Lawrence Abrams reports that preliminary reports attributing a mass-wipe to a CVE from 2018 were not quite the whole story. Western Digital had originally told BleepingComputer that the attacks were being conducted through a 2018 vulnerability tracked as CVE-2018-18472, which was not fixed as the device has been out of support since 2015. It turns out that…
Category: Business Sector
Morningstar data breach reveals KPMG deal maker lists
Liam Walsh and Edmund Tadros report: A software glitch has exposed the key companies garnering the interest of big four advisory group KPMG’s deal makers and restructuring experts. The flaw in an alert system, run by US financial research firm Morningstar, for ASX-listed companies meant third parties could even view project names KPMG had assigned. That included…
Ca: SIM card theft: Discount provider, discount protection?
Tristan Peloquin reports: Telus customers who were victims of SIM card scams are sounding the alarm on apparent flaws in the company’s security systems. An employee of its discount subsidiary Public Mobile even told a customer that the service she uses is “more at risk than others” because she pays less. “If you pay for…
Bordeaux-Gironde Chamber of Commerce & Industry hit by ransomware in France; Gerry Weber hit in Germany
Sud Ouest reports that the Chamber of Commerce and Industry (CCI) for Bordeaux-Gironde was the victim of a cyberattack on June 25. Accoridng to a translation of the report, CCI’s firewall system prevented the attackers from exfiltrating any data, but access to the network was blocked. Officials refused to pay an unspecified ransom demand and…
Il: Details of over 200,000 students leaked in cyberattack
Tzvi Joffre reports: The details of about 280,000 students throughout Israel were leaked after a cyberattack targeted the AcadeME company, which services a number of colleges and universities throughout the country, last week. AcadeME helps hundreds of thousands of students find jobs at thousands of companies. A pro-Palestinian Malaysian hacker group known as “DragonForce” claimed…
Bits ‘n Pieces, Part 2: Some Non-U.S. Incidents (updated)
The Czech Republic Institut plánování a rozvoje hl. m. Prahy (IPR) (the Institute of Planning and Development of the Capital The City of Prague (IPR) reported (machine translation) that it had been infected with a crypto miner virus which used the computing capacity of the institute for crypto currency mining. For preventive reasons, it was necessary to…