Security News

The restaurant chain reportedly said no U.S. customer data was exposed and the attack did not involve ransomware. McDonald's is the latest company to fall victim to a cyberattack exposing customer and other data in the U.S., Taiwan and China, The Wall Street Journal has reported.

A subcontractor for the U.S. Department of Energy that works on nuclear weapons with the National Nuclear Security Administration, last month was hit by a cyberattack that experts say came from the relentless REvil ransomware-as-a-service gang. As Javers noted, "We don't know everything this small company does," but he posted a sample job posting that indicates that it handles nuclear weapons issues: "Senior Nuclear Weapon System Subject Matter. Expert with more than 20 years of experience with nuclear weapons like the W80-4." The W80 is a type of nuclear warhead carried on air-launched cruise missiles.

The White House dropped Trump-era executive orders intended to ban the popular apps TikTok and WeChat and will conduct its own review aimed at identifying national security risks with software applications tied to China, officials said Wednesday. In revoking some of President Donald Trump's blanket-style orders against Chinese tech companies and replacing them with a narrower approach, the Biden administration has not actually weighed in yet on whether TikTok and other apps pose a danger to Americans.

FINRA, the U.S. securities industry regulator, has warned brokerage firms of an ongoing phishing campaign threatening recipients with penalties unless they provide the information requested by the attackers. Org domain used in these ongoing phishing attacks was registered on June 7 using the Hosting Concepts B.V. domain registrar.

Biden's plan is a good first step but is missing a critical component: secure hardware. The government plan is conspicuously silent on that aspect of the cybersecurity threat, which is particularly ironic given the emphasis recently on investing more in American hardware initiatives.

US House Rep Mo Brooks seemingly revealed his Gmail password and a PIN in a Sunday rage tweet about a lawsuit regarding the January 6 insurrection attempt. Brooks, who sits on the House's Cyber, Innovative Technologies, and Information Systems subcommittee, and the Science, Space, and Technology committee, tweeted a photo from an iPad of his Windows computer, attached to which was a piece of paper with login credentials written on it.

The Justice Department has recovered most of a multimillion-dollar ransom payment made to hackers after a cyberattack that caused the operator of the nation's largest fuel pipeline to halt its operations last month, officials said Monday. The operation to seize cryptocurrency paid to the Russia-based hacker group is the first of its kind to be undertaken by a specialized ransomware task force created by the Biden administration Justice Department.

The US Department of Justice has recovered the majority of the $4.4 million ransom payment paid by Colonial Pipeline to the DarkSide ransomware operation. On May 7th, Colonial Pipeline suffered a DarkSide ransomware attack that forced them to shut down their fuel pipeline operation.

Navistar International Corporation, a US-based maker of trucks and military vehicles, says that unknown attackers have stolen data from its network following a cybersecurity incident discovered on May 20, 2021. "Upon learning of the cybersecurity threat, the Company launched an investigation and undertook immediate action in accordance with its cybersecurity response plan, including employing containment protocols to mitigate the impact of the potential threat, engaging internal and third-party information technology security and forensics experts to assess any impact on the Company's IT System, and utilizing additional security measures to help safeguard the integrity of its IT System's infrastructure and data contained therein," Navistar said.

A Latvian woman has been charged with developing malicious software used by a cybercrime organization that infected computers worldwide and looted bank accounts of millions of dollars, the Justice Department said Friday. Alla Witte is charged as part of a 47-count indictment with participating in an organization known as the Trickbot Group, which authorities say operated in Russia and several other countries.