hacked
-
Blog
Ransomware gang says it hacked Goodwill, shut down stores in Texas
Ransomware group Rhysida yesterday claimed responsibility for a November 2024 cyber attack on Goodwill North Central Texas. Goodwill North Central Texas announced a “company-wide technical issue” on November 10, 2024 that shut down all of its stores. They started reopening on November 13 and all stores were back up and running by November 22. Rhysida says it stole confidential data…
Read More » -
Blog
Ransomware gang says it hacked BMW and Tesla parts maker JTEKT
Ransomware group BlackSuit yesterday claimed responsibility for an October 2024 data breach at JTEKT North America, an automotive manufacturing corporation whose customers include auto makers like BMW, Tesla, and Rivian. BlackSuit says it stole 894 GB of data from JTEKT North America, the US arm of the Japanese company. JTEKT has not verified BlackSuit’s claim. JTEKT said a third party…
Read More » -
Blog
Ransomware gang BlackSuit says it hacked Alabama county government
Ransomware gang BlackSuit claimed responsibility for cyber attack earlier this month on the Cullman County Commission in Alabama. In a November 7, 2024 Facebook post, the Commission announced it was the victim of a cyber attack that shut down the County Courthouse at around 4 a.m. Phone lines for the Revenue, Probate, and District Attorney’s offices were down. Online payments…
Read More » -
Blog
Florida High School hacked by ransomware gang; SSNs and credit cards stolen
Saint Thomas Aquinas High School in Ft. Lauderdale, FL this week confirmed it notified 37,064 people of a July 2024 data breach that compromised the following personal info: Names Social Security numbers Financial information Bank account numbers Credit and debit card numbers Driver’s license numbers Passport numbers Student ID numbers Medical info Health insurance info Ransomware gang Medusa claimed responsibility…
Read More » -
Blog
Over 2,000 Palo Alto firewalls hacked using recently patched bugs
Hackers have already compromised thousands of Palo Alto Networks firewalls in attacks exploiting two recently patched zero-day vulnerabilities. The two security flaws are an authentication bypass (CVE-2024-0012) in the PAN-OS management web interface that remote attackers can exploit to gain administrator privileges and a PAN-OS privilege escalation (CVE-2024-9474) that helps them run commands on the firewall with root privileges. While…
Read More » -
Blog
T-Mobile confirms it was hacked in recent wave of telecom breaches
T-Mobile confirms it was hacked in the wave of recently reported telecom breaches conducted by Chinese threat actors to gain access to private communications, call records, and law enforcement information requests. “T-Mobile is closely monitoring this industry-wide attack, and at this time, T-Mobile systems and data have not been impacted in any significant way, and we have no evidence of impacts…
Read More » -
Blog
Why you should always offboard outgoing staff: A disgruntled ex-Disney employee targeted former colleagues with DDoS attacks and hacked its menu system to change peanut allergen information
A former Disney employee faces federal cyber crime charges after being accused of hacking into the entertainment giant’s menu system. The disgruntled ex-menu production manager, Michael Scheuer, was fired in June for alleged misconduct, but is now charged with attempting to mislabel menu items, hiding the fact they contained peanuts. “The threat actor manipulated the allergen information on menus by…
Read More » -
Blog
QNAP, Synology, Lexmark devices hacked on Pwn2Own Day 3
The third day of Pwn2Own Ireland 2024 continued to showcase the expertise of white hat hackers as they exposed 11 zero-day vulnerabilities, adding $124,750 to the total prize pool, which now stands at $874,875. Pwn2Own, a global hacking competition, challenges top security researchers to exploit a range of software and hardware devices, with the ultimate goal of earning the prestigious…
Read More » -
Blog
US gun maker Saeilo hacked by ransomware gang, private info stolen
US gun manufacturer Saeilo Enterprises confirmed it notified 8,725 people about an August 2024 data breach that compromised names, addresses, driver’s licenses, and other personal information. Saeilo is the parent company of Kahr Arms, Magnum Research, Tommy Gun, and Thompson/Auto Ordinance. Ransomware group Metaencryptor claimed responsibility for the breach, saying it stole 11.5 GB of data. Saeilo has not verified…
Read More » -
Blog
Over 6,000 WordPress hacked to install plugins pushing infostealers
WordPress sites are being hacked to install malicious plugins that display fake software updates and errors to push information-stealing malware. Over the past couple of years, information-stealing malware has become a scourge to security defenders worldwide as stolen credentials are used to breach networks and steal data. Since 2023, a malicious campaign called ClearFake has been used to display fake web browser…
Read More »