Savannah Sicurella reports: Peloton users have something new to worry about. In a new report, security company McAfee says hackers can gain remote access to a Peloton bike’s camera and microphone and can monitor users. The attackers can also add apps disguised as Netflix and Spotify to encourage users to input login credentials for later malicious…
Category: Business Sector
Smoking Out a DARKSIDE Affiliate’s Supply Chain Software Compromise
Tyler McLellan, Robert Dean, Justin Moore, Nick Harbour, Mike Hunhoff, Jared Wilson, Jordan Nuce of FireEye report: Mandiant observed DARKSIDE affiliate UNC2465 accessing at least one victim through a Trojanized software installer downloaded from a legitimate website. While this victim organization detected the intrusion, engaged Mandiant for incident response, and avoided ransomware, others may be…
Alibaba Falls Victim to Chinese Web Crawler in Large Data Leak
Yang Jie and Liza Lin report: A Chinese software developer trawled Alibaba Group Holding Ltd. ’s popular Taobao shopping website for eight months, clandestinely collecting more than 1.1 billion pieces of user information before Alibaba noticed the scraping, a Chinese court verdict said. The software developer began using web-crawling software he designed on Taobao’s site starting in November…
SEC Settles Enforcement Action for Disclosure Controls Violations Stemming from Data Security Incident
Kate Hanniford writes: The SEC has settled an enforcement action against a large title insurer in connection with public statements and disclosures made by the company in May 2019 relating to a data security incident. The underlying data security incident was the subject of the first set of charges brought by the New York Division of Financial…
Kr: HMM email systems hit by cyber virus attack
Marcus Hand reports that the South Korean shipping line has disclosed a breach: HMM said that an unidentified security breach was detected to its email servers in the early hours of 12 June leading to limited access to email systems. Over the following two days it said most of the confirmed damage to the system…
WI: Menominee Casino Resort temporarily closes after cyberattack
Ben Bokun and Alice Reid report: The Menominee Casino Resort confirms it’s experiencing technical difficulties following a cyberattack. A statement from the casino said the issues were caused by an “attempted external attack on our computer systems.” Tribal Legislature Chairman Gunnar Peters told NBC 26 the security breach happened Friday. The hit to the casino was…