15 Jun 2021

Researchers Attribute SITA Cyberattack to Chinese Hackers

A cyberattack on SITA that impacted multiple airlines across the globe was likely the work of a Chinese nation-state threat actor known as APT41, according to new research from security experts at Group-IB. The attack was disclosed in March and affected airlines such as Air India, Air New Zealand, Singapore

Read More
15 Jun 2021

REvil Claims Responsibility for Invenergy Hack

Ransomware group REvil has claimed responsibility for an attack in Invenergy, a US-based renewable energy company headquartered in Chicago. The company allegedly launched an investigation of its network after it detected unauthorized activity on some of its systems. On Friday, the company issued a statement confirming that its operations were

Read More
15 Jun 2021

Critical remote code execution flaw in thousands of VMWare vCenter servers remains unpatched

Thousands of internet-facing VMWare vCenter servers are still impacted by critical vulnerabilities despite patches being released weeks ago, warn researchers. The vulnerabilities impact the centralized management utility Center Server. VMWare issued patches for the two critical bugs on May 25, however, not all servers have adhered to recommendations and implemented

Read More
14 Jun 2021

REvil Hits US Nuclear Weapons Contractor

Sol Oriens, a US subcontractor for the Department of Energy that works on nuclear weapons was hit by a cyberattack last month that was allegedly the work of the infamous REvil ransomware gang. REvil posted a statement to its website that states that the malicious organization boasts the right to

Read More
14 Jun 2021

Global Police Close Record Number of Fake Pharma Sites

Over 110,000 fake websites and online marketplaces advertising fraudulent pharmaceuticals have been shut down as part of an international crackdown on fake pharma sites, according to the global policing organization Interpol. Interpol states that the operation, deemed Operation Pangea XIV, involved customs, law enforcement, and regulatory officers from 92 different

Read More
14 Jun 2021

McDonald’s Suffers Data Breach

McDonald’s has suffered from a data breach that has impacted customers and employees located in South Korea and Taiwan. The breach, which was the result of a cyberattack, also affected company operations in the United States. An unauthorized third party allegedly broke into the system of McDonald’s Cope. and accessed

Read More
11 Jun 2021

Gaming Giant EA Suffers Major Data Breach

Gaming giant Electronic Arts has suffered from a major data breach that includes details pertaining to game source code and tools for several popular games. Cybercriminals claimed to have breached the company in blog posts published on underground hacking forums. These posts advertised 780GB of data for sale. EA later

Read More
11 Jun 2021

‘Fancy Lazarus’ Cyberattackers Ramp up Ransom DDoS Efforts

APT group “Fancy Lazarus” has been ramping up its ransom DDoS efforts in several new campaigns against US entities. The group is known for masquerading as various APT groups to distract security researchers. Researchers state the APT group is launching a new series of attacks using a combination of the

Read More
11 Jun 2021

Police Grab Slilpp, Biggest Stolen-Logins Market

On Thursday, the US Department of Justice announced that a multinational operation had led to the seizure of Slilpp, a massive and popular marketplace for selling online logins and credentials. At the time of the takedown, authorities note that there were more than 80 million login credentials for sale used

Read More
11 Jun 2021

Lax security around URL shortener exposed PII of US retailer Carter’s customer base

US retailer Carter’s has suffered from a data leak that exposed the personally identifiable information (PII) of hundreds of thousands of customers. However, unlike many data leaks, the incident was not the result of an unsecured bucket or misconfigured cloud storage system, rather the leak was caused by relaxed security

Read More