A lawsuit has accused a Florida data broker of carelessly failing to secure billions of records of people's private information, which was subsequently stolen from the biz and sold on an online criminal marketplace. California resident Christopher Hofmann filed the potential class-action complaint against Jerico Pictures, doing business as National Public Data, a Coral Springs-based firm that provides APIs so that companies can perform things like background checks. READ MORE...
A ransomware group called Dark Angels made headlines this past week when it was revealed the crime group recently received a record $75 million data ransom payment from a Fortune 50 company. Security experts say the Dark Angels have been around since 2021, but the group doesn't get much press because they work alone and maintain a low profile, picking one target at a time and favoring mass data theft over disrupting the victim's operations. READ MORE...
South Korea's National Cyber Security Center (NCSC) warns that state-backed DPRK hackers hijacked flaws in a VPN's software update to deploy malware and breach networks. The advisory connects this activity with a nationwide industrial factories modernization project Kim Jong-un, the North Korean president, announced in January 2023, believing the hackers are looking to steal trade secrets from South Korea. READ MORE...
Criminals are preying on Windows users yet again, this time in an effort to hit them with a keylogger that can also steal credentials and take screenshots. In an alert this month, Fortinet's FortiGuard Labs warned of an uptick in SnakeKeylogger infections. Once running on someone's PC, this malware records the victim's keystrokes as they log into things, fishes usernames and passwords out of their files, and takes screenshots to snoop on people. READ MORE...
The Hunters International ransomware group is targeting IT workers with a new C# remote access trojan (RAT) called SharpRhino to breach corporate networks. The malware helps Hunters International achieve initial infection, elevate their privileges on compromised systems, execute PowerShell commands, and eventually deploy the ransomware payload. Quorum Cyber researchers who discovered the new malware report that it is disseminated by a typosquatting site. READ MORE...
CrowdStrike struck back forcefully against Delta Air Lines' claims of negligence and misconduct in a letter sent Sunday to the firm representing Delta, signed by attorney Michael Carlinsky. It's the latest in what has become a public dispute following recovery from the global CrowdStrike outage, which was caused by a faulty software update pushed to Windows servers on July 19. READ MORE...
According to The Wall Street Journal, there's internal conflict at OpenAI over whether to release a watermarking tool that would allow people to test text to see whether it was generated by ChatGPT. To deploy the tool, OpenAI would make tweaks to ChatGPT that would lead it to leave a trail in the text it generates that can be detected by a special tool. The watermark would be undetectable by human readers without the tool. READ MORE...
A security bypass vulnerability in Rockwell Automation ControlLogix 1756 devices could open critical infrastructure to cyberattacks on the operational technology (OT) that controls physical processes. According to Claroty's Team82, the bug (CVE-2024-6242, CVSS 8.4), could allow a remote attacker with network access to the device to send elevated commands to the CPU of a programmable logic controller (PLC), from an untrusted chassis card. READ MORE...
Tens of thousands of small office/home office (SOHO) devices sold by Ubiquiti Inc. are vulnerable on the open Internet to a five-year-old bug, researchers are warning. In January 2019, broadband Internet expert Jim Troutman warned that an exposed port in dozens of Ubiquiti Internet of Things (IoT) gadgets was being exploited in denial-of-service (DoS) attacks. The underlying vulnerability, CVE-2017-0938, was assigned a "high" 7.5 score on the CVSS scale. READ MORE...