Verizon Communications has reported an insider data breach affecting nearly half of its workforce, exposing sensitive employee information such as names, addresses, Social Security numbers, and compensation details.
Chinese state-sponsored hackers breached the internal computer network of the Dutch Ministry of Defence using a vulnerability in FortiGate devices. The breach was for espionage purposes and the malware was found in a compartmentalized network.
The FortiSIEM product from Fortinet has been found to have two new critical vulnerabilities, CVE-2024-23108 and CVE-2024-23109, which allow for remote code execution by unauthenticated attackers.
While it is unclear whether a ransom was paid, the company stated that client transaction data was not accessed during the attack. The attack occurred amidst a major business deal, but experts predicted minimal disruption to EquiLend’s operations
The threat actors behind the campaign utilized multiple stages and techniques, including obfuscation and leveraging open platforms, to carry out the attack and steal sensitive information.
The malware is distributed through a multi-stage infection chain involving weaponized PDF files, internet shortcuts, and PowerShell loaders, with similarities to the previously disclosed Phemedrone Stealer.
Airbus Navblue Flysmart+ Manager had a vulnerability that allowed attackers to tamper with engine performance calculations and intercept data, posing a serious risk to flight safety.
The Pennsylvania Courts system has been hit by a cyberattack, taking down parts of its website. The Administrative Office of Pennsylvania Courts revealed via social media that the service had suffered a denial of service (DoS) attack.
The stolen data, including over two million unique email addresses, was put up for sale in Chinese-speaking hacking-themed Telegram groups, with the majority of the focus on India, Taiwan, Thailand, and Vietnam.
Latio Application Security Tester simplifies code scanning with OpenAI, offering easy code change submission and GitHub Actions templates. The tool’s future plans include support for non-OpenAI models, improved handling of large files, and more.