A production partner of Netflix has suffered a serious security breach which has resulted in yet-to-be-released episodes of popular shows to be leaked online. As Variety reports, the security breach occurred at media localisation company Iyuno which confirmed on August 9 that it had suffered a "security issue, involving unauthorized access to confidential content." Low-resolution footage with timestamps and visible watermarks have been posted on Twitter, 4Chan, and torrent sites. READ MORE...
Microchip Technology's manufacturing facilities, IT systems and order fulfillment were disrupted by a cyberattack, the Arizona-based chipmaker said Tuesday in a securities filing. "As a result of the incident, certain of the company's manufacturing facilities are operating at less than normal levels and the company's ability to fulfill orders is currently impacted," Microchip President and CEO Ganesh Moorthy said in the filing with the Securities and Exchange Commission. READ MORE...
A member of the Russian Karakurt ransomware group has been charged in the U.S. for money laundering, wire fraud, and extortion crimes. An investigation from the FBI uncovered that 33-year old Deniss Zolotarjovs was a member of the Karakurt extortion operation that compromised company systems, stole data, and then demanded a ransom from the victims under the threat of leaking the data publicly or selling it to other cybercriminals. READ MORE...
A never-before-seen backdoor, dubbed Msupedge, is targeting victims in Taiwan, using a unique communications technique. After Symantec researchers caught the malware being deployed in an attack on a Taiwan university, they determined it communicates with its command-and-control (C2) server via DNS traffic - which is a known, but infrequently seen technique, according to a Symantec blog post this week. READ MORE...
Cisco on Wednesday announced patches for multiple vulnerabilities across its products, including a high-severity bug in its enterprise collaboration solutions. Tracked as CVE-2024-20375, the high-severity issue (CVSS score of 8.6) impacts the SIP call processing function of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) and can be exploited remotely, without authentication. READ MORE...
Atlassian has published its August 2024 security bulletin, which details nine high-severity vulnerabilities impacting Bamboo, Confluence, Crowd, and Jira products. Bamboo Data Center and Server received patches for two high-severity flaws, including an authenticated remote code execution bug tracked as CVE-2024-21689. The second issue, a denial-of-service (DoS) security defect, impacts the Bouncy Castle Java dependency used by the product. READ MORE...
Chinese language hackers are taking advantage of the Windows Installer (MSI) file format to bypass standard security checks. Hackers are known to deliver malware in the same sorts of familiar formats: executables, archive and Microsoft Office files, and so on. A new malware loader targeting Chinese and Korean speakers, which researchers from Cyberint have labeled "UULoader," comes in the somewhat less common MSI form. READ MORE...
Google has released an update for its Chrome browser which includes a patch for a vulnerability that Google says is already being exploited, known as a zero-day vulnerability. Google has fixed that zero-day with the release of versions 128.0.6613.84/.85 for Windows/macOS and 128.0.6613.84 for Linux that will be rolled out to all users over the coming weeks. Besides the zero-day, this update contains 37 other security fixes, as well as Google Lens for desktop. READ MORE...
Phishers are using a novel technique to trick iOS and Android users into installing malicious apps that bypass safety guardrails built by both Apple and Google to prevent unauthorized apps. Both mobile operating systems employ mechanisms designed to help users steer clear of apps that steal their personal information, passwords, or other sensitive data. iOS bars the installation of all apps other than those available in its App Store, an approach widely known as the Walled Garden. READ MORE...