Thousands of Avis car rental customers had personal data stolen in cyberattack

Car rental giant Avis is notifying hundreds of thousands of people that their personal information and driver’s license numbers were stolen in an August cyberattack. The New Jersey-headquartered company said in a data breach notice filed with several U.S. attorneys Read More …

Loki: a new private agent for the popular Mythic framework

In July 2024, Kaspersky researchers discovered the previously unknown Loki backdoor, which was used in a series of targeted attacks. By analyzing the malicious file and open sources, we determined that Loki is a private version of an agent for the Read More …

Disneyland, Disney Cruise guests and employees personal info leaked

Over the summer, Disney’s internal communications channels suffered a data breach. We now know that as a result of this breach, guests and employees were affected, with personal information being stolen by hackers. Earlier this summer, a hacker group called Read More …

Chinese APT Abuses VSCode to Target Government in Asia

Unit 42 researchers recently found that Stately Taurus abused the popular Visual Studio Code software in espionage operations targeting government entities in Southeast Asia. Stately Taurus is a Chinese advanced persistent threat (APT) group that carries out cyberespionage attacks. This Read More …

CVE-2024-23119: Critical SQL Injection Vulnerability in Centreon

The SonicWall Capture Labs threat research team became aware of the threat CVE-2024-23119, assessed its impact and developed mitigation measures for this vulnerability. CVE-2024-23119 is a high-severity SQL Injection vulnerability in Centreon, impacting Centreon Web versions prior to 22.10.17, 23.04.13, Read More …

US Department of Homeland Security looks to infosec testbed to help protect ports

The US Department of Homeland Security has outlined plans to enhance cyber security through the Maritime Transport System (MTS).The department’s aim is to protect the system and infrastructure used to ensure safe and free navigation of US waterways. Ports are Read More …

Russian Military Cyber Actors Target U.S. and Global Critical Infrastructure

The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) assess that cyber actors affiliated with the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155) are responsible for Read More …

Mallox ransomware: in-depth analysis and evolution

Mallox is a sophisticated and dangerous family of malicious software that has been causing significant damage to organizations worldwide. In 2023, this ransomware strain demonstrated an uptick in attacks, the overall number of discovered Mallox samples exceeding 700. In the Read More …

Planned Parenthood confirms cyber-attack as RansomHub threatens to leak data

Planned Parenthood of Montana’s chief exec says the org is responding to a cyber-attack on its systems, and has drafted in federal law enforcement and infosec professionals to help investigate and rebuild its IT environment. This comes as ransomware crew Read More …