A known ransomware group has taken credit for the recent cyberattack targeting Nissan and claims to have stolen 100 Gb of information from the Japanese car manufacturer. The carmaker revealed in early December that internal systems belonging to Nissan Motor Corporation and Nissan Financial Services in Australia and New Zealand had been targeted by hackers. It confirmed on December 22 that an "unauthorized third party illegally accessed some of the company's network systems in Australia and New Zealand." READ MORE...
National Amusements, the corporation that owns CBS and Paramount, has started informing over 80,000 individuals that their personal information was compromised in a December 2022 data breach. The incident was identified on December 15, 2022, the company says in a notification letter sent to the impacted individuals, a copy of which was submitted to the Maine Attorney General's Office. READ MORE...
Network and email security firm Barracuda says it remotely patched all active Email Security Gateway (ESG) appliances on December 21 against a zero-day bug exploited by UNC4841 Chinese hackers. The company deployed a second wave of security updates a day later on already compromised ESG appliances where the attackers deployed SeaSpy and Saltwater malware. The zero-day is due to a weakness in the Spreadsheet::ParseExcel third-party library used by the Amavis virus scanner running on Barracuda ESG appliances. READ MORE...
An often heard remark is that when your security solution notices a ransomware attack, it's already too late. There's a lot of truth in that, if you consider the encryption process to be the ransomware attack. However, these days encryption is just a part of many ransomware attacks. Some of the cybercriminals we conveniently call ransomware groups have even completely stopped using the encryption process because it's too "noisy." READ MORE...
Cybersecurity is awash in threat detection and mitigation solutions: SIEM, DLP, SOAR, MDR, EDR, XDR, and more. Threat detection is essential, as it serves to locate and minimize the threat as quickly and effectively as possible. However, some companies are starting to embrace an earlier line of defense that Gartner calls human-centric security. The tech research firm lists it as the number one cyber security trend of 2023 and has forecasted that 50% of CISOs will adopt this new approach by 2027. READ MORE...
The Operation Triangulation spyware attacks targeting iPhone devices since 2019 leveraged undocumented features in Apple chips to bypass hardware-based security protections. This finding comes from Kaspersky analysts who have been reverse-engineering the complex attack chain over the past year, trying to unearth all details that underpin the campaign they originally discovered in June 2023. READ MORE...