Intel-owned AI processor developer Habana Labs has suffered a cyberattack where data was stolen and leaked by threat actors. Habana Labs is an Israeli developer of AI processors that accelerate artificial intelligence workloads in the datacenter. Intel purchased the company in December 2019 for approximately $2 billion. Today, the Pay2Key ransomware operation leaked data allegedly stolen from Habana Labs during a cyberattack. This data includes Windows domain account information, DNS. READ MORE...
Subway customers in the UK and Ireland were swamped with scam emails yesterday in a phishing campaign that aimed to trick recipients into downloading malware. As phishes go, this one isn't terribly sophisticated or believable, and the scam itself requires several clicks, each one more suspicious than the last. The file you download is a password-protected XLS spreadsheet file that contains macros - embedded software code that is sufficiently risky that Office itself won't run macros by default. READ MORE...
Russian hackers have breached networks belonging to the US government and private organizations worldwide in a widespread espionage campaign that uses the global software supply chain to infect targets. The US Treasury and Commerce departments are among the US government agencies hit in an operation that multiple news outlets, citing people familiar with the matter, said was led by Cozy Bear, a hacking group believed to be part of the Russian Federal Security Service or FSB. READ MORE...
Norwegian cruise company Hurtigruten announced Monday that it had been hit by a major cyberattack involving what appeared to be "ransomware", designed to seize control of data to ransom it. "It's a serious attack," said the company's chief digital officer Ole-Marius Moe-Helgesen in a statement. "The entire worldwide digital infrastructure of Hurtigruten seems to have been hit." The company said it had alerted the relevant authorities when the attack was detected overnight Sunday to Monday. READ MORE...
Facebook has shut down several accounts and Pages on its platform, which were used to launch phishing and malware attacks by two cybercriminal groups: APT32 in Vietnam and an unnamed threat group based in Bangladesh. The social-media giant said it has removed both groups' ability to use their infrastructure to abuse its platform, distribute malware and hack other accounts. A new analysis said the two groups were unconnected and targeted Facebook users leveraging "very different" tactics. READ MORE...
Molerats cyberespionage group has been using in recent spear-phishing campaigns fresh malware that relies on Dropbox, Google Drive, and Facebook for command and control communication and to store stolen data. The hackers have been active since at least 2012 and are considered to be the low-budget division of a larger group called the Gaza Cybergang. The Molerats threat actor used in recent operations two new backdoors - called SharpStage and DropBook. READ MORE...
BlackBerry researchers on Friday revealed new details about a ransomware strain that emerged this summer that hackers are peddling as a ransomware service for hire. It is unclear who exactly is behind the ransomware, called MountLocker. Within the last month, though, the scammers behind the ransomware have updated it several times in an effort to bypass detection, according to the researchers. MountLocker, which security professionals initially uncovered in July. READ MORE...
Researchers are detailing widespread security issues in point-of-sale (PoS) terminals - specifically, three terminal device families manufactured by vendors Verifone and Ingenico. The issues, which have been disclosed to the vendors and since patched, open several popular PoS terminals used by retailers worldwide to a variety of cyberattacks. Affected devices include Verifone VX520, Verifone MX series, and the Ingenico Telium 2 series. These devices are widely used by retailers. READ MORE...