Security News

Web hosting services provider GoDaddy on Friday disclosed a multi-year security breach that enabled unknown threat actors to install malware and siphon source code related to some of its services. GoDaddy said in December 2022, it received an unspecified number of customer complaints about their websites getting sporadically redirected to malicious sites, which it later found was due to the unauthorized third party gaining access to servers hosted in its cPanel environment.

The FBI claims it has dealt with a cybersecurity "Incident" that reportedly involved computer systems being used to investigate child sexual exploitation. "The FBI is aware of the incident and is working to gain additional information," a spokesperson said in a statement to The Register.

Web hosting giant GoDaddy says unknown attackers have stolen source code and installed malware on its servers after breaching its cPanel shared hosting environment. While GoDaddy discovered the security breach in early December 2022 following customer reports that their sites were being used to redirect to random domains, the attackers had access to the company's network for multiple years.

DOUG. Patching bugs, hacking Reddit, and the early days of computing. Like in the LastPass breach and the recent GitHub breach, source code got stolen, along with a bit of other stuff.

A hacker is using fake code-signing certificates impersonating cybersecurity firm Emsisoft to target customers using its security products, hoping to bypass their defenses. In a new security advisory, Emsisoft warned that one of its customers was targeted by hackers using an executable signed by a spoofed Emsisoft certificate.

The healthcare provider giant said on Monday that Fortra issued an alert saying that it had "Experienced a security incident" leading to some CHS data being compromised. A subsequent investigation revealed that the resulting data breach affected the personal and health information of up to 1 million patients.

Pepsi Bottling Ventures LLC suffered a data breach caused by a network intrusion that resulted in the installation of information-stealing malware and the extraction of data from its IT systems.Pepsi Bottling Ventures is the largest bottler of Pepsi-Cola beverages in the United States, responsible for manufacturing, selling, and distributing popular consumer brands.

The California-based networking hardware manufacturer 'A10 Networks' has confirmed to BleepingComputer that the Play ransomware gang briefly gained access to its IT infrastructure and compromised data.A10 Networks specializes in the manufacturing of software and hardware application delivery controllers, identity management solutions, and bandwidth management appliances, while it also offers firewall and DDoS threat intelligence and mitigation services.

Multiple medical groups in the Heritage Provider Network in California have suffered a ransomware attack, exposing sensitive patient information to cybercriminals. The entities collectively issued a notice of data breach at the start of the month and shared a sample letter with the California Attorney General's office earlier this week.

Popular social news website and forum Reddit has been breached and the attacker "Gained access to some internal docs, code, as well as some internal dashboards and business systems," but apparently not to primary production systems and user data."Exposure included limited contact information for company contacts and employees, as well as limited advertiser information. Based on several days of initial investigation by security, engineering, and data science, we have no evidence to suggest that any of your non-public data has been accessed, or that Reddit's information has been published or distributed online," said Reddit CTO Christopher Slowe, who goes online by the handle "KeyserSosa".