Deserialization of untrusted data can allow malicious code to be executed on the system. This is because the serialized data can contain instructions that the application will execute when it deserializes the data.
“We do not know the number of accounts that the unauthorized party was able to access, but out of an abundance of caution, we are sending this notice to all potentially affected account holders,” reads the data breach notification from Jason’s Deli.
The ransomware uses targeted phishing techniques for initial access, as well as to gather credentials from one of the employees of its target company. It then uses RATs to gain privileged access and move laterally within its target network.
For those concerned, the Trello leak has been added to the Have I Been Pwned data breach notification service, allowing anyone to check if they are among the 15 million leaked email addresses.
The Black Basta ransomware gang targeted the UK water utility Southern Water, threatening to leak 750 gigabytes of stolen sensitive data, including personal and corporate documents.
AerCap, the world’s largest aircraft leasing company, reported a ransomware infection. However, it claims to have not suffered financial losses and has control over its systems.
The BianLian ransomware group has shifted from a double extortion scheme to a focus on extortion without encryption, posing a significant threat to organizations, particularly in the healthcare and manufacturing sectors in the US and Europe.
The company is working to restore normal business operations, but many online services remain inaccessible even after two weeks. It is still uncertain whether the cyber incident will have a significant impact on LoanDepot’s financial condition.
The vulnerability, tracked as CVE-2024-23222, is a type confusion bug in the WebKit browser engine that could lead to arbitrary code execution when processing malicious web content.
The group is testing innovative infection routines that use technical threat research on another North Korean APT group, Kimsuky, as a lure, indicating a new approach to their cyberattacks.