Catalin Cimpanu reports: A little-known cybercrime group has been relentlessly targeting companies across several industry sectors, including aviation, defense, and transportation, since at least 2017, security firm Proofpoint said in a report published today. Tracked using the codename of TA2541, the group has been one of the most persistent threats in recent years, even if their attacks have…
Category: Business Sector
Metaverse-Like App Pauses User Registration Over Data Leak Claims
Luo Meihan reports: There are problems brewing in early metaverse applications on Chinese social platforms. Zheli, a top social app that is popular for its use of virtual characters, suspended new user registrations Sunday after being accused of violating user privacy and plagiarizing its virtual avatars’ clothing designs. However, its developers said the app was taken down to improve existing user…
Cydia Dev Discloses Ethereum L2 Bug — Optimism Attacker Could Have ‘Printed an Arbitrary Quantity of Tokens’
Jamie Redman reports: On February 10, the well-known developer of Cydia and iOS Jailbreak, Jay Freeman, otherwise known as Saurik, published a Twitter thread about a bug he found in the Layer-2 (L2) scaling protocol known as Optimism. According to Freeman, the vulnerability, which has been patched, could have allowed an attacker to create an…
San Francisco 49ers confirm ransomware attack
Catalin Cimpanu reports: The San Francisco 49ers NFL team has fallen victim to a ransomware attack that encrypted files on its corporate IT network, a spokesperson for the team has told The Record. The team confirmed the attack earlier today after the operators of the BlackByte ransomware listed the team as one of their victims on…
Croatian phone carrier A1 Hrvatska discloses data breach
Perlugi Paganini reports: Croatian phone carrier A1 Hrvatska has disclosed a data breach that has impacted 10% of its customers, roughly 200,000 people. Threat actors had access to sensitive personal information of the customers, including names, personal identification numbers, physical addresses, and telephone numbers. Threat actors did not access online accounts and financial information was…
Deloitte’s $5M Data Security Deal OK Is Sought by Plaintiffs
Jake Holland reports: A $4.95 million settlement with Deloitte Consulting LLP to resolve claims it created websites with poor security should receive final approval, the plaintiffs are arguing in New York federal court. The deal is fair and provides meaningful relief to affected class members, the plaintiffs argued in a supplemental brief filed Thursday in the U.S….