According to user reports on social media, the exposed information included customers’ names, phone numbers, addresses, account balances, and credit card details like the expiration dates and the last four digits.
Australia is rolling out a six-pillar cyber security strategy to safeguard its digital interests, covering education, technology safety, threat-sharing, infrastructure protection, infosec capability, and global coordination.
Sep 21, 2023THNCyber Threat / Ransomware A financially motivated threat actor has been outed as an initial access broker (IAB) that sells access to compromised organizations for other adversaries to conduct follow-on attacks such as ransomware. SecureWorks Counter Threat Unit (CTU) has dubbed the e-crime group Gold Melody, which is also known by the names […]
The investigation into the claims found that the information leaked by USDoD was likely obtained from another organization’s systems, given that the data and its formatting are different than TransUnion’s.
Sep 21, 2023THNSupply Chain / Malware The maintainers of Free Download Manager (FDM) have acknowledged a security incident dating back to 2020 that led to its website being used to distribute malicious Linux software. “It appears that a specific web page on our site was compromised by a Ukrainian hacker group, exploiting it to distribute […]
Pennsylvania State University (Penn State) is facing a lawsuit filed by a former chief information officer (CIO) who alleges that the university falsified government security compliance reports.
Pour one out for the cyber bureaucrats in the Biden administration. In recent weeks, the White House has embarked on a dizzying task: trying to harmonize the exceedingly broad number of cybersecurity-related regulations and technical standards set by industry that corporations and critical infrastructure operators must abide by. That monumental task is likely to span […]
A further multimillion-dollar distribution of funds from Western Union to victims of fraud perpetrated via its payment network has begun, following a previous payout of $365m. The new $40m tranche of money was forfeited by the Colorado-headquartered financial services giant to the Department of Justice (DoJ) to reimburse 25,000 victims in the US and abroad. […]
This post is also available in: 日本語 (Japanese) Researchers should be aware of threat actors repurposing older proof of concept (PoC) code to quickly craft a fake PoC for a newly released vulnerability. On Aug. 17, 2023, the Zero Day Initiative publicly reported a remote code execution (RCE) vulnerability in WinRAR tracked as CVE-2023-40477. They […]