Catalin Cimpanu reports: The operators of the BitPaymer ransomware have been spotted using a zero-day in iTunes for Windows as a mechanism to bypass antivirus detection on infected hosts. The attacks and the zero-day were found by cyber-security firm Morphisec on the network of an enterprise in the automotive industry that got hit by BitPaymer…
Category: Business Sector
Dutch Prostitution Site Hookers.nl Hacked — 250,000 Users’ Data Acquired
Thomas Brewster reports: Hackers have obtained the data and personal details of around 250,000 users of the Dutch sex work forum Hookers.nl. The breach was confirmed by a Hookers.nl moderator on Thursday, saying that the forum software supplier, vBulletin, had reported that a vulnerability had allowed an outsider access to site’s database. Read more on…
Hackers breach Volusion and start collecting card details from thousands of sites
Catalin Cimpanu reports: Hackers have breached the infrastructure of Volusion, a provider of cloud-hosted online stores, and are delivering malicious code that records and steals payment card details entered by users in online forms. More than 6,500 stores are impacted, but the number could be even higher. In a press release published last month, Volusion…
Dozens of documents remain sealed in Chrysler hacking class action; Magistrate compliance with discovery requests
The Madison-St. Clair Record reports: Chrysler shared its science with plaintiffs in a half secret class action over the vulnerability of its vehicles to hacking, yet it needed a court order to find out where plaintiffs took their vehicles for maintenance. U.S. Magistrate Judge Reona Daly ruled in Chrysler’s favor on Oct. 2, requiring plaintiffs…
Ca: RCMP charge two Montrealers over cyber attack of Bell customer accounts
The Canadian Press reports: The RCMP say charges have been laid against two Quebecers for their alleged involvement in a cyber attack of Bell Canada customer accounts. Nana Koranteng and Jesiah Russell-Francis of Montreal are to appear on charges including unauthorized use of a computer, fraud over $5000, conspiracy to commit fraud, laundering proceeds of…
Taconic Biosciences settles lawsuit stemming from 2017 W-2 phishing breach (updated)
One of the victim companies of a W-2 phishing attack that this site reported in 2017 was a New York firm called Taconic Biocences. A copy of their notification to the Maryland Attorney General’s Office is still available online, here. Recently, News10 in New York reported that there has been a $2.7 million settlement in…