WestJet says some passengers’ personal information stolen in cyberattack

WestJet says some personal data including information about travel documents such as passports was stolen in a cyberattack earlier this year, but credit and debit card numbers as well as user passwords were not compromised. In a note to customers, Read More …

From ClickFix to Command: A Full PowerShell Attack Chain

The FortiMail Workspace Security team recently identified a targeted intrusion campaign impacting multiple Israeli organizations. The adversary leveraged compromised internal email infrastructure to distribute phishing messages across the regional business landscape. These emails initiated a multi-stage, PowerShell-based infection chain that Read More …

University of Western Australia suffers major data breach, staff and students locked out

One of Australia’s major universities has suffered a data breach, with the password information of thousands of staff and students exposed. The University of WA (UWA) confirmed it was investigating a cybersecurity incident on Saturday night, which involved unauthorised access Read More …

Security flaws in a carmaker’s web portal let one hacker remotely unlock cars from anywhere

A security researcher said flaws in a carmaker’s online dealership portal exposed the private information and vehicle data of its customers, and could have allowed hackers to remotely break into any of its customers’ vehicles. Eaton Zveare, who works as Read More …

Massive leak of over 115 million US payment cards caused by Chinese “smishing” hackers

A wave of advanced phishing campaigns, traced to Chinese-speaking cybercriminal syndicates, may have compromised up to 115 million US payment cards in just over a year, experts have warned. Researchers at SecAlliance revealed these operations represent a growing convergence of Read More …

Bouygues Telecom data breach could affect millions of customers

French telco giatn Bouygues Telecom has confirmed suffering a cyberattack in which it lost sensitive customer data. In a short announcement published on its website, the company said it detected the attack on August 4, and following an investigation, determined Read More …

Google says UNC6040 hackers stole some of its data following Salesforce breach

Cybercriminals known as ShinyHunters (UNC6040) recently broke into Google and stole business customer information from one of its corporate Salesforce instances, the company has confirmed. In a blog post breaking down ShinyHunters’ modus operandi, the company somewhat played down the Read More …

An Earth-Shattering Kaboom: Bringing a Physical ICS Penetration Testing Environment to Life

Whether it’s in the water we drink, the medicines we take, or the electricity we use to read blog posts on the internet, Industrial Control Systems (ICS) are part of our daily lives. There’s so much that relies on these Read More …

Taiwan arrests 6 in probe of TSMC chip technology leak

Taiwan prosecutors arrested six people suspected of stealing trade secrets from Taiwan Semiconductor Manufacturing Co (TSMC), opening an investigation into a potential breach of national security involving a global tech industry linchpin. The chipmaker to Nvidia reported a number of Read More …

Hacker used a voice phishing attack to steal Cisco customers’ personal information

A cybercriminal tricked a Cisco representative into granting them access to steal the personal information of Cisco.com users, the company said on Tuesday. Cisco said it discovered the breach on July 24, blaming the incident on a voice phishing or Read More …