Massive DDoS Campaign Exploits Millions of IoT Devices Using Basic Attack Tools
A newly discovered DDoS operation dubbed 'Matrix' is targeting millions of IoT devices and enterprise servers through weak credentials and misconfigurations. The campaign highlights how readily available tools can be weaponized for large-scale cyber attacks, potentially compromising up to 35 million devices worldwide.
Starbucks Forced to Use Manual Scheduling After Blue Yonder Ransomware Attack
A ransomware attack on software provider Blue Yonder has disrupted Starbucks' employee scheduling and payroll systems across North America. Store managers have reverted to pen-and-paper methods while the company implements temporary compensation measures based on pre-scheduled shifts.
Microlise Hit by BlackCat Ransomware Attack, Customer Data at Risk
British telematics provider Microlise confirms unauthorized access to company data following claims by BlackCat ransomware group. The attack potentially affects major transportation companies across Europe, as investigations continue into the full scope of compromised fleet management systems.
New Malware Campaign Exploits Avast Driver to Bypass Security Systems
Security researchers have identified a sophisticated malware campaign using Bring Your Own Vulnerable Driver (BYOVD) technique to disable antivirus protections. By exploiting a legitimate Avast driver, the malware can terminate security processes and gain elevated system control.
Microsoft Under FTC Investigation for Cloud Services in Government Contracts
The Federal Trade Commission launches probe into Microsoft's potential anticompetitive practices in cloud computing, focusing on $150 billion government security upgrade deal. Questions arise over contract bidding processes and hidden costs in seemingly generous offerings.
Meta Cracks Down on 'Pig Butchering' Crypto Scams, Removes 2M+ Fraudulent Accounts
Meta has taken decisive action against sophisticated cryptocurrency investment scams by removing over 2 million deceptive accounts across its platforms. The company's enhanced security measures target 'pig butchering' schemes originating from Southeast Asia that build trust before defrauding victims.
Minneapolis Parks Department Hit by Phone System-Disrupting Cyberattack
A cyberattack on the Minneapolis Park and Recreation Board has caused an ongoing phone system outage, though core systems remain uncompromised. The incident highlights growing cybersecurity challenges facing public institutions as technical teams work to restore services and investigate potential data breaches.
US Authorities Dismantle PopeyeTools Cybercrime Marketplace, Charge Three Administrators
The U.S. Department of Justice has shut down PopeyeTools, a major cybercrime platform trafficking stolen financial data from over 227,000 individuals. Three administrators from Pakistan and Afghanistan face criminal charges for running the $1.7 million illegal operation since 2016.
Healthcare Under Siege: The Alarming Rise of Ransomware Attacks on Medical Systems
Ransomware attacks on healthcare organizations doubled in 2023, with LockBit responsible for 25% of incidents. Beyond financial losses, these cyberattacks directly impact patient care, highlighting the critical need for robust backup systems and comprehensive security measures in protecting sensitive medical data.
FBI Charges Five Members of Scattered Spider Gang in MGM Resorts Cyberattack
Federal prosecutors have charged five hackers allegedly responsible for sophisticated phishing attacks against MGM Resorts and cryptocurrency theft. The suspects, including a British national and four US citizens, face up to 27 years in prison for wire fraud conspiracy and identity theft.