Campbell Soup Co. said it discovered a cyber intrusion in part of its IT network during the end of its fiscal fourth quarter, according to a disclosure in its annual report filed Thursday with the Securities and Exchange Commission. The Camden, N.J.-based food manufacturer said it took immediate steps to investigate, contain and eliminate the threat, hired third-party cybersecurity experts and notified federal law enforcement. READ MORE...
The co-founder and publisher of Meduza, a news outlet outlawed in Russia for its independent reporting and stance on the war in Ukraine, believes that a country in the European Union was behind the hacking of her iPhone with military-grade spyware. Galina Timchenko, who has been declared "undesirable" by the Kremlin and lives in exile in Europe, is thought to have joined a long line of journalists to have been spied upon by the notorious Pegasus spyware, developed by Israel's controversial NSO Group. READ MORE...
Russian military cyber operations in the first half of 2023 focused on targeting Ukrainian law enforcement agencies to gather information about Ukrainian investigations into war crimes and counter-intelligence efforts against Russian spies and collaborators, Ukraine's top cyber defense organization said in a report released Monday. The report comes against a backdrop of what officials in Kyiv describe as a move toward intelligence operations in Russian hacking activity. READ MORE...
A new APT hacking group named 'AtlasCross' targets organizations with phishing lures impersonating the American Red Cross to deliver backdoor malware. Cybersecurity firm NSFocus identified two previously undocumented trojans, DangerAds and AtlasAgent, associated with attacks by the new APT group. NSFocus reports that the AtlasCross hackers are sophisticated and evasive, preventing the researchers from determining their origin. READ MORE...
The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has found. The leaked data suggest that Snatch is one of several ransomware groups using paid ads on Google to trick people into installing malware disguised as popular free software, such as Microsoft Teams, Adobe Reader, Mozilla Thunderbird, and Discord. READ MORE...
Staff in the hospitality industry are trained to accommodate their guests, and when they have a few years of experience under their belt you can be sure they'll have received some extraordinary requests. Which is something that clever cybercriminals are taking advantage of. Researchers at Perception Point recently documented a sophisticated phishing campaign targeting hotels and travel agencies. READ MORE...
Nearly all modern graphics processing units (GPUs) are vulnerable to a new type of side-channel attack that could be leveraged to obtain sensitive information, according to a team of researchers from various universities in the United States. The new attack method, named GPU.zip, was discovered and detailed by representatives of the University of Texas at Austin, Carnegie Mellon University, University of Washington, and University of Illinois Urbana-Champaign. READ MORE...
An engineer has identified longstanding undetected flaws in a 25-year-old method for encrypting data using RSA public-key cryptography. In a paper titled, "Everlasting ROBOT: the Marvin Attack," Hubert Kario, senior quality engineer on the QE BaseOS Security team at Red Hat, shows that many software implementations of the PKCS#1 v1.5 padding scheme for RSA key exchange that were previously deemed immune to Daniel Bleichenbacher's widely known attack are, in fact, vulnerable. READ MORE...