Omni Hotels & Resorts' computer systems have been offline since Friday due to what the American luxury hospitality chain called a "disruption." We now know that a cyberattack forced the Texas-based corporation to take parts of its IT environment down. On April 1, Omni, which owns more than 50 properties across the US and Canada, confirmed it was suffering an outage via social media. READ MORE...
Survey rewards platform SurveyLama says it is aware of a data breach impacting the personal information of more than 4.4 million users. The incident occurred in February but came to light this week, when the leaked information was added to the data breach notification platform Have I Been Pwned (HIBP). According to the alert service, more than 4.4 million user email addresses were compromised in the incident, along with various types of personal information. READ MORE...
Nearly one million individuals' personal details, financial account information, and medical records may well have been stolen from City of Hope systems in the United States. Despite the name, City of Hope is a healthcare organization that operates cancer hospitals and outpatient centers in Duarte, California, as well as the Atlanta, Chicago, and Phoenix areas. The biz, which also carries out cancer research, disclosed it suffered an IT security breach on its website on Tuesday. READ MORE...
Microsoft still doesn't known how Storm-0558 attackers managed to steal the Microsoft Services Account cryptographic key they used to forge authentication tokens needed to access email accounts belonging to US government officials. "The stolen 2016 MSA key in combination with [a] flaw in the token validation system permitted the threat actor to gain full access to essentially any Exchange Online account," CISA's Cyber Safety Review Board (CSRB) noted. READ MORE...
Japanese lens manufacturer Hoya is investigating a cyber incident that has disrupted several manufacturing sites as well as an ordering system this week. Hoya, one of the world's largest lens-makers, manufactures eyeglasses lenses, contact lenses, intraocular lenses, and endoscopic and other medical equipment lenses. In an update posted on its website today, the company disclosed that it spotted the incident affecting central IT operations and several facilities on March 30. READ MORE...
A cybercrook who has been setting up websites that mimic the self-destructing message service privnote.com accidentally exposed the breadth of their operations recently when they threatened to sue a software company. The disclosure revealed a profitable network of phishing sites that behave and look like the real Privnote, except that any messages containing cryptocurrency addresses will be automatically altered to include a different payment address controlled by the scammers. READ MORE...
Progress Software this week released patches for a critical-severity vulnerability in Flowmon that could allow remote, unauthenticated attackers to gain access to systems. A widely used network monitoring and security solution, Flowmon includes analytics, reporting, and monitoring capabilities, allowing administrators to visualize network data and deal with cyber threats. The recently fixed bug is described as an OS command injection issue leading to unauthorized access to the system. READ MORE...