A decade-long data breach in Toyota's much-touted online service put some information on more than 2 million vehicles at risk, the Japanese automaker said Friday. Spanning from January 2012 to April 2023, the problem with Toyota's cloud-based Connected service pertains only to vehicles in Japan, said spokesperson Hideaki Homma. The Connected service reminds owners to get maintenance checks and links to streaming entertainment and provides help during emergencies. READ MORE...
The Philadelphia Inquirer experienced the most significant disruption to its operations in 27 years due to what the newspaper calls a cyberattack. The company was working to restore print operations after a cyber incursion that prevented the printing of the newspaper's Sunday print edition, the Inquirer reported on its website. The news operation's website was still operational Sunday, although updates were slower than normal, the Inquirer reported. READ MORE...
A vulnerability discovered in the official website of luxury sports car maker Ferrari could have exposed potentially sensitive information, according to a cybersecurity firm. The issue was discovered in March by researchers at Char49, a company that provides penetration testing, auditing and training services. Ferrari addressed the weakness within a week. The researchers noticed that the 'media[.]ferrari[.]com' domain is powered by WordPress and it was running a very old version of W3 Total Cache. READ MORE...
National pharmacy network PharMerica last week started sending out notification letters to more than 5.8 million individuals to disclose a data breach that occurred in March. Owned by BrightSpring Health, a provider of home and community-based health services, PharMerica operates over 2,500 facilities across the US and offers more than 3,100 pharmacy and healthcare programs. READ MORE...
A ransomware group has emerged in recent weeks and has already listed four victims including three in the U.S. on its leak site, researchers with the cybersecurity firm Cisco Talos said Monday. The group that calls itself "RA GROUP" is just the latest entity to use the Babuk ransomware source code, which a developer leaked in September 2021 on a Russian-language forum. Just two months later Talos identified a group called "Tortillia" using the code to target Microsoft Exchange servers. READ MORE...
WordPress plug-ins allow organizations to quickly extend the functionality of their websites without requiring any coding or advanced technical skills. But they have also been the biggest source of risk for website operators in recent years. The newest example is a critical privilege escalation vulnerability in a plug-in that over 1 million WordPress websites use, called Essential Addons for Elementor Plugin. The vulnerability affects versions 5.4.0 through 5.7.1 of the plug-in. READ MORE...
A campaign dating back to October 2021 has turned its attention toward Southeast Asian gambling operations with a sneaky new tactic - targeting customer support agents with chatbots. Researchers at ESET dubbed the campaign "ChattyGoblin" and traced it back to threat groups backed by China. ESET added that the threat actors rely primarily on Comm100 - which was first observed and documented by CrowdStrike - and LiveHelp apps. READ MORE...
This wasn't your typical cyberextortion situation. More precisely, it followed what you might think of as a well-worn path, so in that sense it came across as "typical" (if you will pardon the use of the word typical in the context of a serious cybercrime), but it didn't happen in the way you would probably have assumed at first. Starting in December 2020, the crime unfolded as follows: Attacker broke in via an unknown security hole. Attacker acquired sysadmin powers on the network. READ MORE...
Last week we reported that Google and Apple were looking for input on a draft specification to alert users in the event of suspected unwanted tracking. Apple and Google said other tracker makers like Samsung, Tile, Chipolo, eufy Security, and Pebblebee have expressed interest in their draft. Now, Google has used its annual I/O conference keynote to announce updates to its Find My Device network aimed at stopping unwanted tracking by devices with built-in location-tracking capabilities. READ MORE...
Threat actors are actively exploiting unpatched versions of print management software PaperCut, the FBI and Cybersecurity and Infrastructure Security Agency warned Thursday in a joint advisory. The vulnerability, CVE-2023-27350, allows a threat actor to bypass authentication and initiate remote-code execution on a PaperCut application server. PaperCut released a patch for the vulnerability in March and researchers at Huntress began observing active exploitation in mid-April. READ MORE...
Discord is notifying users of a data breach that occurred after the account of a third-party support agent was compromised. The security breach exposed the agent's support ticket queue, which contained user email addresses, messages exchanged with Discord support, and any attachments sent as part of the tickets. Discord says it immediately addressed the breached support account by disabling it once the incident was discovered. READ MORE...