Sol Oriens, a subcontractor for the U.S. Department of Energy (DOE) that works on nuclear weapons with the National Nuclear Security Administration (NNSA), last month was hit by a cyberattack that experts say came from the relentless REvil ransomware-as-a-service (RaaS) gang. The Albuquerque, N.M. company's website has been unreachable since at least June 3, but Sol Oriens officials confirmed to Fox News and to CNBC that the firm became aware of the breach sometime last month. READ MORE...
Audi and Volkswagen have suffered a data breach affecting 3.3 million customers after a vendor exposed unsecured data on the Internet. Volkswagen Group of America, Inc. (VWGoA) is the North American subsidiary of the German Volkswagen Group. It is responsible for US and Canadian operations for Volkswagen, Audi, Bentley, Bugatti, Lamborghini, and VW Credit, Inc. READ MORE...
Financial software company Intuit has notified TurboTax customers that some of their personal and financial information was accessed by attackers following what looks like a series of account takeover attacks. In a breach notification letter sent to affected customers earlier this month, the company said that this was not a "systemic data breach of Intuit." READ MORE...
Hackers recently breached the IT systems of McDonald's and accessed email addresses, phone numbers and delivery addresses for certain customers in South Korea and Taiwan, the fast food giant said Friday. "In the coming days, a few additional markets will take steps to address files that contained employee personal data," McDonald's said in an emailed statement. READ MORE...
A ransomware gang has apparently disappeared just as its fortunes were rising. Ransomware experts said Avaddon shut down as of Friday. The operators left no explanation for why they might have done so, and they're letting their remaining victims off the hook. Avaddon sent Bleeping Computer 2,934 decryption keys, after which the security firm Emsisoft produced a free, public decryption tool. READ MORE...
In April 1943, Japanese admiral Isoroku Yamamoto was killed when the US Air Force shot down the plane carrying him to Balalae Airfield in the Solomon Islands. The attack was made possible by the USA cracking Japanese codes and decrypting a message that revealed Yamamoto's flight plan would just take him within range of America's scarce long-range aircraft. READ MORE...
GitHub this week disclosed the details of an easy-to-exploit Linux vulnerability that can be leveraged to escalate privileges to root on the targeted system. The flaw, classified as high severity and tracked as CVE-2021-3560, impacts polkit, an authorization service that is present by default in many Linux distributions. The security hole was discovered by Kevin Backhouse of the GitHub Security Lab. READ MORE...
TLS, short for Transport Layer Security, is an important part of online cybersecurity these days. TLS is the data protection protocol that puts the padlock in your browser's address bar, keeps your email encrypted while it's being sent (probably), and prevents cybercrooks from casually substituting the software you download with malware and other nasties. So, whenever a vulnerability is announced in TLS, given how much we rely on it, the announcement typically makes big headlines. READ MORE...