BleepingComputer.com

"PandaBuy pays ransom to hacker only to get extorted again."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 06 June 2024, 1550 UTC.

Content and Source:   https://www.bleepingcomputer.com/BleepingComputer.com.

Please scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

PandaBuy pays ransom to hacker only to get extorted again

  • Chinese shopping platform Pandabuy told BleepingComputer it previously paid a a ransom demand to prevent stolen data from being leaked, only for the same threat actor to extort the company again this week.

  • mWISE: The security conference built by practitioners, for practitioners
     
    SPONSORED CONTENT

mWISE: The security conference built by practitioners, for practitioners

  • Mark your calendar for mWISE 2024, a global conference where cybersecurity professionals come together to tackle the industry's biggest challenges. It runs from September 18 & 19, 2024 in Denver, Colorado. Register early for the best discount available.

  • Security Cybersecurity
     

Pick up cybersecurity skills quickly with $210 off Infosec4TC

  • Cybersecurity is a fast-moving topic, and staying up to date is essential. This Infosec4TC lifetime subscription makes it easy to get started at your pace for $69.99, $210 off the $280 MSRP.

    • BLEEPINGCOMPUTER DEALS
    •  
    • JUNE 06, 2024
    •  
    • 07:17 AM
    •  
    • Comment Count 0
  • Linux
     

Linux version of TargetCompany ransomware focuses on VMware ESXi

  • Researchers observed a new Linux variant of the TargetCompany ransomware family that targets VMware ESXi environments using a custom shell script to deliver and execute payloads.

  • FBI
     

FBI recovers 7,000 LockBit keys, urges ransomware victims to reach out

  • The FBI urges past victims of LockBit ransomware attacks to come forward after revealing that it has obtained over 7,000 LockBit decryption keys that they can use to recover encrypted data for free.

  • Google Chrome Flare
     

Google Chrome reduced cookie requests to improve performance

  • Google shared details on a recently introduced Chrome feature that changes how cookies are requested, with early tests showing increased performance across all platforms.

  • Advance Auto Parts
     

Advance Auto Parts stolen data for sale after Snowflake attack

  • Threat actors claim to be selling 3TB of data from Advance Auto Parts, a leading automotive aftermarket parts provider, stolen after breaching the company's Snowflake account.

  • Ariane
     

Check-in terminals used by thousands of hotels leak guest info

  • Ariane Systems self check-in systems installed at thousands of hotels worldwide are vulnerable to a kiosk mode bypass flaw that could allow access to guests' personal information and the keys for other rooms.

  • Club Penguin
     

Club Penguin fans breached Disney Confluence server, stole 2.5GB of data

  • Club Penguin fans hacked a Disney Confluence server to steal information about their favorite game but wound up walking away with 2.5 GB of internal corporate data, BleepingComputer has learned.

  • China hacker
     

Chinese hacking groups team up in cyber espionage campaign

  • Chinese state-sponsored actors have been targeting a government agency since at least March 2023 in a cyberespionage campaign that researchers track as Crimson Palace

  • CompTIA
     

Prepare for your CompTIA exams with $230 off this study guide bundle

  • Certification exams can be intimidating, especially when they can make a difference in your career. This 10-guide IT exam prep bundle helps you get ready for $29.99, $230 off the $259 MSRP.

    • BLEEPINGCOMPUTER DEALS
    •  
    • JUNE 05, 2024
    •  
    • 02:09 PM
    •  
    • Comment Count 0
  • Hospital
     

Qilin ransomware gang linked to attack on London hospitals

  • A ransomware attack that hit pathology services provider Synnovis on Monday and impacted several major NHS hospitals in London has now been linked to the Qilin ransomware operation.

  • Kali Linux
     

Kali Linux 2024.2 released with 18 new tools, Y2038 changes

  • Kali Linux has released version 2024.2, the first version of 2024, with eighteen new tools and fixes for the Y2038 bug.

  • Why (and how) threat actors target your Active Directory
     
    SPONSORED CONTENT

Why (and how) threat actors target your Active Directory

  • Microsoft Active Directory is a common target for threat actors after breaching a network. Learn more from Specops Software about the tools attackers use and how to protect your Active Directory.

  • Hacker ransomware
     

RansomHub extortion gang linked to now-defunct Knight ransomware

  • Security researchers analyzing the relatively new RansomHub ransomware-as-a-service believe that it has evolved from the currently defunct Knight ransomware project.

  • Focus on your audio with $100 off noise-canceling Sony LinkBuds S
     

Focus on your audio with $100 off noise-canceling Sony LinkBuds S

  • Earbuds give you a little privacy and quiet in a world full of intrusion and noise. These new open-box Sony noise-canceling earbuds give you a little more space for $99.99, $100 off the $199.99 MSRP.

    • BLEEPINGCOMPUTER DEALS
    •  
    • JUNE 05, 2024
    •  
    • 07:16 AM
    •  
    • Comment Count 0
  • Mining
     

Australian mining company discloses breach after BianLian leaks data

  • Northern Minerals issued an announcement earlier today warning that it suffered a cybersecurity breach resulting in some of its stolen data being published on the dark web.

  • TikTok
     

TikTok fixes zero-day bug used to hijack high-profile accounts

  • Over the past week, attackers have hijacked high-profile TikTok accounts belonging to multiple companies and celebrities, exploiting a zero-day vulnerability in the social media's direct messages feature.

  • FBI
     

FBI warns of fake remote work ads used for cryptocurrency fraud

  • Today, the FBI issued a warning about scammers using fake remote job ads to steal cryptocurrency from job seekers across the United States while posing as recruiters for legitimate companies.

  • Amateur radio ham radio
     

ARRL says it was hacked by an "international cyber group"

  • American Radio Relay League (ARRL) has shared more information about a May cyberattack that took its Logbook of the World offline and caused some members to become frustrated over the lack of information.

VIEW MORE

Comments

Popular posts from this blog

SecurityWeek Briefing.

Cyber War Newswire

SecurityWeek Briefing.