Embraer, a Brazilian manufacturer of aircraft, has disclosed that hackers managed to breach its computer systems, and steal data. Although Embraer may not be a household name, it is the world's third-largest producer of civil aircraft (after Boeing and Airbus), having delivered more than 8,000 aeroplanes to date. According to a press release issued by the firm, Embraer spotted it was being attacked on November 25 2020. READ MORE...
North Korean hackers have been on a bit of a coronavirus vaccine hacking spree. An espionage shop with suspected ties to the North Korean government has been working to breach multiple pharmaceutical companies working on coronavirus treatments in the U.S. and South Korea over the last several months, according to The Wall Street Journal. Johnson & Johnson and Novavax - both U.S.-based firms working on COVID-19 vaccines - have reportedly been targeted, as have South Korea-based Genexine. READ MORE...
Clop ransomware is claiming to have stolen 2 million credit cards from E-Land Retail over a one-year period ending with last months ransomware attack. E-Land Retail, a subsidiary of E-Land Global, operates numerous retail clothing stores, including New Core and NC Department Store. Last month, E-Land Retail had to shut down 23 NC Department Store and New Core locations after suffering a CLOP ransomware attack. At the time of the attack, E-Land Retail stated that sensitive customer data was safe. READ MORE...
Online education giant K12 Inc. has paid a ransom after their systems were hit by Ryuk ransomware in the middle of November. K12 creates tailored online learning curriculums for students to learn from home while in kindergarten through 12th grade. Over 1 million students have utilized K12 to learn from home rather than in traditional public school environments. K12 announced this week that they suffered a ransomware attack in mid-November that caused them to lock down some of their IT systems. READ MORE...
In the midst of its popular Spotify Wrapped 2020 playlist rollout of the year's most popular songs, the streaming service is grappling with a security breach, which affected the pages of some of its biggest stars, including Lana Del Rey, Dua Lipa, Future, Pop Smoke and others. Spotify is the most popular music streaming service in the world with 320 million users, according to the company. The target of the attack, according to the BBC, was a Spotify site specifically. READ MORE...
TrickBot has been updated with functionality that allows it to scan the UEFI/BIOS firmware of the targeted system for vulnerabilities, security researchers have discovered. Around since 2016, the malware recently survived a takedown attempt that resulted in most of its command and control (C&C) domains becoming unresponsive. Since then, however, it received several updates that allow it not only to continue operation, but also to better survive similar attempts. READ MORE...
Researchers at Trend Micro are warning of the latest incarnation of a backdoor trojan horse that has been used in the past to target Mac users. The Ocean Lotus gang, also known as APT 32, has previously been linked to the Vietnamese government and watering hole attacks that compromised websites belonging to the likes of Camodbia's Ministry of Defence, and various Vietnamese online newspapers and blogs. READ MORE...
Threat actors are exploiting legitimate SendGrid mailing service to spoof HMRC phishing emails that bypass spam filters. The known issue has been repeatedly exploited by scammers to evade detection from email security products, yet no concrete solution has been found yet. SendGrid is an email delivery company providing infrastructure for sending out newsletters, promotional emails, and operational business emails such as shipping notifications. READ MORE...
One of the Internet's most aggressive threats has just gotten meaner, with the ability to infect one of the most critical parts of any modern-day computer. Trickbot is a piece of malware that's notable for its advanced capabilities. Its modular framework excels at gaining powerful administrator privileges, spreading rapidly from computer to computer in networks and performing reconnaissance that identifies infected computers belonging to high-value targets. READ MORE...
Xerox issued a fix for two vulnerabilities impacting its market-leading DocuShare enterprise document management platform. The bugs, if exploited, could expose DocuShare users to an attack resulting in the loss of sensitive data. On Wednesday, the Cybersecurity and Infrastructure Security Agency (CISA) issued a security bulletin urging users and administrators to apply a patch that plugged two security holes in recently released versions (6.6.1, 7.0, and 7.5) of Xerox's DocuShare. READ MORE...