Here’s a ransomware incident that left me wondering whether the attackers — who have not been identified — had researched their victim before attacking and establishing their ransom demands. Read the breach notice, below, published this month, and then a media report on the attack that appears after that. ———————– WINNIPEG, MB, Jan. 15, 2021 /PRNewswire/ – …
Category: Business Sector
Tesla Claims Engineer Stole Secrets Just Days Into the Job
Joel Rosenblatt reports: A former Tesla Inc. software engineer was ordered to appear before a judge to face allegations that three days into his job, he started stealing confidential files and transferring them to a personal storage account. During his two-week employment ending Jan. 6, Alex Khatilov stole more than 6,000 scripts, or files of code, that…
SonicWall says it was hacked using zero-days in its own products
Catalin Cimpanu reports: Networking device maker SonicWall said on Friday night that it is investigating a security breach of its internal network after detecting what it described as a “coordinated attack.” In a short statement posted on its knowledgebase portal, the company said that “highly sophisticated threat actors” targeted its internal systems by “exploiting probable zero-day vulnerabilities…
Security firm Malwarebytes was infected by same hackers who hit SolarWinds
Dan Goodin reports: Security firm Malwarebytes said it was breached by the same nation-state-sponsored hackers who compromised a dozen or more US government agencies and private companies. The attackers are best known for first hacking into Austin, Texas-based SolarWinds, compromising its software-distribution system and using it to infect the networks of customers who used SolarWinds’…
User data from decade-old breach of MyFreeCams shows up for sale?
Edvardas Mikalauskas reported: A database that purportedly belongs to MyFreeCams.com, one of the top adult chat and web streaming communities, is being sold on a popular hacker forum. According to the post author, the data was exfiltrated from the company servers in December 2020 by carrying out an SQL injection attack, and includes 2 million…
Cyberattack on GSTN portal? Cryptic tweet raises data security concerns among taxpayers
Dipak Mondal reports: At 12 noon yesterday, the GST Network (GSTN), the IT backbone of the Goods and Services Tax, put out a tweet saying that it had detected “some activity in the cyberspace by unscrupulous elements because of which some taxpayers may have experienced difficulties/delays in accessing the GST portal which otherwise is working…