Jessica Molden

Microsoft Faces Nation-State Cyberattack

On January 12, 2024, Microsoft’s security team detected a nation-state attack by the Russian state-sponsored actor Midnight Blizzard (Nobelium) on their corporate systems. The attack, initiated in late November 2023, involved a password spray attack to compromise a test tenant account, gaining access to a small percentage of corporate email accounts, including senior leadership and […]

Microsoft Faces Nation-State Cyberattack Read More »

Subway Faces Data Breach and Ransom Demands from LockBit Ransomware Gang

The LockBit ransomware gang has claimed responsibility for an attack on Subway, alleging that it has stolen sensitive data about “all financial aspects” of the fast-food franchise. The hackers assert that they breached Subway’s database and exfiltrated data, including information on employee salaries, franchise payments, and restaurant turnovers. Subway has not yet officially responded to

Subway Faces Data Breach and Ransom Demands from LockBit Ransomware Gang Read More »

Be on the Lookout for Tax-Related Identity Theft Ahead of Tax Season

As tax season approaches, experts warn about the prevalence of tax-related identity theft, where criminals use personal information to file fraudulent returns and claim refunds. The issue persists, with the IRS’ Identity Theft Victim Assistance program noting a significant increase in individual cases. Victims face lengthy resolution times, averaging almost 19 months for the IRS

Be on the Lookout for Tax-Related Identity Theft Ahead of Tax Season Read More »

VF Corporation Discloses Breach Affecting 35.5 Million Customers and Operational Disruptions

VF Corporation, the parent company of brands like Vans and North Face, disclosed that 35.5 million customers were impacted in a December cyber attack. The announcement in an SEC filing clarified that sensitive data such as social security numbers, bank info, and payment card details were not compromised. Consumer passwords were also reportedly unaffected, though

VF Corporation Discloses Breach Affecting 35.5 Million Customers and Operational Disruptions Read More »

Ransomware Attacks Take a Heavy Toll

Cybersecurity Professionals Report Psychological and Physical Strain Ransomware attacks are causing psychological and physical harm to cybersecurity professionals, according to research from the Royal United Services Institute (RUSI). Infosec professionals report stress, burnout, and serious health issues linked to dealing with ransomware incidents. The study reveals cases of hospitalization, heart attacks, and even suicidal thoughts

Ransomware Attacks Take a Heavy Toll Read More »

Cyberattack Hits Taiwan’s Foxsemicon: LockBit Ransomware Gang Demands Ransom for Stolen Data

One of Taiwan’s major semiconductor manufacturers, Foxsemicon, fell victim to a cyberattack by the LockBit ransomware gang. The hackers threatened to publish customers’ data on their darknet websites unless a ransom was paid. The attackers claimed to have accessed five terabytes of the company’s data. Foxsemicon recovered its website after detecting the attack and is

Cyberattack Hits Taiwan’s Foxsemicon: LockBit Ransomware Gang Demands Ransom for Stolen Data Read More »

Kansas Courts Seek $2.6 Million for Recovery Amid Rising Cybersecurity Concerns

The Kansas court system requires a minimum of $2.6 million in additional funds to recover from a cyberattack in October. The attack, attributed to a Russian ransomware group, disrupted the electronic filing of documents and online access to records. Chief Justice Marla Luckert outlined the funds’ purpose, including restoring computer systems, paying vendors, enhancing cybersecurity,

Kansas Courts Seek $2.6 Million for Recovery Amid Rising Cybersecurity Concerns Read More »

Data Breaches Affecting Over 380,000 Patients Across Multiple Organizations

Several healthcare organizations in the United States have experienced data breaches due to ransomware attacks. Singing River Health System in Mississippi confirmed that the protected health information (PHI) of 253,000 patients was compromised in an August 2023 attack by the Rhysida ransomware group. Highlands Oncology Group in Arkansas reported a ransomware attack in September 2023,

Data Breaches Affecting Over 380,000 Patients Across Multiple Organizations Read More »

Microsoft Defender SmartScreen Vulnerability Exploited in Phemedrone Malware Campaign

A Microsoft Defender SmartScreen vulnerability is actively being exploited in a Phemedrone information-stealing malware campaign. The critical vulnerability allows attackers to bypass Windows Defender SmartScreen checks by using a specially crafted Internet Shortcut (.URL) file. Despite being patched in November 2023, threat actors are still exploiting the vulnerability, infecting users with Phemedrone Stealer. The malware

Microsoft Defender SmartScreen Vulnerability Exploited in Phemedrone Malware Campaign Read More »

Cosmetics Retailer Lush Faces Cybersecurity Challenge

Cosmetics giant Lush has recently confirmed being a victim of a cyberattack, though specific details about the incident remain scant. The company revealed that it is actively responding to the cybersecurity incident with the assistance of external IT forensic specialists. As the investigation is still in its early stages, Lush has taken immediate steps to

Cosmetics Retailer Lush Faces Cybersecurity Challenge Read More »