American photography company Shutterfly has experienced a ransomware attack on parts of its networks, the company confirmed in a statement late Sunday night. "We engaged third-party cybersecurity experts, informed law enforcement, and have been working around the clock to address the incident," the company said in a statement shared with CyberScoop. The incident interrupted portions of the company's Lifetouch and BorrowLenses business, Groovebook, manufacturing and some internal corporate systems. READ MORE...
This year, major chains like Target and Walmart closed on Thanksgiving, which resulted in a 90.4 percent dip in visits to brick-and-mortar stores when compared to 2019. This change signals how digital and online purchases of goods (and services) are clearly preferred, especially as the Omicron coronavirus variant becomes a looming concern. To fuel this preferred customer experience, retailers have started using the cloud. READ MORE...
The Apache Software Foundation has released a new version of its flagship web server to patch a pair of security defects, one serious enough to lead to remote code execution attacks. The Apache HTTP Server 2.4.52 is listed as urgent and the U.S. government's security response agency CISA is calling on users of the open-source cross-platform web server software to "update as soon as possible." READ MORE...
Users of QNAP network-attached storage (NAS) devices are reporting attacks on their systems with the eCh0raix ransomware, also known as QNAPCrypt. The threat actor behind this particular malware intensified their activity about a week before Christmas, taking control of the devices with administrator privileges. BleepingComputer forum users managing QNAP and Synology NAS systems have been regularly reporting eCh0raix ransomware attacks but more of them started to disclose incidents around December 20. READ MORE...
Security researchers have uncovered a malicious campaign that relies on a valid code-signing certificate to disguise malicious code as legitimate executables. One of the payloads that the researchers called Blister, acts as a loader for other malware and appears to be a novel threat that enjoys a low detection rate. The threat actor behind Blister has been relying on multiple techniques to keep their attacks under the radar, the use of code-signing certificates being only one of their tricks. READ MORE...
A piece of ransomware that emerged in late November has already made three victims, with the first of them hit less than a week after the malware was initially spotted. Dubbed Rook, the ransomware shows numerous similarities with Babuk, and security researchers have discovered that it was in fact built using Babuk code that was leaked online earlier this year. READ MORE...
You've probably already read a ton of solid technical analysis about the Log4j vulnerability. But that's not this post. Instead, this post is meant to provide some perspective from decades spent in CISO roles, and from many days now of peer conversations with other CISOs and CIOs - the same types of conversations that happen anytime something happens like Log4j or SolarWinds, or take your pick of security incidents with significant blast radius, impact, and longer-term concern. READ MORE...
Schneider Electric has patched several new vulnerabilities that expose its EVlink electric vehicle charging stations to remote hacker attacks. Schneider announced the availability of patches on December 14, when it urged customers to immediately apply patches or mitigations. The flaws have been found to impact EVlink City (EVC1S22P4 and EVC1S7P4), Parking (EVW2, EVF2 and EVP2PE) and Smart Wallbox (EVB1A) devices, as well as some products that have reached end of life. READ MORE...
Attackers are targeting crypto-wallets of Telegram users with the Echelon infostealer, in an effort aimed at defrauding new or unsuspecting users of a cryptocurrency discussion channel on the messaging platform, researchers have found. Researchers at the SafeGuard Cyber's Division Seven threat analysis unit detected a sample of Echelon posted to a Telegram channel focused on cryptocurrency in October, they said in an analysis on Thursday. READ MORE...