American car rental giant Avis notified customers that unknown attackers breached one of its business applications last month and stole some of their personal information. According to data breach notification letters sent to impacted customers on Wednesday and filed with California's Office of the Attorney General, the company took action to stop the unauthorized access, launched an investigation with the help of external cybersecurity experts, and reported the incident to relevant authorities. READ MORE...
An Iranian IT vendor that works with many of the nation's top banks and some of its government entities suffered a severe cyberattack and is in the process of paying a ransom in installments, according to emails and blockchain data reviewed by CyberScoop, contrary to claims from the Iranian government that a hack never occurred. The company, Tosan, provides IT services to 45% of the country's banks, serving 27 million Iranians, according to the company's website. READ MORE...
A novel side-channel attack dubbed "RAMBO" (Radiation of Air-gapped Memory Bus for Offense) generates electromagnetic radiation from a device's RAM to send data from air-gapped computers. Air-gapped systems, typically used in mission-critical environments with exceptionally high-security requirements, such as governments, weapon systems, and nuclear power stations, are isolated from the public internet and other networks to prevent malware infections and data theft. READ MORE...
The United States, alongside several of its allies including the UK, are accusing the Russian military of attacking global critical infrastructure units through malicious cyber operations bent on espionage, sabotage, and reputational damage. The FBI, NSA, and CISA have published a joint advisory assessing the cyber actors affiliated with the Russian GRU 161st Specialist Training Center, otherwise known as Unit 29155. READ MORE...
The Predator spyware has resurfaced with fresh infrastructure after a drop in activity caused by US sanctions against Intellexa Consortium, Recorded Future reports. Intellexa, based in Greece, was sanctioned in March for selling and distributing commercial spyware and surveillance tools. Three other entities were sanctioned for their roles in the development and distribution of the Predator spyware. READ MORE...
A recently patched SonicWall product vulnerability tracked as CVE-2024-40766 may have been exploited in ransomware attacks. The critical flaw, disclosed on August 22, impacts SonicOS on Gen 5, Gen 6 and Gen 7 firewalls. The vulnerability, an improper access control issue in the SonicOS management access and SSLVPN, can lead to unauthorized resource access or a firewall crash. SonicWall updated its advisory on Friday to inform customers that it is "potentially being exploited in the wild". READ MORE...