CafePress faces $500,000 fine for data breach cover up
The US Federal Trade Commission (FTC) has announced that it took action against online customized merchandise platform CafePress over allegations that it failed to secure consumers' sensitive personal data and covered up a major breach. CafePress is a popular online custom T-shirt and merchandise retailer. CafePress waited seven months to publicly disclose a 2019 breach, and only did so after it had been reported in the news. READ MORE...
Russia State-Sponsored Hackers Used Misconfigured MFA to Breach NGO
Russian nation-state hackers last spring capitalized on a misconfigured Cisco Duo multifactor authentication (MFA) account at a nongovernment organization and created their own device, with MFA, to infiltrate the victim's network, the FBI and Cybersecurity and Infrastructure Security Agency (CISA) warned this week in a joint advisory. The attackers initially brute-forced their way to a set of user credentials that had been removed from the organization's MFA. READ MORE...
FBI catches up with one of its Most Wanted, arrests head of advance-fee crime network
Some don't mind putting extra effort into making their crime appear as legitimate as possible by perpetuating more lies as long as they are guaranteed money in the end. Osondu Victor Igwilo is one such Nigerian scammer. 52-year-old Igwilo has been on the Federal Bureau of Investigation's watch list since 2018. According to court documents, Igwilo was charged in 2016 in the US District Court, Southern District of Texas, Houston, Texas on three separate counts of conspiracy and identity theft. READ MORE...
Hundreds of GoDaddy-hosted sites backdoored in a single day
Internet security analysts have spotted a spike in backdoor infections on WordPress websites hosted on GoDaddy's Managed WordPress service, all featuring an identical backdoor payload. The case affects internet service resellers such as MediaTemple, tsoHost, 123Reg, Domain Factory, Heart Internet, and Host Europe Managed WordPress. The discovery comes from Wordfence, whose team first observed the malicious activity on March 11, 2022. READ MORE...
Emotet's tax-season phishing is back with new tricks
IRS-themed phishing campaigns are reliable signs of spring, so the question each year becomes, "What's new?" Researchers at Cofense are answering the question with evidence that the operators behind the Emotet malware "have upped their game" for this tax season. The cybersecurity company points to sham emails that are intended to look more convincing and pull more tricks than similar campaigns in previous years. READ MORE...
Another Destructive Wiper Targets Organizations in Ukraine
Researchers have discovered yet another destructive data-wiping malware targeting organizations in Ukraine, the third to be found in as many weeks attacking systems in the country that's currently defending itself against a Russian physical invasion. A team from cybersecurity firm ESET on Monday uncovered the malware, which they dubbed CaddyWiper, researchers said in a blog post published Tuesday. READ MORE...
CISA adds 15 vulnerabilities to list of flaws exploited in attacks
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added fifteen additional flaws to its list of actively exploited vulnerabilities known to be used in cyberattacks. These public warnings aim to raise awareness to system administrators who have yet to apply the corresponding security updates and urge them to prioritize the action. Since threat actors have been observed targeting these flaws in the attacks, failing to address the security issues means risking a network compromise. READ MORE...
SolarWinds Warns of Attacks Targeting Web Help Desk Users
SolarWinds this week issued an alert to warn customers of potential cyberattacks targeting unpatched Web Help Desk (WHD) instances. The WHD helpdesk solution provides a ticketing system, service and asset management capabilities, a centralized knowledge base, Active Directory integration, and more. The company also says that it has started investigating the report and that it is working with the customer, but that it hasn't managed to reproduce the scenario yet. READ MORE...
- ...in 1905, Albert Einstein finishes his scientific paper detailing his Quantum Theory of Light, one of the foundations of modern physics.
- ...in 1948, science fiction author William Gibson, whose 1984 novel "Neuromancer" helped popularize the concept of cyberspace, is born in Conway, SC.
- ...in 1959, Tenzin Gyatso, the 14th Dalai Lama, flees Tibet for India, where he lives as a refugee to this day.
- ...in 1969, Golda Meir becomes the first female Prime Minister of Israel.
