Security News

Roblox vendor data breach exposes dev conference attendee info
2024-07-08 13:56

Roblox announced late last week that it suffered a data breach impacting attendees of the 2022, 2023, and 2024 Roblox Developer Conference attendees. [...]

South Korean ERP Vendor's Server Hacked to Spread Xctdoor Malware
2024-07-03 03:33

An unnamed South Korean enterprise resource planning (ERP) vendor's product update server has been found to be compromised to deliver a Go-based backdoor dubbed Xctdoor. The AhnLab Security...

Baddies hijack Korean ERP vendor's update systems to spew malware
2024-07-02 05:31

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

T-Mobile denies it was hacked, links leaked data to vendor breach
2024-06-20 00:43

IntelBroker describes the data they're selling as "Source code, SQL files, Images, Terraform data, t-mobile.com certifications, Siloprograms." Recently, IntelBroker has been rapidly releasing new data breaches, and if they all used this cloud provider, it could explain where all the data is coming from.

Crooks crack customer info at tracking device vendor Tile, issue 'extortion' demands
2024-06-13 01:15

Advertising presented to you on this service can be based on limited data, such as the website or app you are using, your non-precise location, your device type or which content you are interacting with. Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests.

Third-party vendors pose serious cybersecurity threat to national security
2024-06-04 04:00

In this Help Net Security video, Paul Prudhomme, Principal Security Analyst at SecurityScorecard, discusses the findings of the 2024 Redefining Resilience: Concentrated Cyber Risk in a Global...

Compromised courtroom recording software was served from vendor’s official site
2024-05-23 14:54

Legitimate recording software JAVS Viewer has been saddled with loader malware and has been served from the developer's site since at least April 2, a threat researcher has warned last month. The downloaded malicious installer - JAVS Viewer Setup 8.3.7.250-1.exe, signed by an Authenticode certificate issued to "Vanguard Tech Limited", and downloaded from the official JAVS site on March 5th - contains and executes a binary named fffmpeg.

Global taxi software vendor exposes details of nearly 300K across UK and Ireland
2024-04-11 09:30

Exclusive Taxi software biz iCabbi recently fixed an issue that exposed the personal information of nearly 300,000 individuals via an unprotected database. According to research shared with The Register ahead of publication, the details of individuals with senior roles in media outlets such as the BBC and various government departments such as His Majesty's Treasury, the UK Home Office, and the Ministry of Justice were included.

Google: Spyware vendors behind 50% of zero-days exploited in 2023
2024-03-27 13:00

Google's Threat Analysis Group and Google subsidiary Mandiant said they've observed a significant increase in the number of zero-day vulnerabilities exploited in attacks in 2023, many of them linked to spyware vendors and their clients. Among these, the FIN11 threat group exploited three separate zero-day vulnerabilities, while at least four ransomware groups exploited another four zero-days.

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl
2024-03-21 11:30

In today's digital-first business environment dominated by SaaS applications, organizations increasingly depend on third-party vendors for essential cloud services and software solutions. As more...