The Jewish News Syndicate reports: Iran has blamed foreign countries, including Israel, for a cyber attack on its semi-official Fars News Agency, which is affiliated with the country’s Islamic Revolutionary Guard Corps, AFP reported on Saturday. Fars said in a statement posted to Telegram that its website was disrupted on Friday by a “complex hacking and cyberattack operation, and…
Category: Business Sector
Massive Twitter data breach was far worse than reported, reveal security researchers
Ben Lovejoy reports: A massive Twitter data breach last year, exposing more than five million phone numbers and email addresses, was worse than initially reported. We’ve been shown evidence that the same security vulnerability was exploited by multiple bad actors, and the hacked data has been offered for sale on the dark web by several sources. It had previously been…
Bits ‘n Pieces (Trozos y Piezas)
MX: LV threat actors claim to have hacked UnitedAuto On November 19, LV BLog added UnitedAuto, a Mexican automotive company, to its leak site, claiming to have more than 2TB of stolen personal information. The threat actors criticized their victim, stating “United Auto does not have any basic protection for their system. The company has…
WhatsApp data leak: 500 million user records for sale; is it really a leak?
Jurgita Lapienytė reports: On November 16, an actor posted an ad on a well-known hacking community forum, claiming they were selling a 2022 database of 487 million WhatsApp user mobile numbers. The dataset allegedly contains WhatsApp user data from 84 countries. Threat actor claims there are over 32 million US user records included. Another huge…
Ca: OSSTF victim of ransomware attack, notifies members of personal data compromised
The Canadian Press reports: The union representing public high school teachers in Ontario says it was the victim of a ransomware attack earlier this year that compromised members’ personal information. The Ontario Secondary School Teachers’ Federation says it discovered in late May that an “unauthorized third party” accessed and encrypted its systems between May 25…
AirAsia victim of ransomware attack, passenger and employee data acquired
AirAsia Group* pledges to be responsible when gathering personal information and to protect privacy “in every possible way.” That’s not a contract, mind you, but just an expression of their commitment. On November 11 and 12, AirAsia Group fell victim to a ransomware attack by Daixin Team. The threat actors, who were the topic of…