Security News

Toyota Financial Services has confirmed that it detected unauthorized access on some of its systems in Europe and Africa after Medusa ransomware claimed an attack on the company. Toyota Financial Services, a subsidiary of Toyota Motor Corporation, is a global entity with a presence in 90% of the markets where Toyota sells its cars, providing auto financing to its customers.

The LockBit ransomware gang published data stolen from Boeing, one of the largest aerospace companies that services commercial airplanes and defense systems. LockBit hackers said that Boeing ignored warnings that data would become publicly available and threatened to publish a sample of about 4GB of the most recent files.

In the active Elektra-Leak campaign, attackers hunt for Amazon IAM credentials within public GitHub repositories before using them for cryptomining. New research from Palo Alto Networks's Unit 42 exposes an active attack campaign in which a threat actor hunts for Amazon IAM credentials in real time in GitHub repositories and starts using them less than five minutes later.

Ransomware crooks claim they've stolen data from a firm that helps other organizations run medical trials after one of its executives had their cellphone number and accounts hijacked. The Register understands one or more people close to or affiliated with the notorious Alphv, aka BlackCat, extortion gang managed to get into a work account of an exec at Advarra and may have copied out at least some information from the business.

A new ongoing campaign dubbed EleKtra-Leak has set its eyes on exposed Amazon Web Service (AWS) identity and access management (IAM) credentials within public GitHub repositories to facilitate...

Microsoft has released the optional KB5031445 Preview cumulative update for Windows 10 22H2 with nine improvements or fixes, including a fix for a memory leak in ctfmon. The KB5031445 cumulative update preview is part of Microsoft's "Optional non-security preview updates" schedule, which are typically released on the fourth Tuesday of every month.

After its alleged attack on a US surgeon's clinic, the group appears to be using a particularly aggressive tactic to speed up ransom negotiations that will likely be perceived as crossing a moral line, even for cybercriminals. According to the group's leak site, it's preparing to send bulk emails to the clinic's patients as another fear tactic designed to hasten proceedings.

A hacker has leaked an additional 4.1 million stolen 23andMe genetic data profiles for people in Great Britain and Germany on a hacking forum.23andMe told BleepingComputer that this data was obtained through credential stuffing attacks on accounts using weak passwords or credentials exposed in other data breaches.

Genetic testing provider 23andMe faces multiple class action lawsuits in the U.S. following a large-scale data breach that is believed to have impacted millions of its customers.Late last month, a threat actor leaked 23andMe customer data in a CSV file named 'Ashkenazi DNA Data of Celebrities.

Lyca Mobile has released a statement about an unexpected disruption on its network caused by a cyberattack that may have also compromised customer data.In response to the situation and to determine the impact on customer data, Lyca Mobile says it has launched an urgent investigation that involves third-party IT experts.