Harrods suffers new data breach exposing 430,000 customer records
UK retail giant Harrods has disclosed a new cybersecurity incident after hackers compromised a third-party supplier and stole 430,000 records with sensitive e-commerce customer information. In a statement for BleepingComputer, the luxury department store noted that the latest incident is not related to the May cyberattack, which was attributed to Scattered Spider. Back in May, Harrods was the target of a failed cyberattack as the luxury goods company was quick to take proactive action. READ MORE...
RTX confirms hack of passenger boarding software involved ransomware
RTX Corp., the parent firm of Collins Aerospace, confirmed that ransomware was used in the hack of its airline passenger processing software, in a filing with federal regulators. The attack, discovered on Sept. 19, has disrupted flights across Europe since last week, including at London's Heathrow Airport, Brussels Airport, and airports in Berlin and Dublin. The Multi-User System Environment software, known as MUSE, is used by multiple airlines to check-in and board passengers. READ MORE...
Dutch Teens Arrested for Allegedly Helping Russian Hackers
Two teenage boys were arrested in the Netherlands over suspicions of spying for pro-Russian hackers, Dutch authorities announced. The two 17-year-old boys were allegedly approached by the hackers on Telegram, a messaging application popular among cybercriminals and state-sponsored threat actors. According to local media, one of the boys was allegedly seen walking by Europol and Eurojust headquarters, and the Canadian embassy, while carrying a Wi-Fi sniffer. READ MORE...
Ukrainian Cops Spoofed in Fileless Phishing Attacks on Kyiv
Attackers are impersonating the Ukrainian police in a fileless phishing campaign that delivers two separate data-stealing payloads for harvesting various credentials and data as well as mining cryptocurrency from targeted systems. The attacks, which target Microsoft Windows machines at government entities in the Ukraine, use emails that include malicious Scalable Vector Graphics (SVG) files designed to trick recipients into opening harmful attachments. READ MORE...
Akira ransomware breaching MFA-protected SonicWall VPN accounts
Ongoing Akira ransomware attacks targeting SonicWall SSL VPN devices continue to evolve, with the threat actors found to be successfully logging in despite OTP MFA being enabled on accounts. Researchers suspect that this may be achieved through the use of previously stolen OTP seeds, although the exact method remains unconfirmed. In July, BleepingComputer reported that the Akira ransomware operation was exploiting SonicWall SSL VPN devices to breach corporate networks. READ MORE...
Iranian State Hackers Use SSL.com Certificates to Sign Malware
Novel malware is hard enough to detect these days, but malicious code signed with valid digital certificates is even harder to stop. That's the case with several malware strains tied to an Iranian cyber espionage group tracked as UNC1549 (aka Subtle Snail, Nimbus Manticore, Smoke Sandstorm, and Tortoiseshell) and linked to the infamous Charming Kitten advanced persistent threat (APT). READ MORE...
Schneier on Security: Abusing Notion's AI Agent for Data Theft
Notion just released version 3.0, complete with AI agents. Because the system contains Simon Willson's lethal trifecta, it's vulnerable to data theft though prompt injection. The attack involves hiding prompt instructions in a pdf file-white text on a white background-that tell the LLM to collect confidential data and then send it to the attackers. Here's the meat of the malicious prompt: READ MORE...
- ...in 1942. actor Ian McShane ("Deadwood", "Lovejoy") is born in Lancashire, England.
- ...in 1963, Les Claypool, bass player and lead singer of alternative rock band Primus, is born in Richmond, CA.
- ...in 1966, Chevrolet introduces the Camaro, which went on to become one of the iconic "muscle cars" of the mid-20th century.
- ...in 1988, Stacy Allison of Portland, OR becomes the first American woman to reach the summit of Mount Everest.
