Security News
Although Wiseasy might not be well known in North America, their Android-based payment terminals are widely used in the Asia Pacific region and hackers managed to steal passwords for 140,000 payment terminals. Top Lessons Learned from the Wiseasy Hack 1 - Transparency isn't always the best policy.
The U.S. Cybersecurity and Infrastructure Security Agency on Tuesday released an industrial control systems advisory warning of seven security flaws in Dataprobe's iBoot-PDU power distribution unit product, mostly used in industrial environments and data centers. "Successful exploitation of these vulnerabilities could lead to unauthenticated remote code execution on the Dataprobe iBoot-PDU device," the agency said in a notice.
Uber believes the hacker behind last week's breach is affiliated with the Lapsus$ extortion group, known for breaching other high-profile tech companies such as Microsoft, Cisco, NVIDIA, Samsung, and Okta. The company added that the attacker used the stolen credentials of an Uber EXT contractor in an MFA fatigue attack where the contractor was flooded with two-factor authentication login requests until one of them was accepted.
"We immediately identified and isolated the attack to effectively limit its impact and have contacted those customers affected. Customers who have not received an email have not been impacted" - Revolut. According to the breach disclosure to the State Data Protection Inspectorate in Lithuania, where Revolut has a banking license, 50,150 customers have been impacted.
"Its possible i could leak more data soon, GTA 5 and 6 source code and assets, GTA 6 testing build," added the individual, who goes by the handle "Teapotuberhacker" on GTAForums. Rockstar Games has yet to comment on any of the claims, but is working on getting the leaked videos removed from YouTube.
Grand Theft Auto 6 gameplay videos and source code have been leaked after a hacker allegedly breached Rockstar Game's Slack server and Confluence wiki.Some of the videos contain voiced conversations between the protagonist and other NPCs. The hacker claims to have stolen "GTA 5 and 6 source code and assets, GTA 6 testing build," but is trying to extort Rockstar Games to prevent further data from being released.
Apple has released security updates to address the eighth zero-day vulnerability used in attacks against iPhones and Macs since the start of the year. In security advisories issued on Monday, Apple revealed they're aware of reports saying this security flaw "May have been actively exploited."
TikTok denies recent claims it was breached, and source code and user data were stolen, telling BleepingComputer that data posted to a hacking forum is "Completely unrelated" to the company. The user shared screenshots of an alleged database belonging to the companies, which they say was accessed on an Alibaba cloud instance containing data for both TikTok and WeChat users.
Electronics giant Samsung has confirmed a new data breach today after some of its U.S. systems were hacked to steal customer data. Samsung later discovered on August 4 that customer personal information was accessed and exfiltrated out of its network.
The attack infrastructure used to target Cisco in the May 2022 incident was also employed against an attempted compromise of an unnamed workforce management solutions holding company a month earlier in April 2022. Initial access to the company's IT network was made possible by using stolen Virtual Private Network credentials, followed by leveraging off-the-shelf tools for lateral movement and gaining deeper access into the victim's environment.