Security News

Hackers have compromised an email marketing account belonging to the Chipotle food chain and used it to send out phishing emails, luring recipients to malicious links. The campaign sent out in three days at least 120 malicious emails from a hacked Mailgun account used by Chipotle for email marketing purposes.

The French National Agency for the Security of Information Systems on Wednesday issued an alert to warn organizations that a threat group tracked as APT31 has been abusing compromised routers in its recent attacks. The agency has shared indicators of compromise to help organizations detect potential attacks.

The U.S. Cybersecurity and Infrastructure Security Agency released an alert today about more than a dozen malware samples found on exploited Pulse Secure devices that are largely undetected by antivirus products. Today, CISA published analysis reports for 13 malware pieces, some of them comprised of multiple files, found on compromised Pulse Secure devices.

NSO Group, the Israeli cyberweapons arms manufacturer behind the Pegasus spyware - used by authoritarian regimes around the world to spy on dissidents, journalists, human rights workers, and others - was hacked. Most interesting is a list of over 50,000 phone numbers that were being spied on by NSO Group's software.

Human rights non-governmental organization Amnesty International and non-profit project Forbidden Stories revealed in a recent report that they found spyware made by Israeli surveillance firm NSO Group deployed on iPhones running Apple's latest iOS release, hacked using zero-day zero-click iMessage exploits. Citizen Lab was able to independently observe NSO Pegasus spyware deployed on an iPhone 12 Pro Max running iOS 14.6, hacked via a zero-day zero-click iMessage exploit, which does not require interaction from the target.

Instagram earlier this week introduced a new "Security Checkup" feature that aims to keep accounts safe and help users-whose accounts may have been compromised-to recover them. In order to gain access to accounts, users will be prompted to perform a series of steps, which include checking recent login activity, reviewing profile information, and updating contact details such as phone numbers or email.

For 21 years, the software company Kaseya labored in relative obscurity - at least until cybercriminals exploited it in early July for a massive ransomware attack that snarled businesses around the world and escalated U.S.-Russia diplomatic tensions. A 2019 ransomware attack also rode into computers through another company's add-on software component to the Kaseya VSA, causing more limited damage than the recent attack.

Pro-Trump social media platform GETTR was targeted by hackers shortly after launch - accounts were apparently compromised and tens of thousands of users had their data scraped and leaked online. A Twitter-like platform, GETTR was launched on July 4 by Jason Miller, who served as a spokesperson for former U.S. President Donald Trump.

Gettr, a social media platform set up by allies of former President Donald Trump, was still wet and squirming when it got hacked - twice. Gettr - a Twitter-esque platform with posts and trending topics - was quietly launched on Thursday by Jason Miller, a senior adviser to Trump who's been teasing it for months.

Microsoft is updating Microsoft Defender for Identity to allow security operations teams to block attacks by locking a compromised user's Active Directory account. Microsoft Defender for Identity is a cloud security service that leverages on-premises Active Directory signals to detect and analyze advanced threats, compromised identities, and malicious insider activity targeting enrolled organizations.