Security News

Coinbase cryptocurrency exchange platform has disclosed that an unknown threat actor stole the login credentials of one of its employees in an attempt to gain remote access to the company's systems. As a result of the intrusion the attacker obtained some contact information belonging to multiple Coinbase employees, the company said, adding that customer funds and data remained unaffected.

Scandinavian Airlines has posted a notice warning passengers that a recent multi-hour outage of its website and mobile app was caused by a cyberattack that also exposed customer data. The cyberattack caused some form of a malfunction on the airline's online system, causing passenger data to become visible to other passengers.

Indigo Books & Music, the largest bookstore chain in Canada, has been struck by a cyberattack yesterday, causing the company to make the website unavailable to customers and to only accept cash payments.The exact nature of the incident remains unclear but Indigo is not ruling out that hackers may have stolen customer data.

The participants were asked about attacks targeting the financial and accounting data of their organizations. Looking ahead, almost half of the executives polled expect both the volume and size of cyberattacks targeting this type of data to increase in the coming year.

The LockBit ransomware operation has claimed the cyberattack on UK's leading mail delivery service Royal Mail that forced the company to halt its international shipping services due to "Severe service disruption." This comes after LockBitSupport, the ransomware gang public-facing representative, previously told BleepingComputer that the LockBit cybercrime group did not attack Royal Mail.

Tallahassee Memorial HealthCare has taken its IT systems offline and suspended non-emergency procedures following a late Thursday cyberattack. TMH is a private and not-for-profit healthcare system that serves a 21-county region in North Florida and South Georgia through acute care and psychiatric hospitals, multiple specialty care centers, and 38 affiliated physician practices.

A new attack campaign has targeted the gaming and gambling sectors since at least September 2022, just months prior to the ICE London 2023 gaming industry trade fair event that's scheduled next week. The attack sequence proceeds as follows: The threat actor poses as a customer while initiating a conversation with a support agent of a gaming website and urges the individual on the other end to open a screenshot image hosted on Dropbox.

A North Korean nation-state group notorious for crypto heists has been attributed to a new wave of malicious email attacks as part of a "Sprawling" credential harvesting activity targeting a number of industry verticals, marking a significant shift in its strategy. The state-aligned threat actor is being tracked by Proofpoint under the name TA444, and by the larger cybersecurity community as APT38, BlueNoroff, Copernicium, and Stardust Chollima.

The Russian state-sponsored cyber espionage group known as Gamaredon has continued its digital onslaught against Ukraine, with recent attacks leveraging the popular messaging app Telegram to strike military and law enforcement sectors in the country. "The Gamaredon group's network infrastructure relies on multi-stage Telegram accounts for victim profiling and confirmation of geographic location, and then finally leads the victim to the next stage server for the final payload," the BlackBerry Research and Intelligence Team said in a report shared with The Hacker News.

A cyberattack on Royal Mail, UK's largest mail delivery service, has been linked to the LockBit ransomware operation. "Royal Mail is experiencing severe service disruption to our international export services following a cyber incident," disclosed Royal Mail in a service update.