Security News

Time-triggered Ethernet is used in spacecraft, basically to use the same hardware to process traffic with different timing and criticality. On Tuesday, researchers published findings that, for the first time, break TTE's isolation guarantees.

Australian health insurer Medibank today confirmed that personal data belonging to around 9.7 million of its current and former customers were accessed following a ransomware incident. "This figure represents around 5.1 million Medibank customers, around 2.8 million ahm customers, and around 1.8 million international customers," Medibank noted.

Communication services provider Twilio this week disclosed that it experienced another "Brief security incident" in June 2022 perpetrated by the same threat actor behind the August hack that resulted in unauthorized access of customer information. "In the June incident, a Twilio employee was socially engineered through voice phishing to provide their credentials, and the malicious actor was able to access customer contact information for a limited number of customers," Twilio said.

Cloud communications company Twilio disclosed a new data breach stemming from a June 2022 security incident where the same attackers behind the August hack accessed some customers' information. The attacker used social engineering to trick an employee into handing over their credentials in a voice phishing attack.

The Iranian Atomic Energy Organization has confirmed that one of its subsidiaries' email servers was hacked after the ''Black Reward' hacking group published stolen data online.AEOI says an unauthorized party from a specific foreign country, which is not named, stole emails from the hacked server, which consisted of daily correspondence and technical memos.

You paste the hexadecimal code from the BTC transaction into the ransomware "Login page", and the process fires up a decryption program left behind by the crooks that unscrambles all your data. Loosely speaking, once Bitcoin miners see that a not-yet-processed transaction involves funds that someone else has already "Mined", they simply stop working on the unfinished transaction, on the grounds that it's now worthless to them.

Medibank, Australia's largest private health provider, has confirmed that last week's "Cyber incident" has resulted in a data breach. Medibank Group took action: they engaged cyber security firms and began "Isolating and removing access to some customer-facing systems to reduce the likelihood of damage to systems or data loss."

Europol this week said it has arrested 31 people in a crackdown on a car-theft ring that developed and used a technique to steal keyless vehicles. The thieves were apparently able to update or manipulate the cars' software so that the doors could be opened and engine started without needing the owner's wireless keyfob.

The leaked emails, according to Solomon's lawsuit, "Presented suggestive language creating a wrongful appearance of alleged improper, unethical and/or fraudulent dealings between Mr Solomon and Mr Azima that never occurred." For one, Georgia ceased its visa-free policy for Iranian nationals in July that year, and froze 150 Iranian bank accounts in the country, Solomon's complaint stated.

Uber's security compromise earlier this month is an unfortunate result of concerns left over from an attack the company sustained in 2016 when a pair of hackers outside of Uber accessed user data that was stored on a 3rd-party server. While MFA can guard against attacks using stolen credentials, that doesn't protect against what could happen if a hacker has credentials and uses them for a more advanced attack.