Cyberattack Archives - Page 5 of 15 - Cyber Security Minute

AWS Tokens Lurking in Android, iOS Apps Crack Open Corporate Cloud Data

Issued by: Dark Reading

Thousands of customer-facing Android and iOS mobile apps — including banking apps — have been found to contain hardcoded Amazon Web Services (AWS) credentials that would allow cyberattackers to steal sensitive information from corporate clouds. Symantec researchers uncovered 1,859 business apps that use hardcoded AWS credentials, specifically access tokens. Of these, three-quarters (77%) contain valid…

Malware & Threats

Ransomware Gang Claims Customer Data Stolen in TAP Air Portugal Hack

Issued by: Security Week

The incident was initially disclosed on August 26, when TAP announced on Twitter that it managed to foil the cyberattack before the threat actor could access any customer data. “TAP was the target of a cyberattack, now blocked. Operational integrity is guaranteed. No facts have been found that allow us to conclude that there has…

Malware & Threats

Ransomware is not going anywhere: Attacks are up 24%

Issued by: Help Net Security

Avast released a report revealing a significant increase in global ransomware attacks, up 24% from Q1/2022. Researchers also uncovered a new zero-day exploit in Chrome, as well as signals how cybercriminals are preparing to move away from macros as an infection vector. Ransomware attacks increase After months of decline, global ransomware attacks increased significantly in…

Malware & Threats

Power Electronics Manufacturer Semikron Targeted in Ransomware Attack

Issued by: Security Week

Semikron, which employs 3,000 people across 24 subsidiaries worldwide, makes power modules and systems. Its products are used in motor drives, industrial automation systems, as well as other application areas. In a notice posted on its website on Monday, Semikron said it had been targeted by ‘a professional hacker group’. The company said the incident…

Application Security, Software Security

Cyberattack Disrupts Unemployment Benefits in Some States

Issued by: Security Week

In Tennessee, the website for unemployment benefits remained down Thursday morning after the vendor, Geographic Solutions Inc., told the state Sunday that service would be interrupted. Some 12,000 Tennesseans rely on the unemployment program, and for now, they’re not getting their payments. The company said that it expects Tennessee’s system to be back online before…

Malware & Threats

Spanish Judge to Seek Testimony From NSO on Pegasus Spyware

Issued by: Security Week

The court said that José Luis Calama has decided to lead a judicial commission that will travel to Israel to “take testimony from the CEO of the company that commercializes the Pegasus program.” Shalev Hulio is the CEO of the Tel Aviv-based NSO Group. The court gave no date for the judge’s trip. When asked…

Malware & Threats

Wray: FBI Blocked Planned Cyberattack on Children’s Hospital

Issued by: Security Week

Wray told a Boston College cybersecurity conference that his agents learned of the planned digital attack from an unspecified intelligence partner and got Boston Children’s Hospital the information it needed last summer to block what would have been “one of the most despicable cyberattacks I’ve seen.” “And quick actions by everyone involved, especially at the…

Malware & Threats

Microsoft Flags Attack Targeting SQL Servers With Novel Approach

Issued by: Dark Reading

Microsoft Security Intelligence this week tweeted a warning about an attack campaign targeting SQL servers and using a new approach to evade PowerShell monitoring. Instead of PowerShell, these threat actors are using sqlps.exe, a utility that comes standard with every version of SQL and functions as a “wrapper for running SQL-built CMDlets, to run commands…

Vulnerabilities

Critical Zyxel Firewall Bug Under Active Attack After PoC Exploit Debut

Issued by: Dark Reading

Zyxel firewalls are under active cyberattack after a critical security vulnerability was disclosed last week that could allow unauthenticated, remote arbitrary code execution. The bug (CVE-2022-30525, CVSS 9.8) was silently patched in April, but no public disclosure was made until last Thursday, May 12, when Rapid7 released a technical report on the issue. It also…

Malware & Threats

Regulator Proposes $1 Million Fine for Colonial Pipeline One Year After Cyberattack

Issued by: Security Week

The PHMSA has proposed civil penalties of $986,000 for the operator of the largest fuel pipeline in the US for what it has described as control room management failures. In May 2021, Colonial Pipeline was forced to shut down operations after its systems became infected with ransomware. The attack involved the Russia-linked Darkside ransomware and…