Japan's space agency has suffered a series of cyberattacks since last year, but sensitive information related to rockets and satellites was not affected and it is continuing to investigate and take preventive measures, officials said Friday. Chief Cabinet Secretary Yoshimasa Hayashi acknowledged that the Japan Aerospace Exploration Agency, or JAXA, has had "a number of" cyberattacks since late last year. READ MORE...
US businesses and consumers using Kaspersky's antivirus software products and services have until Sept. 29 to stop using them, following a Biden Administration ban earlier this week on sales of the company's technologies in the country over national security concerns. Companies and individuals that continue to use Kaspersky products past that date will be doing so at their own risk, because Kaspersky will no longer be able to offer any support or updates for its products after the deadline. READ MORE...
The cybercriminal acting under the name "Sp1d3r" gave away the first 1 million records that are part of the data set that they claimed to have stolen from Ticketmaster/Live Nation. The files were released without a price, for free. When Malwarebytes Labs first learned about this data breach, it happened to be the first major event that was shared on the resurrected BreachForums, and someone acting under the handle "ShinyHunters" offered the full details of 560 million customers for sale. READ MORE...
The Los Angeles Unified School District has confirmed a data breach after threat actors stole student and employee data by breaching the company's Snowflake account. SnowFlake is a cloud database platform used by some of the largest companies worldwide to store their data. Earlier this month, a threat actor began to sell data from numerous companies, including TicketMaster, Satandar Bank, Advance Auto Parts, and Pure Storage, with the hacker stating it was stolen from SnowFlake. READ MORE...
A threat actor is boasting on a hacking forum the theft of information pertaining to millions of Ticketek users, roughly three weeks after the company acknowledged a data breach. On May 31, Ticketek Entertainment Group (TEG), an Australia-based live events and ticketing firm, announced that user account information had been compromised after hackers accessed a database stored on a cloud-based platform. READ MORE...
There are early indications of active attacks targeting end-of-life Zyxel NAS boxes just a few weeks after details of three critical vulnerabilities were made public. The Shadowserver Foundation said its scanners started beeping on Friday. It observed multiple remote command execution attempts "by a Mirai-like botnet" and advised owners of affected Zyxel NAS devices to actively search for signs of compromise, especially if the patches weren't applied immediately. READ MORE...
The recent settlement between the US Securities and Exchange Commission (SEC) and Intercontinental Exchange Inc. (ICE), the owner of the New York Stock Exchange (NYSE), highlights significant issues within the realm of cybersecurity and corporate accountability. Below, we'll dissect the incident, scrutinize the involved parties' actions and responsibilities, and suggest practical measures to prevent future occurrences. READ MORE...
At least 147,000 ASUS routers are potentially exposed to a critical vulnerability, which can allow a remote attacker to bypass authentication and gain login access, researchers at Censys said Thursday. ASUS issued a security advisory on June 14 recommending customers upgrade their firmware or apply mitigation steps if the upgrade was not possible. The improper authentication vulnerability, listed as CVE-2024-3080, has a CVSS score of 9.8. READ MORE...