Economic analysis and litigation support firm Greylock McKinnon Associates, Inc. (GMA) is notifying over 340,000 individuals that their personal and medical information was compromised in a year-old data breach. The incident was detected on May 30, 2023, but it took the firm roughly eight months to investigate and determine what type of information was compromised and to identify the impacted individuals. READ MORE...
Omni Hotels & Resorts properties were affected by a cyberattack, which the hotel company has been responding to since March 29, Omni shared Wednesday. Upon learning about the issue, Omni shut down its systems to protect its data, resulting in a nationwide outage that began this past weekend. Most of these systems have since been restored, the company said. READ MORE...
First, they came for hospitals, then it was charities and cancer centers. Now, cyber scumbags are coming for the puppies and kittens. CVS Group, the company behind one of the UK's largest chains of vet practices, announced a "cyber incident" on Monday, hinting at the possibility of data theft and clinical care at some of its practices being affected. READ MORE...
A hacking forum leak has led Home Depot to confirm that its employee data was compromised via a third-party software vendor. Home Depot did not identify the breached software-as-a-service (SaaS) vendor but said an error exposed the names, corporate IDs, and email addresses of a "small sample" of its employees, according to reports. Now up for sale on the Dark Web, this is the type of data that could be used to fuel targeted phishing cyberattacks. READ MORE...
A newcomer cybercrime group linked to Vietnam has targeted individuals and organizations in Asia, attempting to steal social media account information and user data. CoralRaider, which first appeared in late 2023, relies heavily on social engineering and legitimate services for data exfiltration, and it develops custom tools for loading malware onto victim systems. Yet the group has also made some rookie mistakes, such as inadvertently infecting their own systems, which exposed their activities. READ MORE...
Industrial giants Siemens and Schneider Electric have published their Patch Tuesday advisories for April 2024, informing customers about the vulnerabilities found in their ICS products over the past month. Siemens published eight new advisories covering a total of roughly 80 vulnerabilities. One advisory covers nearly 50 flaws found in the company's Telecontrol Server Basic product, particularly in third-party components. READ MORE...
New (down)loader malware called Latrodectus is being leveraged by initial access brokers and it looks like it might have been written by the same developers who created the IcedID loader. "[Latrodectus] was first observed being distributed by TA577, an IAB known as a prolific Qbot distributor prior to the malware's disruption in 2023. TA577 used Latrodectus in at least three campaigns in November 2023 before reverting to Pikabot," Proofpoint and Team Cymru researchers noted. READ MORE...
Attackers are scanning and actively exploiting a command injection and hardcoded credential backdoor vulnerability in D-Link network area storage devices, researchers at Shadowserver said Monday in a post on X, the site formerly known as Twitter. There is no patch available for CVE-2024-3273, nor is one coming. D-Link advised owners of the four affected products to retire and replace the devices as they have reached end of life and are no longer supported. READ MORE...