An urgent investigation unfolds as a ransomware attack targets a data management company in Northern Ireland, entrusted with protecting the sensitive data of various charities and non-profits, among which are organizations assisting sexual assault survivors. Talking about ransomware attacks, a U.S. payments giant suffered one too – affecting hospitality customers. The Anonymous Sudan gang is back at it; this time the victims are Israeli bank websites and postal service. Here’s what you need to know from the weekend.
A ransomware attack on data management firm Evida impacted Irish charities, including the One in Four charity and 1,000 individuals linked to it, and nonprofits.
U.S. payments company NCR confirmed a ransomware attack, over the weekend, that impacted its Aloha POS applications for a subset of its hospitality customers.
Chinese nation-state group APT41 targeted an unnamed Taiwanese media firm to deploy Google Command and Control (GC2), an open-source red teaming tool – revealed Google’s TAG.
Dimas Volvo, Volvo’s Brazilian retailer, was found leaking sensitive data—MySQL and Redis database hosts, open ports, credentials, and the website’s Laravel app key—for almost a year.
Uptycs found a new credential stealer, named Zaraza bot, being advertised on Telegram and simultaneously using the messaging service as C2 server. It can target 38 web browsers.
German arms manufacturer Rheinmetall suffered a cyberattack on its business division dealing with industrial customers in the automotive sector.
The Anonymous Sudan threat group claimed credit for a DDoS attack on the Israeli postal system and bank websites during Iran’s Quds Day, resulting in a temporary service outage.
A new report by the Australian Competition and Consumer Commission revealed that Australians lost over $3.1 billion to scams, in 2022 – a whopping rise from $2 billion in 2021.
A security researcher from The DFIR Report warned against hackers abusing the Action1 remote access software to achieve persistence on infected networks and execute commands, binaries, and scripts.
Boston-based Mobb raised a $5.4 million seed funding for an automatic vulnerability-fixing tool. The round was led by Ariel Maislos.