Columbus, Ohio, confirms 500K people affected by Rhysida ransomware attack
The City of Columbus, Ohio, has confirmed half a million people's data was accessed and potentially stolen when Rhysida's ransomware raided its systems over the summer. In fact, the city noted in a filing that the number of people potentially affected was 500,000 exactly, an oddly round number for data break-in disclosures of this kind. It's the first time Columbus has confirmed the scale of the ransomware attack and associated data exposure. READ MORE...
Schneider Electric confirms dev platform breach after hacker steals data
Schneider Electric has confirmed a developer platform was breached after a threat actor claimed to steal 40GB of data from the company's JIRA server. "Schneider Electric is investigating a cybersecurity incident involving unauthorized access to one of our internal project execution tracking platforms which is hosted within an isolated environment," Schneider Electric told BleepingComputer. READ MORE...
Nokia investigates breach after hacker claims to steal source code
Nokia is investigating whether a third-party vendor was breached after a hacker claimed to be selling the company's stolen source code. "Nokia is aware of reports that an unauthorized actor has alleged to have gained access to certain third-party contractor data and possibly data of Nokia," the company told BleepingComputer. "Nokia takes this allegation seriously and we are investigating. To date, our investigation has found no evidence that any of our systems or data being impacted." READ MORE...
Canadian Authorities Arrest Suspected Snowflake Hacker
Canadian authorities have reportedly arrested an individual suspected of orchestrating a large-scale campaign leading to the compromise of Snowflake accounts belonging to 165 organizations. The campaign came to light in late May, after Snowflake warned that a limited number of customers that did not have their accounts protected with multi-factor authentication were targeted by threat actors. READ MORE...
Android warns of Qualcomm exploit in latest security bulletin
Android's monthly security bulletin published Monday warns of two vulnerabilities with "limited, targeted exploitation" in the wild. One vulnerability impacts Qualcomm chipsets via a use-after-free vulnerability in its FastRPC driver. Designated as CVE-2024-43047, the bug was reported to be under active exploitation in early October and is rated "high" severity with a CVSS score of 7.8. READ MORE...
Millions of Synology NAS devices vulnerable to zero-click attacks (CVE-2024-10443)
Synology has released fixes for an unauthenticated "zero-click" remote code execution flaw (CVE-2024-10443, aka RISK:STATION) affecting its popular DiskStation and BeeStation network attached storage (NAS) devices. CVE-2024-10443 was discovered by Rick de Jager, a security researcher at Midnight Blue, and has been exploited at the Pwn2Own Ireland 2024 hacking competition ten days ago. READ MORE...
Hundreds of code libraries posted to NPM try to install malware on dev machines
An ongoing attack is uploading hundreds of malicious packages to the open source node package manager (NPM) repository in an attempt to infect the devices of developers who rely on code libraries there, researchers said. The malicious packages have names that are similar to legitimate ones for the Puppeteer and Bignum.js code libraries and for various libraries for working with cryptocurrency. The campaign was reported by researchers from the security firm Phylum. READ MORE...
The post-election threats you need to prepare for, according to experts
After weeks of early voting, voters on Tuesday will head to the polls across the country to determine the next President of the United States. But federal agencies, state and local election officials, and experts say that while American voters will ultimately choose the next chief executive, they are preparing for a chaotic, disruptive and messy post-election period. One where foreign nations, domestic political groups and other bad actors will attempt to take advantage of a divided electorate. READ MORE...
DocuSign Abused to Deliver Fake Invoices
Threat actors are abusing DocuSign to deliver emails to unsuspecting users and bypass email protection mechanisms, Wallarm warns. Unlike traditional phishing, which involves spoofed email messages mimicking known brands aimed at harvesting credentials or installing malware, this campaign relies on the trusted e-signing service to deliver malicious content. Specifically, threat actors have been creating DocuSign accounts enabling them to change templates and access the service's APIs directly. READ MORE...
- ...in 1605, Guy Fawkes is arrested in the act of placing explosives underneath the British Parliament, as part of the "Gunpowder Plot."
- ...in 1911, Roy Rogers is born in Cincinnati. The location of his home later became home plate at Riverfront Stadium.
- ...in 1940, Franklin Delano Roosevelt is elected to an unprecedented fourth term as President of the United States.
- ...in 1968, Richard Nixon is elected as 37th President of the United States.
