Hackers have breached computer game maker Electronic Arts (EA) and stolen source code and related tools for the company's extensive game library, the company has confirmed. EA said it's investigating "a recent incident of intrusion into our network where a limited amount of game source code and related tools were stolen," according to a statement published in numerous online reports. The longtime game developer is known for titles such as The Sims, Madden NFL and FIFA 21. READ MORE...
CD Projekt is warning today that internal data stolen during their February ransomware attack is circulating on the Internet. In February, CD Projekt suffered a ransomware attack that allowed threat actors to steal source code and business data before encrypting devices. In a new statement published today, CD Projekt said they have learned that this stolen data is now being circulated and may include employee and contractor details. READ MORE...
A distributed denial-of-service (DDoS) extortion group has blazed back on the cybercrime scene, this time under the name of "Fancy Lazarus." It's been launching a series of new attacks that may or may not have any teeth, researchers said. The new name is a tongue-in-cheek combination of the Russia-linked Fancy Bear advanced persistent threat (APT) and North Korea's Lazarus Group. The choice seems natural, given that the gang was last seen purporting to be various APTs. READ MORE...
Foodservice supplier Edward Don has suffered a ransomware attack that has caused the company to shut down portions of the network to prevent the attack's spread. Edward Don and Company is one of the largest distributors of foodservice equipment and supplies, such as kitchen supplies, bar supplies, flatware, and dinnerware. Today, BleepingComputer has learned that Edward Don suffered a ransomware attack earlier this week that has disrupted their business operations. READ MORE...
Unprivileged attackers can get a root shell by exploiting an authentication bypass vulnerability in the polkit auth system service installed by default on many modern Linux distributions. The polkit local privilege escalation bug (tracked as CVE-2021-3560) was publicly disclosed, and a fix was released on June 3, 2021. It was introduced seven years ago in version 0.113 and was only recently discovered by GitHub Security Lab security researcher Kevin Backhouse. READ MORE...
Samsung is working on patching multiple vulnerabilities affecting its mobile devices that could be used for spying or to take full control of the system. The bugs are part of a larger set discovered and reported responsibly by one security researcher through the company's bug bounty program. Since the beginning of the year, Sergey Toshin - the founder of Oversecured company specialized in mobile app security, found more than a dozen vulnerabilities affecting Samsung devices. READ MORE...