Archive for the ‘cybercrime/malcode’ category

May 26, 2024

$1,800,000,000,000 Bank Says Customer and Employee Data Has Been Exposed and Accessed in Mysterious Breach

Posted by in categories: cybercrime/malcode, finance

One of the largest banks in the world says a data breach has exposed customer and employee information.

In a statement, Santander says it’s aware of “unauthorized access” to a third-party database containing information on an undisclosed number of customers and employees.

The bank, which has $1.8 trillion in total assets and operates in ten markets across Europe and the Americas, says customers of Santander Chile, Spain and Uruguay are affected.

May 24, 2024

Space Force selects companies to develop concepts for simulated space war training range

Posted by in categories: cybercrime/malcode, military, satellites

Join our newsletter to get the latest military space news every Tuesday by veteran defense journalist Sandra Erwin.

In a statement May 22, the Space Force said this specialized environment will be crucial for training service personnel, known as guardians, to defend critical satellites and other spacecraft from electronic attacks. Satellites rely on electromagnetic signals for communication, navigation, and data transmission, making them vulnerable to jamming and cyberattacks.

May 24, 2024

Hackers Created Rogue VMs to Evade Detection in Recent MITRE Cyber Attack

Posted by in category: cybercrime/malcode

The MITRE Corporation has revealed that the cyber attack targeting the not-for-profit company towards late December 2023 by exploiting zero-day flaws in Ivanti Connect Secure (ICS) involved the actor creating rogue virtual machines (VMs) within its VMware environment.

“The adversary created their own rogue VMs within the VMware environment, leveraging compromised vCenter Server access,” MITRE researchers Lex Crumpton and Charles Clancy said.

“They wrote and deployed a JSP web shell (BEEFLUSH) under the vCenter Server’s Tomcat server to execute a Python-based tunneling tool, facilitating SSH connections between adversary-created VMs and the ESXi hypervisor infrastructure.”

May 24, 2024

Beware: These Fake Antivirus Sites Spreading Android and Windows Malware

Posted by in categories: cybercrime/malcode, robotics/AI

It’s currently not clear how these bogus websites are distributed, but similar campaigns in the past have employed techniques such as malvertising and search engine optimization (SEO) poisoning.

Stealer malware have increasingly become a common threat, with cybercriminals advertising numerous custom variants with varying levels of complexity. This includes new stealers like Acrid, SamsStealer, ScarletStealer, and Waltuhium Grabber, as well as updates to existing ones such as SYS01stealer (aka Album Stealer or S1deload Stealer).

May 23, 2024

How the Ascension cyberattack is disrupting care at hospitals

Posted by in categories: biotech/medical, cybercrime/malcode, health

With IT systems down, staff at Ascension have to use manual processes they left behind some 20 years ago. It’s the latest in a string of attacks on health care systems that house private patient data.

May 17, 2024

AT&T Data Breach: What Is AT&T Doing for the 73 Million Accounts Breached?

Posted by in category: cybercrime/malcode

If you’re worried about your data, here’s what you can do, including how to reset your AT&T account passcode.

May 13, 2024

Hackers are now targeting the children of corporate executives in elaborate ransomware attacks

Posted by in category: cybercrime/malcode

In February, ransomware attackers targeted Chain Healthcare, the payment management arm of healthcare giant UnitedHealth Group, causing backlogs in prescription insurance claims.

Ransomware can be introduced to a company’s databases through even the smallest slip by an employee, like clicking a link in a phishing email. But as companies have gotten better at keeping criminals out, the crooks have gotten more creative, Mandiant CTO Charles Carmakal says.

May 11, 2024

Are You Ready for Tech That Connects to Your Brain?

Posted by in categories: business, cybercrime/malcode, education, neuroscience

Imagine having telepathic conversations with loved ones, instantaneously accessing superhuman computational power, playing back memories and dreams, or immersing yourself and every sense you possess into a virtual entertainment experience. In the distant future, if brain-computer interfaces (BCIs) are successful at reading and writing information to the brain, and if humans adapt to the technology, we could experience some pretty amazing scenarios. But, there are many outstanding questions for how we could ensure a bright future: Who will own the data generated by our brains? Will brain data be bought and sold by data brokers like other personal information today? Will people be forced to use certain BCIs that surveil their brain activity (for example, to make sure you’re paying attention at work and school)? Will BCIs put peoples’ brains at risk of being hacked? As with all new technology, more of these philosophical questions will need to be investigated and answered before there is widespread adoption and use of BCIs in the future.

Page-utils class= article-utils—vertical hide-for-print data-js-target= page-utils data-id= tag: blogs.harvardbusiness.org, 2007/03/31:999.274997 data-title= Are You Ready for Tech That Connects to Your Brain? data-url=/2020/09/are-you-ready-for-tech-that-connects-to-your-brain data-topic= Technology and analytics data-authors= Lauren Golembiewski data-content-type= Digital Article data-content-image=/resources/images/article_assets/2020/09/Sep20_28_3191098-383x215.jpg data-summary=

Who owns that data?

May 11, 2024

JPMorgan Chase Suffers Data Breach Affecting Personal Information of 451,809 Customers

Posted by in categories: cybercrime/malcode, finance

JPMorgan Chase says it has discovered a data breach affecting the personal information of nearly half a million customers.

New filings with the Office of the Maine Attorney General show the banking giant recently found a software issue that’s been active since August 26th, 2021.

The bug allowed unauthorized access to retirement plan records of 451,809 customers, which contain names, addresses, Social Security numbers and bank account numbers.

May 11, 2024

Google Cloud accidentally deletes UniSuper’s online account due to ‘unprecedented misconfiguration’

Posted by in category: cybercrime/malcode

The UniSuper CEO, Peter Chun, wrote to the fund’s 620,000 members on Wednesday night, explaining the outage was not the result of a cyber-attack, and no personal data had been exposed as a result of the outage. Chun pinpointed Google’s cloud service as the issue.

In an extraordinary joint statement from Chun and the global CEO for Google Cloud, Thomas Kurian, the pair apologised to members for the outage, and said it had been “extremely frustrating and disappointing”

They said the outage was caused by a misconfiguration that resulted in UniSuper’s cloud account being deleted, something that had never happened to Google Cloud before.

Page 1 of 20412345678Last