UK retail giant Harrods has disclosed a new cybersecurity incident after hackers compromised a third-party supplier and stole 430,000 records with sensitive e-commerce customer information. In a statement for BleepingComputer, the luxury department store noted that the latest incident is not related to the May cyberattack, which was attributed to Scattered Spider. Back in May, Harrods was the target of a failed cyberattack as the luxury goods company was quick to take proactive action. READ MORE...
RTX Corp., the parent firm of Collins Aerospace, confirmed that ransomware was used in the hack of its airline passenger processing software, in a filing with federal regulators. The attack, discovered on Sept. 19, has disrupted flights across Europe since last week, including at London's Heathrow Airport, Brussels Airport, and airports in Berlin and Dublin. The Multi-User System Environment software, known as MUSE, is used by multiple airlines to check-in and board passengers. READ MORE...
Two teenage boys were arrested in the Netherlands over suspicions of spying for pro-Russian hackers, Dutch authorities announced. The two 17-year-old boys were allegedly approached by the hackers on Telegram, a messaging application popular among cybercriminals and state-sponsored threat actors. According to local media, one of the boys was allegedly seen walking by Europol and Eurojust headquarters, and the Canadian embassy, while carrying a Wi-Fi sniffer. READ MORE...
Attackers are impersonating the Ukrainian police in a fileless phishing campaign that delivers two separate data-stealing payloads for harvesting various credentials and data as well as mining cryptocurrency from targeted systems. The attacks, which target Microsoft Windows machines at government entities in the Ukraine, use emails that include malicious Scalable Vector Graphics (SVG) files designed to trick recipients into opening harmful attachments. READ MORE...
Ongoing Akira ransomware attacks targeting SonicWall SSL VPN devices continue to evolve, with the threat actors found to be successfully logging in despite OTP MFA being enabled on accounts. Researchers suspect that this may be achieved through the use of previously stolen OTP seeds, although the exact method remains unconfirmed. In July, BleepingComputer reported that the Akira ransomware operation was exploiting SonicWall SSL VPN devices to breach corporate networks. READ MORE...
Novel malware is hard enough to detect these days, but malicious code signed with valid digital certificates is even harder to stop. That's the case with several malware strains tied to an Iranian cyber espionage group tracked as UNC1549 (aka Subtle Snail, Nimbus Manticore, Smoke Sandstorm, and Tortoiseshell) and linked to the infamous Charming Kitten advanced persistent threat (APT). READ MORE...
Notion just released version 3.0, complete with AI agents. Because the system contains Simon Willson's lethal trifecta, it's vulnerable to data theft though prompt injection. The attack involves hiding prompt instructions in a pdf file-white text on a white background-that tell the LLM to collect confidential data and then send it to the attackers. Here's the meat of the malicious prompt: READ MORE...