Learn more about the DragonForce ransomware - how it came to prominence, and some of the unusual tactics used by the hackers who extort money from companies with it.
Read more in my article on the Tripwire State of Security blog.
Category: data breach
Targus, the well-known laptop bag and case manufacturer, has been hit by a cyber attack that has interrupted its normal business operations.
Read more in my article on the Hot for Security blog.
New research has found that ransomware remediation costs can explode when backups have been compromised by malicious hackers - with overall recovery costs eight times higher than for those whose backups are not impacted.
Read more in my article on th Exponential-e blog.
The UK's Office for Nuclear Regulation (ONR) has started legal action against the controversial Sellafield nuclear waste facility due to years of alleged cybersecurity breaches.
Read more in my article on the Hot for Security blog.
The Qilin ransomware group has targeted The Big Issue, a street newspaper sold by the homeless and vulnerable.
Spost on Qilin's dark web leak site claimed the gang has stolen 550 GB of confidential data from the periodical's parent company.
Read more in my article on the Hot for Security blog.
Nemesis Market, a notorious corner of the darknet beloved by cybercriminals and drug dealers, has been suddenly shut down after German police seized control of its systems.
Read more in my article on the Tripwire State of Security blog.
Hackers have reportedly gained unauthorized access to credit card information from approximately 15,000 Roku accounts, according to a disclosure from the media streaming company. With a user base exceeding 80 million active accounts, Roku has become a prime target for cybercriminals.
The breach notification, submitted to the California Office of the Attorney General, confirmed that the attackers were successful in obtaining credit card data. Roku’s security teams determined that the breach occurred within the Roku Channel and TV operating system, spanning from December 28 of the previous year to February 21 of the current year. However, the breach was only identified in February.
While financial details were compromised in the attack, sensitive personal information such as social security numbers, account numbers, and dates of birth remained secure.
All affected individuals have been notified of the data breach, and Roku is advising its customers to change their passwords and monitor their credit card statements for any suspicious activity.
This incident recalls a similar cyber attack on Plex, a competitor in the streaming content industry, in 2022. In that breach, hackers accessed email addresses, usernames, and hashed passwords of over 30 million users, but no financial information was compromised.
While the exposure of email addresses and passwords can pose long-term risks for users, potentially enabling access to sensitive data like medical records, the exposure of credit card details can directly threaten victims’ financial security if the breach goes undetected or unreported.
The post Hackers steal Roku credit card details to make fraudulent purchases appeared first on Cybersecurity Insiders.
In October 2023, the British Library suffered "one of the worst cyber incidents in British history," as described by Ciaran Martin, ex-CEO of the National Cyber Security Centre (NCSC).
What lessons can other organisations learn from the ransomware attack?
Read more in my article on the Exponential-e blog.
In an unprecedented move, the United Kingdom’s government is poised to publicly accuse China of orchestrating a cyber breach into its Electoral Commission’s database. The breach, occurring between August 2021 and October 2022, saw over 40 million voter records compromised.
Deputy Prime Minister Oliver Dowden is slated to address Parliament, officially attributing the cyber-attack to China. This announcement follows a parallel statement by the United States government confirming China’s responsibility for the hacking incident.
In a surprising turn, China, under the leadership of Xi Jinping, has announced plans to restrict the use of American technology. This includes imposing a ban on Intel and AMD processors due to alleged concerns of espionage, with suspicions of data being shared with the Pentagon. Additionally, China plans to phase out the use of Windows operating systems on government servers, citing the availability of alternative solutions within the country.
Despite facing international sanctions and geopolitical tensions, both China and Russia continue their aggressive cyber activities. These actions, which involve planting malware and disrupting online services in Western countries, serve to sow political and economic discord.
The persistent cyber threats from these nations pose significant challenges for Western nations, as they strive to navigate a landscape marked by digital aggression and power struggles on the global stage.
The post Over 40m UK voters personal data breached in hack by China appeared first on Cybersecurity Insiders.
There's a Bing ding dong, after Microsoft (over?) enthusiastically encourages Chrome users to stop using Google, and silence hits the British Library as it shares its story of a ransomware attack.
All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Plus: Don't miss our featured interview with Kolide founder Jason Meller about his firm's acquisition by 1Password.