Popular social news website and forum Reddit has been breached (again) and the attacker "gained access to some internal docs, code, as well as some internal dashboards and business systems," but apparently not to primary production systems and user data. The investigation is still ongoing and some details are yet to be confirmed, but the breach started as most corporate breaches do these days: with a successful phishing attack. READ MORE...
A new cybersecurity advisory from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) describes recently observed tactics, techniques, and procedures (TTPs) observed with North Korean ransomware operations against public health and other critical infrastructure sectors. The document is a joint report from the NSA, FBI, CISA, U.S. HHS, and Korean agencies, and notes that the funds extorted this way went to support North Korean government's priorities and objectives. READ MORE...
For almost five years, Booking[.]com customers have been on the receiving end of a continuous series of scams that clearly demonstrate that criminals have obtained travel plans and other personal information customers provided to the travel site. One of the more recent shakedowns happened to an Ars reader who asked not to be identified by his real name. READ MORE...
The Weee! Asian and Hispanic food delivery service suffered a data breach exposing the personal information of 1.1 million customers. Weee! claims to be the largest Asian and Hispanic grocery store in North America, delivering food across 48 states in the USA via warehouses spread throughout the country. On Monday, a threat actor named 'IntelBroker' began leaking the data for Weee! on the Breached hacking and data breach forum. READ MORE...
Indigo Books & Music, the largest bookstore chain in Canada, has been struck by a cyberattack yesterday, causing the company to make the website unavailable to customers and to only accept cash payments. The exact nature of the incident remains unclear but Indigo is not ruling out that hackers may have stolen customer data. On Wednesday, Indigo announced that "technical issues" were preventing access to the website and customers at physical stores could pay only by cash. READ MORE...
Dennis Su isn't the person who hacked Australian telecoms giant Optus last September, in one of the biggest data breaches in the country's history. But he did attempt to exploit the hack which exposed the personal details of as many as 10 million customer Optus accounts to his own benefit. Su sent SMS text messages to 92 Optus customers telling them that their personal details would be sold to fraudsters within days unless AU $2,000 (approximately US $1,400) was transferred into a bank account. READ MORE...
Researchers have unearthed four game modes that could successfully exploit a critical vulnerability that remained unpatched in the popular Dota 2 video game for 15 months after a fix had become available. The vulnerability, tracked as CVE-2021-38003, resided in the open source JavaScript engine from Google known as V8, which is incorporated into Dota 2. READ MORE...
Phishing is having a moment, with a massive spike in campaign volumes in the latter half of 2022. In fact, total phishing emails increased by 61% in the second half, according to an analysis this week. That could also be set to accelerate, as the rise of ChatGPT and other new tools are making their mark on the sector too. That's according the "Q4 2022 Phishing and Malware Report" from email security firm Vade, published Feb. 9. READ MORE...
Hackers have devised a way to bypass ChatGPT's restrictions and are using it to sell services that allow people to create malware and phishing emails, researchers said on Wednesday. ChatGPT is a chatbot that uses artificial intelligence to answer questions and perform tasks in a way that mimics human output. People can use it to create documents, write basic computer code, and do other things. READ MORE...
For the past seven months, the Tor anonymity network has been hit with numerous distributed denial-of-service (DDoS) attacks, its maintainers announced this week. Some of the attacks have been severe enough to prevent users from loading pages or accessing onion services, the Tor Project says. Publicly released in 2003, Tor directs traffic through a global network of more than 7,000 relays, to help users maintain anonymity and protect their privacy while navigating the web. READ MORE...
Authorities in the United States and United Kingdom today levied financial sanctions against seven men accused of operating "Trickbot," a cybercrime-as-a-service platform based in Russia that has enabled countless ransomware attacks and bank account takeovers since its debut in 2016. The U.S. Department of the Treasury says the Trickbot group is associated with Russian intelligence services, and that this alliance led to the targeting of many U.S. companies and government entities. READ MORE...
Researchers have discovered a vulnerability that can be exploited by remote hackers to tamper with the timestamp of videos recorded by Dahua security cameras. The flaw, tracked as CVE-2022-30564, was discovered last year by India-based CCTV and IoT cybersecurity company Redinent Innovations. Advisories describing the vulnerability were published on Wednesday by both Dahua and Redinent. READ MORE...