Western Digital confirms breach, affects My Cloud and SanDisk users
Western Digital, a big brand in digital storage, says it has suffered a "network security incident-potentially ransomware-which resulted in a breach and some system disruptions in its business operations. The company identified the incident on March 26 and said an unnamed third party unlawfully accessed several computer systems to steal data. The investigation is ongoing and Western Digital has yet to learn how much was taken. READ MORE...
FBI obtained detailed database exposing 60,000 users of the cybercrime bazaar Genesis Market
The FBI obtained copies of back-end servers related to Genesis Market, providing law enforcement with detailed information about the cybercriminals who used the marketplace to trade in stolen credentials and access to compromised computers, senior FBI and Department of Justice officials said Wednesday. The systems obtained by the FBI "included information about approximately 59,000 individual user accounts," an official told reporters. READ MORE...
Resecurity uncovers STYX, new cybercriminal platform focused on financial fraud
Resecurity has recently identified the STYX Innovation Marketplace, a new cybercriminal e-commerce platform with a specialized focus on financial fraud and money laundering. STYX launched at the beginning of 2023. This platform is specifically designed to facilitate financial crime, providing cybercriminals with a range of services, including stolen financial data, credit card information, forged documents, money laundering services, victim reconnaissance 'lookups', and more. READ MORE...
3CX makes progress restoring Windows app from state-linked supply chain attack
3CX restored its Windows Electron app, making progress in its ongoing recovery from a recent supply chain attack, CEO Nick Galea said in a forum post on Tuesday. The company, which provides an app for business calling, messaging and video conferencing, has only seen "a handful of cases" where malware used in the attack has actually been triggered, according to Galea. 3CX has thus far not seen any additional outbound malicious activity since removing infected files from the systems, Galea said. READ MORE...
Android's April 2023 Updates Patch Critical Remote Code Execution Vulnerabilities
Google this week announced the April 2023 security updates for Android devices, with patches for over 65 vulnerabilities, including two critical bugs leading to remote code execution (RCE). Google's Android security bulletin for April 2023 describes 26 vulnerabilities resolved in the Framework and System components as part of the 2023-04-01 security patch level. Most of these are high-severity flaws leading to elevation of privilege (EoP) or information disclosure. READ MORE...
Fake ransomware demands payment without actually encrypting files
Fake it till you make it ransomware groups are trying to get rich off the backs of genuine ransomware authors. Why are they "fake it till you make it"? Because they don't actually create ransomware or compromise networks in any way. They're simply lying through their teeth and hoping that recipients of their messages don't realise until it's too late. As reported by Bleeping Computer, a group named Midnight has been using this tactic since at least March 16. READ MORE...
Spain's most dangerous and elusive hacker now in police custody
The police in Spain have arrested José Luis Huertas (aka "Alcaseca", "Mango", "chimichuri"), a 19-year-old regarded as the most dangerous hackers in the country. Huertas is considered to be responsible for multiple high-profile cyberattacks and for creating a search engine called Udyat (the eye of Horus) dedicated to selling stolen sensitive information in large numbers. READ MORE...
CAN do attitude: How thieves steal cars using network bus
Automotive security experts say they have uncovered a method of car theft relying on direct access to the vehicle's system bus via a smart headlamp's wiring. It all started when a Toyota RAV4 belonging to one of the tech gurus suffered suspicious damage to the front wing and headlight housing, and was eventually successfully stolen. Some sleuthing and reverse engineering revealed how the motor was finally nicked. READ MORE...
QNAP Zero-Days Leave 80K Devices Vulnerable to Cyberattack
A pair of zero-day vulnerabilities in several Quality Network Appliance Provider (QNAP) operating systems (OS) for network-attached storage (NAS) appliances are impacting an estimated 80,000 devices worldwide. They remain unpatched for two of the four affected OSes. QNAP provides gear and software for Internet of Things (IoT) storage, networking, and smart video. The OS bugs could cause unstable code and could provide a path for an authenticated cybercriminal to execute arbitrary code. READ MORE...
- ...in 1830, the Church of Christ, the original church of the Latter Day Saint movement (popularly known as Mormonism), is organized in the state of New York.
- ...in 1841, John Tyler is inaugurated as the 10th president, two days after the sudden death of President William Henry Harrison.
- ...in 1896, the first modern Olympic Games opens in Athens, Greece, over 1500 years after the original games were banned by Roman Emperor Theodosius I.
- ...in 1974, the Swedish pop group ABBA wins the Eurovision Song Contest with the song "Waterloo", launching them to international fame.
