Alexander Martin reports: Two suspected members of the Scattered Spider cybercrime collective have been arrested and charged in the United Kingdom following an investigation into the hack of Transport for London (TfL) last year. The National Crime Agency (NCA) announced on Thursday that Thalha Jubair, 19, from East London, and Owen Flowers, 18, from Walsall,…
Author: Dissent
Survival Flight reports second cybersecurity incident in less than a year (1)
Survival Flight is an Arizona-headquartered firm that provides ground and air emergency medical transportation services. On August 12, they issued a substitute notice saying that on July 17, they had discovered a cybersecurity incident affecting its IT systems. In their substitute notice, which has not been updated as of this publication, they wrote: The investigation…
Microsoft seizes 338 websites to disrupt rapidly growing ‘RaccoonO365’ phishing service
Giles Bruce reports: Microsoft has seized 338 phishing websites associated with a cybercrime service that targeted at least 20 U.S. healthcare organizations. Using a court order granted by the U.S. District Court for the Southern District of New York, the tech giant’s Digital Crimes Unit disrupted RaccoonO365, which offers subscription-based phishing kits allowing novices to mimic official…
KR: Lotte Card hack exposes data of 3 million users
Choi Ji-won reports: Lotte Card said a hacking attack compromised the personal data of 2.97 million users, marking the biggest data breach this year. CEO Cho Jwa-jin on Thursday disclosed the findings of a probe by the Financial Supervisory Service and Financial Security Institute, in the first public announcement since regulators began investigating on Sept….
JLR ‘cyber shockwave ripping through UK industry’ as supplier share price plummets by 55%
Alexander Martin reports: Shares in a British automaker supplier plummeted 55% Wednesday as it warned that a cyberattack on Jaguar Land Rover (JLR) was impacting its business, adding to concerns that the incident is sending a “shockwave” through the country’s industrial sector, according to a senior politician. Shares in Autins, a company providing specialist insulation…
ShinyHunters claims 1.5 billion Salesforce records stolen in Drift hacks
Lawrence Abrams reports: The ShinyHunters extortion group claims to have stolen over 1.5 billion Salesforce records from 760 companies using compromised Salesloft Drift OAuth tokens. For the past year, the threat actors have been targeting Salesforce customers in data theft attacks using social engineering and malicious OAuth applications to breach Salesforce instances and download data. The stolen data…