A cyberattack on SITA that impacted multiple airlines across the globe was likely the work of a Chinese nation-state threat actor known as APT41, according to new research from security experts at Group-IB. The attack was disclosed in March and affected airlines such as Air India, Air New Zealand, Singapore

Ransomware group REvil has claimed responsibility for an attack in Invenergy, a US-based renewable energy company headquartered in Chicago. The company allegedly launched an investigation of its network after it detected unauthorized activity on some of its systems. On Friday, the company issued a statement confirming that its operations were

Thousands of internet-facing VMWare vCenter servers are still impacted by critical vulnerabilities despite patches being released weeks ago, warn researchers. The vulnerabilities impact the centralized management utility Center Server. VMWare issued patches for the two critical bugs on May 25, however, not all servers have adhered to recommendations and implemented

Sol Oriens, a US subcontractor for the Department of Energy that works on nuclear weapons was hit by a cyberattack last month that was allegedly the work of the infamous REvil ransomware gang. REvil posted a statement to its website that states that the malicious organization boasts the right to

Over 110,000 fake websites and online marketplaces advertising fraudulent pharmaceuticals have been shut down as part of an international crackdown on fake pharma sites, according to the global policing organization Interpol. Interpol states that the operation, deemed Operation Pangea XIV, involved customs, law enforcement, and regulatory officers from 92 different

McDonald’s has suffered from a data breach that has impacted customers and employees located in South Korea and Taiwan. The breach, which was the result of a cyberattack, also affected company operations in the United States. An unauthorized third party allegedly broke into the system of McDonald’s Cope. and accessed

Gaming giant Electronic Arts has suffered from a major data breach that includes details pertaining to game source code and tools for several popular games. Cybercriminals claimed to have breached the company in blog posts published on underground hacking forums. These posts advertised 780GB of data for sale. EA later

APT group “Fancy Lazarus” has been ramping up its ransom DDoS efforts in several new campaigns against US entities. The group is known for masquerading as various APT groups to distract security researchers. Researchers state the APT group is launching a new series of attacks using a combination of the

On Thursday, the US Department of Justice announced that a multinational operation had led to the seizure of Slilpp, a massive and popular marketplace for selling online logins and credentials. At the time of the takedown, authorities note that there were more than 80 million login credentials for sale used

US retailer Carter’s has suffered from a data leak that exposed the personally identifiable information (PII) of hundreds of thousands of customers. However, unlike many data leaks, the incident was not the result of an unsecured bucket or misconfigured cloud storage system, rather the leak was caused by relaxed security