23andMe: Data Breach Was a Credential-Stuffing Attack
DNA testing company 23andMe has released further details surrounding an October data breach, where user profile information had been accessed and downloaded at the hands of a threat actor. On Oct. 1, a threat actor made a post on the Dark Web claiming to possess profile information of 23andMe users; later, the perpetrators released 4…
Pro-Iran Attackers Access Multiple Water Facility Controllers
Critical infrastructure in multiple US states may have been compromised by Iran-affiliated attackers targeting programmable logic controllers (PLCs). A warning from the FBI, Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), the Environmental Protection Agency (EPA), and the Israel National Cyber Directorate comes after an attack was detected on a Pennsylvania water authority…
Expert warns of Turtle macOS ransomware
The popular cyber security researcher Patrick Wardle published a detailed analysis of the new macOS ransomware Turtle. Wardle pointed out that since Turtle was uploaded on Virus Total, it was labeled as malicious by 24 anti-malware solutions, suggesting it is not a sophisticated threat. However, the malicious code was generally detected as “Other:Malware-gen”, “Trojan.Generic”, or…
Is China waging a cyber war with Taiwan?
Nation-state hacking groups based in China have sharply ramped up cyberattacks against Taiwan this year, according to multiple reports. With geopolitical tensions and a trade war acting as a backdrop, China-led cyberattacks on Taiwan are rising sharply, according to multiple security reports. In the latest report about alleged China-sponsored cyberattacks on Taiwan, Kate Morgan, a…
Apple addressed 2 new iOS zero-day vulnerabilities
Apple released emergency security updates to address two zero-day vulnerabilities impacting iPhone, iPad, and Mac devices. The flaws are actively exploited in attacks in the wild, both issues reside in the WebKit browser engine. The first vulnerability, tracked as CVE-2023-42916, is an out-of-bounds read. An attacker can trick a victim into visiting specially crafted web…
Amazon debuts biometric security device, updates Detective and GuardDuty
The latest security announcements from Amazon aim to address a wide range of security issues for businesses, including an all-in-one hand-scanning biometric system and new capabilities for its Detective security visualization tool and GuardDuty continuous monitoring solution. Amazon One Enterprise is the most novel of the company’s announcements, which were made this week at its…
Threat actors started exploiting critical ownCloud flaw CVE-2023-49103
ownCloud is an open-source software platform designed for file synchronization and sharing. It allows individuals and organizations to create their own private cloud storage services, giving them control over their data while facilitating collaboration and file access across multiple devices. The vulnerability, tracked as CVE-2023-49103, resides in the Graphapi app, which relies on a third-party…
CrowdStrike SIEM Demand Rises Amid Cisco-Splunk, Legacy Woes
Pervasive discontent with legacy SIEM offerings and Cisco’s proposed acquisition of Splunk has driven “a significant and pronounced increase in interest” in CrowdStrike’s SIEM offering. The Austin, Texas-based cybersecurity titan’s SIEM tool hit the $100 million annual recurring revenue milestone in the most recent quarter thanks to LogScale’s search speed, data gravity and cost efficiency,…
Ardent Health Hospitals Disrupted After Ransomware Attack
Ardent Health Services, headquartered in Nashville, Tenn., and operating in six different states, fell victim to a ransomware attack in late November that has taken its entire network offline. Some 30 hospitals have been affected by this ransomware attack. While the attack didn’t disrupt patient care in Ardent hospitals, those in need of emergency medical…
Ukraine’s intelligence service hacked Russia’s Federal Air Transport Agency, Rosaviatsia
Ukraine’s intelligence service announced they have hacked Russia’s Federal Air Transport Agency, ‘Rosaviatsia.’ The attack is the result of a complex special cyber operation. “The Defence Intelligence of Ukraine informs that as a result of a successful complex special operation in cyberspace, a large volume of confidential documents of the structural subdivision of the Russian…
