Malware

Yum Brands, the parent company of popular fast-food chains KFC, Pizza Hut, and Taco Bell, has disclosed a data breach after a ransomware attack on its systems. The company, which operates more than 50,000 restaurants in over 150 countries, said the breach occurred in late May 2021 and was discovered during an investigation into the ransomware attack. The attackers were able to access certain information, including the payment card information of some customers who made…

In order to address two actively exploited zero-day vulnerabilities discovered by Google’s Threat Analysis Group and Amnesty International’s Security Lab that also affect earlier iPhones, iPads, and Macs, Apple has published emergency updates to backport security patches that were announced on Friday. Apple stated in security advisories posted on Monday that it was “aware of a report that this problem may have been actively exploited.” The first is an out-of-bounds write vulnerability in IOSurfaceAccelerator that…

Over the past week, Israel has experienced significant cyber attacks on the Israel Post and irrigation systems in the North. The Israel Postal Company detected and prevented an attack on their computer servers by a “hostile party” and shut down part of their systems in response. This did not affect banking services, which operate on a separate system. While the attack was stopped early and did not result in any damage or information leaks, some…

A threat group known as ARES is becoming well-known on the cybercrime scene due to selling and leaking databases stolen from businesses and government agencies. The actor first appeared on Telegram in late 2021 and has since been linked to the RansomHouse ransomware operation, the KelvinSecurity data leak platform, and the network access group Adrastea. In order to fill the hole left by the now-defunct Breached forum, ARES Group administers its own website with database…

The Iranian nation-state group known as MuddyWater has been observed carrying out destructive attacks on hybrid environments under the guise of a ransomware operation. That’s according to new findings from the Microsoft Threat Intelligence team, which discovered the threat actor targeting both on-premises and cloud infrastructures in partnership with another emerging activity cluster dubbed DEV-1084. MuddyWater is the name assigned to an Iran-based actor that the U.S. government has publicly connected to the country’s Ministry of Intelligence and Security (MOIS).…

A coordinated international law enforcement operation has dismantled Genesis Market, an illegal online marketplace that specialized in the sale of stolen credentials associated with email, bank accounts, and social media platforms. Coinciding with the infrastructure seizure, the major crackdown, which involved authorities from 17 countries, culminated in 119 arrests and 208 property searches in 13 nations. The “unprecedented” law enforcement exercise has been codenamed Operation Cookie Monster. Genesis Market, since its inception in March 2018, evolved into a major hub…