A law firm representing Uber Technologies has notified an unknown number of its drivers that sensitive data, including their names and Social Security numbers, has been stolen by cyberattackers. It's the third data breach in six months for the ride-share giant. Law firm Genova Burns LLC, based in Newark, NJ, first noticed suspicious activity at the end of January, and - after an investigation by outside specialists - discovered that its systems had been compromised. READ MORE...
A notorious source of stolen credentials, genesis.market, has had its website seized by the FBI. Security vendor Sophos has identified genesis.market as "an invitation-only marketplace" from which buyers can acquire "stolen credentials, cookies, and digital fingerprints that are gathered from compromised systems." Sophos described the stolen data souk as an initial access broker (IAB) - a business that compromises systems and services, steals data, and sells it. READ MORE...
An IRS-approved software service for filing taxes electronically, eFile.com, was found to be delivering JavaScript malware just at the height of tax-return season. eFile.com, which was used as a conduit for filing more than 66 million tax returns in 2022, was flagged by users and researchers alike. The malicious file existed on the website for weeks - named "popper.js," it was being loaded by nearly every page on the website. READ MORE...
Following a cyberattack on a U.S.-based company, malware researchers discovered what appears to be a new ransomware strain with "technically unique features," which they named Rorschach. Among the capabilities observed is the encryption speed, which, according to tests from the researchers, would make Rorschach the fastest ransomware threat today. The analysts found that the hackers deployed the malware on the victim network after leveraging a weakness in a threat detection and incident response tool. READ MORE...
An ALPHV/BlackCat ransomware affiliate was observed exploiting three vulnerabilities impacting the Veritas Backup product for initial access to the target network. The ALPHV ransomware operation emerged in December 2021 and is considered to be run by former members of the Darkside and Blackmatter programs that shut down abruptly to escape law enforcement pressure. Mandiant tracks the ALPHV affiliate as 'UNC4466' and notes that the method is a deviation from the typical intrusion. READ MORE...
A Forcepoint staffer has blogged about how he used ChatGPT to craft some code that exfiltrates data from an infected machine. At first, it sounds bad, but in reality, it's nothing an intermediate or keen beginner programmer couldn't whack together themselves anyway. His experiment does, to some extent, highlight how the code-suggesting unreliable chatbot, built by OpenAI and pushed by Microsoft, could be used to cut some corners in malware development or automate the process. READ MORE...
A market-leading garage door controller is so riddled with severe security and privacy vulnerabilities that the researcher who discovered them, Sam Sabetan, is advising anyone using one to immediately disconnect it until they are fixed. Each $80 device, used to open and close garage doors and control home security alarms and smart power plugs, employs the same easy-to-find universal password to communicate with Nexx servers. READ MORE...
Mathematics is a complex and esoteric field that underpins science and engineering, notably including the disciplines of cryptography and cybersecurity. Penrose tilings, if you've ever met them, were figured out by Sir Roger Penrose in the 1970s, and dealt with fascinating and unusual ways of covering surfaces in combinations of shapes. The question has lingered ever since: Can you find a single shape, a single tile, that can be laid down repeatedly to cover an infinite surface without ever repeating? READ MORE...