Dubai Taxi Company, a subsidiary of Dubai’s Roads and Transport Authority, leaked a trove of sensitive information from the DTC app, the Cybernews research team has found. Over 197K app users and nearly 23K drivers were exposed. DTC claims that it controls 44% of the Dubai market share by the size of its taxi fleet,…

The North Korea-linked APT group Lazarus is behind a new hacking campaign that exploits Log4j vulnerabilities to deploy previously undocumented remote access trojans (RATs). Cisco Talos researchers tracked the campaign as Operation Blacksmith, the nation-state actors are employing at least three new DLang-based malware families. Two of these malware strains are remote access trojans (RATs),…

Toyota Financial Services (TFS) is warning customers it has suffered a data breach that exposed sensitive personal and financial data. “Due to an attack on the systems, unauthorized persons gained access to personal data. Affected customers have now been informed. Toyota Kreditbank’s systems have been gradually restarted since December 1st.” reads a statement published by…

The US leg of an Australia-based shipbuilding company, Austal, which is a contractor for the US Department of Defense and the Department of Homeland Security, recently alerted the FBI and the Naval Criminal Investigative Service (NCIS) of a cyberattack. The cyberattack was claimed by the Hunters International ransomware group, which leaked stolen information as proof…

DNA testing company 23andMe has released further details surrounding an October data breach, where user profile information had been accessed and downloaded at the hands of a threat actor. On Oct. 1, a threat actor made a post on the Dark Web claiming to possess profile information of 23andMe users; later, the perpetrators released 4…

The popular cyber security researcher Patrick Wardle published a detailed analysis of the new macOS ransomware Turtle. Wardle pointed out that since Turtle was uploaded on Virus Total, it was labeled as malicious by 24 anti-malware solutions, suggesting it is not a sophisticated threat. However, the malicious code was generally detected as “Other:Malware-gen”, “Trojan.Generic”, or…

Ardent Health Services, headquartered in Nashville, Tenn., and operating in six different states, fell victim to a ransomware attack in late November that has taken its entire network offline. Some 30 hospitals have been affected by this ransomware attack. While the attack didn’t disrupt patient care in Ardent hospitals, those in need of emergency medical…

On October 10, the Cybersecurity and Infrastructure Security Agency (CISA) updated the Known Exploited Vulnerabilities (KEV) catalog with five known software flaws. At the top of the list: A use-after-free vulnerability in Adobe’s Acrobat and Reader PDF-viewing applications that could allow code execution with the privileges of any user that clicked on a malicious file….