Security News

A well-tuned data breach playbook can provide security teams with a clear roadmap for working through the breach response process. Building a playbook means mapping practical data breach scenarios around product security, infrastructure, corporate security, social engineering, vendor supply chain risk, and more.

Cybersecurity firm Darktrace says it found no evidence that the LockBit ransomware gang breached its network after the group added an entry to their dark web leak platform, implying that they stole data from the company's systems. Hours after the gang claimed DarkTrace as a victim on their data leak site, the company conducted an investigation and found no evidence of a breach of their systems.

Open source media player software provider Kodi has confirmed a data breach after threat actors stole the company's MyBB forum database containing user data and private messages.What's more, the unknown threat actors attempted to sell the data dump comprising 400,635 Kodi users on the now-defunct BreachForums cybercrime marketplace.

Hyundai has disclosed a data breach impacting Italian and French car owners and those who booked a test drive, warning that hackers gained access to personal data.Hyundai is a multinational automotive manufacturer selling over half a million vehicles per year in Europe, with a market share of roughly 3% in France and Italy.

3CX has released an interim report about Mandiant's findings related to the compromise the company suffered last month, which resulted in a supply chain attack targeting cryptocurrency companies. The attackers infected targeted 3CX systems with TAXHAUL malware, which decrypts and executes shellcode containee in a file with a name and location aimed to make it to blend into standard Windows installations.

The developers of Kodi, the widely used open-source media player app, have revealed a data breach of its user forum. Instead, an unknown attacker used the account of a legitimate but inactive member of the forum admin team to access the MyBB admin console on two occasions: February 16 and 21, 2023.

Rogue firmware could, in theory, be used to spy on almost everything you do on your computer, acting as a super-low-level rootkit, the jargon term for malware that exists primarily to protect and hide other malware. These days, rogue firmware downloads are generally easier to spot than they were in the past, given that they are usually digitally signed by the official vendor.

The Kodi Foundation has disclosed a data breach after hackers stole the organization's MyBB forum database containing user data and private messages and attempted to sell it online. The now-shut down Kodi forum has roughly 401,000 members who used it to discuss media streaming, exchange tips, offer support, share new add-ons, and more in 3 million posts.

Yum! Brands, the brand owner of the KFC, Pizza Hut, and Taco Bell fast food chains, is now sending data breach notification letters to an undisclosed number of individuals whose personal information was stolen in a January 13 ransomware attack.In the breach notification letters sent to affected people starting Thursday, Yum! Brands revealed that it has now found out the attackers stole some individuals' personal information, including names, driver's license numbers, and other ID card numbers.

Following reports of a ransomware attack, Taiwanese PC vendor MSI confirmed today that its network was breached in a cyberattack. In a Friday filing with Taiwan's Stock Exchange, first spotted by PCMag, MSI revealed that some of its information service systems had been affected by a cyberattack reported to the relevant authorities.