A Russian disinformation campaign has been found spreading fake articles posing as legitimate stories from major media outlets, such as The Washington Post and Fox News, in order to undermine the Western support for Ukraine amid the Russian-Ukraine War. This is according to Meta's latest threat report, which asserts that there are two companies behind this disinformation operation - Structura National Technology and Social Design Agency - that formerly targeted other countries, including Germany and France. READ MORE...
University of Michigan announced Wednesday that it has restored internet to its three campuses after a cyberattack over the weekend, but warned to "expect some issues with select U-M systems and services in the short term." Ravi Pendse, the university's chief information officer, wrote in a notice on the university system's website that he expects remediation efforts to be resolved "over the next several days." READ MORE...
Fashion retailer Forever 21 has started informing more than 500,000 individuals that their personal information was compromised in a data breach earlier this year. In a sample notification letter submitted to the Maine Attorney General's Office, the fashion retailer revealed that, on March 20, 2023, it identified a cyberattack that impacted some of its systems. Forever 21's investigation determined that the attackers had access to the company's systems since at least January 5, 2023. READ MORE...
American entertainment giant Paramount Global disclosed a data breach after its systems got hacked and attackers gained access to personally identifiable information (PII). Paramount said in breach notification letters signed by Nickelodeon Animation Studio EVP Brian Keane sent to affected individuals that the attackers had access to its systems between May and June 2023. After discovering the incident, the company took steps to secure impacted systems and started an investigation into the breach. READ MORE...
Nearly a third of organizations compromised by Chinese cyberspies via a critical bug in some Barracuda Email Security Gateways were government units, according to Mandiant. And, the Google-owned team warned, it's not over yet: "Mandiant assesses that, at the time of writing, a limited number of previously impacted victims remain at risk due to this campaign." Beijing's spies not only broke into a relatively small number of organizations, but they may still have access into those networks. READ MORE...
Hackers are targeting Cisco Adaptive Security Appliance (ASA) SSL VPNs in credential stuffing and brute-force attacks that take advantage of lapses in security defenses, such as not enforcing multi-factor authentication (MFA). Last week, BleepingComputer reported that the Akira ransomware gang was breaching Cisco VPNs for initial network access. Rapid7 security researchers have provided additional insights regarding these incidents in a report published on Tuesday. READ MORE...
A China-based advanced persistent threat group that used an Android malware tool called BadBazaar to spy on Uyghurs is distributing the same spyware to users in several countries via Trojanized versions of the Signal and Telegram messaging apps. The apps tout features and modifications not available with the official versions. But in reality, while they offer legitimate functionality, they can also exfiltrate device and user information and enable the threat actor to spy on communications. READ MORE...
Threat actors have started exploiting four recently patched vulnerabilities in the J-Web component of Juniper Networks' Junos OS after proof-of-concept (PoC) exploit code was published online. The issues, tracked as CVE-2023-36844 through CVE-2023-36847, are medium-severity bugs that can be exploited to control environment variables remotely and to upload arbitrary files, without authentication. READ MORE...