Security News

Over the next few weeks, Nissan Oceania will make contact with around 100,000 people in Australia and New Zealand whose data was pilfered in a December 2023 attack on its systems - perhaps by the Akira ransomware gang.Some of those affected by the breach were customers of finance services that Nissan operated and branded for rival automakers Mitsubishi, Renault, Infiniti, LDV, and RAM. "We know this will be difficult news for people to receive, and we sincerely apologize to our community for any concerns or distress it may cause," Nissan said in a statement posted to its website.

The Kremlin has accused the United States of meddling in Russia's upcoming presidential election, and even accused Uncle Sam of planning a cyberattack on the country's online voting system. Putin, who controls the SVR and the election process, will undoubtedly win the vote.

Security researchers have created a knowledge base repository for attack and defense techniques based on improperly setting up Microsoft's Configuration Manager, which could allow an attacker to execute payloads or become a domain controller. At the SO-CON security conference today, SpecterOps researchers Chris Thompson and Duane Michael announced the release of Misconfiguration Manager, a repository with attacks based on faulty MCM configurations that also provides resources for defenders to harden their security stance.

The Financial Transactions and Reports Analysis Centre of Canada has announced that a "Cyber incident" forced it to take its corporate systems offline as a precaution. FINTRAC is a government agency in Canada that operates as the country's financial intelligence unit.

Outsourcing giant Capita today reported a net loss of £106.6 million for calendar 2023, with the costly cyberattack by criminals making a hefty dent in its annual financials.As a result, newly minted Capita CEO Adolfo Hernandez announced further cost cuts for the coming year that aim to save the business an additional £100 million by mid-2025.

As part of the attack, threat actors used QEMU to create virtual network interfaces and a socket-type network device to connect to a remote server. QEMU offers unique capabilities such as emulating a wide range of hardware and virtual networks, allowing malicious activities to blend in with benign virtualization traffic, and bridging segmented network parts through strategically set up VM pivot points.

The ALPHV/BlackCat ransomware group has claimed responsibility for the cyberattack that targeted Optum, a subsidiary of UnitedHealth Group, causing disruption to the Change Healthcare platform and affecting pharmacy transactions across the US. ALPHV/BlackCat is back. 3000+ source code files for Change Healthcare solutions.

Pharmaceutical giant Cencora says they suffered a cyberattack where threat actors stole data from corporate IT systems.Cencora, previously known as AmerisourceBergen, specializes in pharmaceutical services, providing drug distribution and solutions for doctor's offices, pharmacies, and animal healthcare.

The ALPHV/BlackCat ransomware gang is reportedly responsible for the massive Change Healthcare cyberattack that has disrupted pharmacies across the US since last week. The Register has not independently confirmed that ALPHV was involved in the intrusion.

Steel giant ThyssenKrupp confirms that hackers breached systems in its Automotive division last week, forcing them to shut down IT systems as part of its response and containment effort. ThyssenKrupp AG is one of the world's largest steel producers, employing over 100,000 personnel and having an annual revenue of over $44.4 billion.