for those with long usernames? Well, it's because the bug could be exploited only when a series of conditions were met, one of which being a username that was 52 characters or longer. READ MORE...
Critical security vulnerabilities affecting factory automation software from Mitsubishi Electric and Rockwell Automation could variously allow remote code execution (RCE), authentication bypass, product tampering, or denial-of-service (DoS). That's according to US CISA, which warned yesterday that an attacker could exploit the Mitsubishi Electric bug (CVE-2023-6943, CVSS score of 9.8) by calling a function with a path to a malicious library while connected to the device. READ MORE...