Security News

Hackers compromised mobile-based Asian food delivery service Chowbus, stole customer data, and emailed victims a link pointing to the stolen data. Information in the CSV files included names, email addresses, phone numbers, addresses, rates, and addresses for the Chowbus partner restaurants.

Dubbed WarezThe Remote, the attack allowed taking over the remote and snooping on conversations from at least 65 feet, making possible a "Van parked outside" scenario. Unlike regular remotes that use infrared, Comcast's XR11 relies on radiofrequency to communicate with cable set-top boxes and comes with a built-in microphone to allow voice commands.

The hospital chain Universal Health Services said Thursday that computer services at all 250 of its U.S. facilities were hobbled in last weekend's malware attack and efforts to restore hospital networks were continuing. Doctors and nurses at affected hospitals and clinics, many already burdened with coronavirus care, have had to rely on manual record-keeping, with lab work slowed.

NFL and NBA athletes whose social-media accounts were taken over have been thrown the ball of justice. Federal prosecutors alleged that between December 2017 and April 2019, Washington and Magrehbi actively took part in illegal schemes to gain access to social media and other personal online accounts of the players.

A Russian hacker who was found guilty of hacking LinkedIn, Dropbox, and Formspring over eight years ago has finally been sentenced to 88 months in United States prison, that's more than seven years by a federal court in San Francisco this week. Yevgeniy Aleksandrovich Nikulin, 32, of Moscow hacked into servers belonging to three American social media firms, including LinkedIn, Dropbox, and now-defunct social-networking firm Formspring, and stole data on over 200 million users.

Threat actors are expected to spread false information regarding hacked voter information and voting systems, the Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency say in an alert. At the time, the agencies noted that disinformation campaigns might leverage websites, social media, and other venues to disseminate false information about voter suppression, cyber-attacks on election infrastructure, fraud, and other issues.

Infosec boffins at the University of Kent have developed a "Comprehensive playbook" for companies who, having suffered a computer security breach, want to know how to shrug off the public consequences and pretend everything's fine. In a new paper titled "A framework for effective corporate communication after cyber security incidents," Kent's Dr Jason Nurse, along with Richard Knight of the University of Warwick, devised a framework for companies figuring out how to publicly respond to data security breaches and similar incidents where servers are hacked and customer records end up in the hands of criminals.

German authorities said Thursday that what appears to have been a misdirected hacker attack caused the failure of IT systems at a major hospital in Duesseldorf, and a woman who needed urgent admission died after she had to be taken to another city for treatment. As a consequence, systems gradually crashed and the hospital wasn't able to access data; emergency patients were taken elsewhere and operations postponed.

Thousands of Magento-powered online stores have been hacked over the past few days as part of a skimming campaign that has been described as the "Largest ever." Sansec on Monday reported seeing nearly 2,000 Magento stores that have been compromised as part of this campaign since Friday - over 1,000 stores were hacked on Saturday, more than 600 on Sunday, and over 200 so far on Monday.

Virginia's largest school system has been hacked and the attackers are seeking a ransom payment to keep them from disclosing stolen personal information. The school system confirmed the hack and said it is investigating and working with law enforcement.