Category: News

American car rental giant Avis notified customers that unknown attackers breached one of its business applications last month and stole some of their personal information.

According to data breach notification letters sent to impacted customers on Wednesday and filed with California’s Office of the Attorney General, the company took action to stop the unauthorized access, launched an investigation with the help of external cybersecurity experts, and reported the incident to relevant authorities after learning of the breach on August 5.

Read Full Article

Industrial cybersecurity firm Dragos disclosed that ransomware attacks significantly rose in the second quarter, as hacker groups recalibrated adversarial strategies. These groups demonstrated significant adaptability by rebranding and adopting new tactics, suggesting they will continue refining their operations using sophisticated methods like zero-day vulnerabilities to enhance their attacks. Data also revealed that the quarter saw a significant rise in the frequency and severity of attacks, reflecting the evolving threat landscape and the persistent risk posed by ransomware groups.

Read Full Article

Thousands of Industrial Control Systems in the US and UK are vulnerable to cyberattacks, putting critical infrastructure like water systems at risk. A new report from Censys reveals the alarming number of exposed devices, highlighting the urgent need for improved cybersecurity measures.

Read Full Article:

A global outage of Microsoft services was started by a Distributed Denial-of-Service (DDoS) attack, the tech giant has revealed.

An error in Microsoft’s DDoS protection measures then amplified the impact of the attack rather than mitigating it, the firm admitted.

During this time customers reported issues with a range of Microsoft platforms, including Outlook, Azure and the video game Minecraft. Microsoft cloud systems Intune and Entura were also impacted.

Read Full Article

U.S. phone giant AT&T confirmed Friday it will begin notifying millions of consumers about a fresh data breach that allowed cybercriminals to steal the phone records of “nearly all” of its customers, a company spokesperson told TechCrunch.In a statement, AT&T said that the stolen data contains phone numbers of both cellular and landline customers, as well as AT&T records of calls and text messages — such as who contacted who by phone or text — during a six-month period between May 1, 2022 and October 31, 2022.

Read Full Article

The Pentagon remains sluggish in fielding innovative weapon systems even as security risks intensify, the Government Accountability Office said in its annual assessment of major arms programs released June 17. 

The congressional watchdog’s report examined 70 major weapon systems across the military services. GAO flags several hiccups in Space Force programs, including long-standing issues with the Global Positioning System’s ground control system and user equipment. 

Read Full Article

President Biden issued an executive order today aimed at fortifying America’s supply chains, with a particular emphasis on critical infrastructure (CI).

The order solidifies the establishment of a White House council specifically geared towards bolstering supply chain resilience. A key task for this council is conducting a thorough review of industries critical to national or economic security every four years.

The first report is due no later than Dec. 31.

Read Full Article

A threat actor known as ShinyHunters is selling what they claim is the personal and financial information of 560 million Ticketmaster customers on the recently revived BreachForums hacking forum for $500,000.

The allegedly stolen databases, which were first put up for sale on the Russian hacking forum Exploit, supposedly contain 1.3TB of data and the customers’ full details (i.e., names, home and email addresses, and phone numbers), as well as ticket sales, order, and event information.

Read Full Article

An attack on remote monitoring devices in Japan underscores an emerging cybersecurity threat to the rapidly growing solar component of the power grid. Inverters used with solar panels could pose a more significant risk. In what might be the first publicly confirmed cyberattack on the solar power grid infrastructure, Japanese media recently reported that malicious actors hijacked 800 SolarView Compact remote monitoring devices made by industrial control electronics manufacturer Contec at solar power generation facilities to engage in bank account thefts.

Read Full Article