Data Breaches

KFC owner suffers data breach following ransomware attack

Note: This article was updated on April 12, 2023, to reflect the fact that employee data, not customer data, was accessed during the cyber attack against Yum! Brands US fast-food corporation Yum! Brands, which owns franchises including KFC, Pizza Hut and Taco Bell, has suffered a data breach following a ransomware attack. The cyber attack, which took place on January 18, 2023, involved a malicious actor gaining unauthorized access to Yum! Brands’ network. The ransomware…

Read More

IOTW: Latitude Financial data breach affects 14 million people

Australian financial services company, Latitude Financial, has suffered a large-scale data break that exposed the personal information for more than 14 million customers. The breach was initially discovered on March 16, but was originally thought to have affected a fraction of the customers actually impacted by the cyber attack. How did the Latitude Financial data breach happen? The data breach was initially reported by Latitude Financial on March 16, after unusual activity was detected on…

Read More

Twitter source code leaked via GitHub

Part of the source code for social media site Twitter has been leaked via source code repository GitHub, according to a DMCA takedown request. The DMCA request stated that the code leaked included “proprietary source code for Twitter’s platform and internal tools”. Following the DMCA request, the code was taken down. The source code was leaked by a user under the screen name ‘FreeSpeechEnthusiast’. It is unclear how long the source code was available for,…

Read More

Critical flaw in WooCommerce can be used to compromise WordPress websites

WooCommerce, a popular plug-in for running WordPress-based online stores, contains a critical vulnerability that could allow attackers to take over websites. Technical details about the vulnerability have not been published yet, but the WooCommerce team released updates and attackers could reverse-engineer the patch. “Although what we know at this time is limited, what we do know is that the vulnerability allows for unauthenticated administrative takeover of websites,” researchers from web security firm Sucuri said in…

Read More

Cyberpion rebrands as Ionix, offering new EASM visibility improvements

SaaS-based external attack surface management (EASM) company Cyberpion has rebranded as Ionix, at the same time adding a clutch of new cybersecurity capabilities to its namesake offering. Designed to provide a “wider coverage and deeper focus” into its customers’ internet-facing assets and connected dependencies, the revamp of Ionix’s system will feature new abilities such as extending visibility into connected assets and shadow IT, and scoring risks based on possible blast radius. “Along with the rebrand comes…

Read More

Android-based banking Trojan Nexus now available as malware-as-a-service

Italian cybersecurity firm Cleafy has found “Nexus”, a new Android Trojan capable of hijacking online accounts and siphoning funds from them, to be targeting customers from 450 banks and cryptocurrency services worldwide. First observed in June 2022 as a variant of SOVA, another Android banking Trojan, Nexus has since improved targeting capabilities and is available via a malware-as-a-service (MaaS) program for $3000 a month, and allows other attackers to rent or subscribe to the malware…

Read More

IOTW: BreachForums shuts down after FBI arrests its top admin

Notorious dark web hacking forum BreachForums is reportedly shutting down following the arrest of one of its top administrators by the United States’ Federal Bureau of Information (FBI). The administrator of the site, who went by ‘Pompompurin’ on the site and was named as Conor Brian Fitzpatrick by the FBI, was allegedly arrested by the Bureau on March 15 on suspicion of hosting and running the forum. BreachForums was thought to be the reincarnation of…

Read More

Russian hacktivists deploy new AresLoader malware via decoy installers

Security researchers have started seeing attack campaigns that use a relatively new malware-as-a-service (MaaS) tool called AresLoader. The malicious program appears to be developed and used by several members of a pro-Russia hacktivist group and is typically distributed inside decoy installers for legitimate software. Security researchers from threat intelligence firm Intel 471 first spotted AresLoader in November when it was advertised by a user with the monikers AiD Lock and DarkBLUP on Telegram and two…

Read More

Security at the core of Intel’s new vPro platform

Intel has introduced its 13th Generation Core processor line, which the company claims is the first to build threat detection into hardware. In combination with endpoint detection and response (EDR) platforms from Intel partners, the new vPro processors promise a 70% reduction in attack surface compared to four-year-old PCs. Windows 11 systems can also take advantage of vPro’s memory encryption to provide better virtualization-based security. In tests conducted by SE Labs and commissioned by Intel,…

Read More

New vulnerabilities found in industrial control systems of major vendors

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued advisories on 49 vulnerabilities in eight industrial control systems (ICS) this week, which are used across multiple critical infrastructure sectors. The vulnerabilities identified by CISA were tracked in products from ICS providers including Siemens, Hitachi, Rockwell, Delta Electronics, VISAM, and Keysight. Many of the vulnerabilities in CISA’s advisory are remotely exploitable, involve low attack complexity, and allow attackers to take control of affected systems, manipulate…

Read More