Casio has said nearly 8500 people were affected by a ransomware attack that compromised its servers on 5 October last year. The attack led to data leaks, including internal documents and personal information, but no credit card information was included in the leaked information. Based on the investigation’s results, the company is in the process of identifying the affected business partners and customers. It said it would contact them individually once this was clear and take all necessary steps to protect their privacy. The company has apologized for the incident, acknowledging the concerns it has caused to customers, employees, and…
Kirsten Doyle
Kirsten Doyle
Kirsten Doyle has been in the technology journalism and editing space for nearly 24 years, during which time she has developed a great love for all aspects of technology, as well as words themselves. Her experience spans B2B tech, with a lot of focus on cybersecurity, cloud, enterprise, digital transformation, and data centre. Her specialties are in news, thought leadership, features, white papers, and PR writing, and she is an experienced editor for both print and online publications.
Information Security Buzz News Editor
Kirsten Doyle has been in the technology journalism and editing space for nearly 24 years, during which time she has developed a great love for all aspects of technology, as well as words themselves. Her experience spans B2B tech, with a lot of focus on cybersecurity, cloud, enterprise, digital transformation, and data centre. Her specialties are in news, thought leadership, features, white papers, and PR writing, and she is an experienced editor for both print and online publications.
Critical vulnerabilities discovered in Moxa’s industrial networking devices could allow privilege escalation and OS command injection, exposing critical infrastructure to potential cyberattacks. In a security advisory, Moxa said that affected models include EDR and TN series routers widely used in industrial automation, energy, and telecommunications. Successful exploitation could grant attackers control over devices, posing a significant risk to operational systems. The Impact According to Moxa, the identified vulnerability types and potential impacts are as follows: CWE-656: Reliance on Security Through Obscurity (CVE-2024-9138). The exploitation of hard-coded credentials could allow an authenticated user to gain root-level access, leading to system compromise,…
The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned Beijing-based Integrity Technology Group (Integrity Tech) for its involvement in cyber intrusion campaigns targeting US entities. Integrity Tech has been linked to Flax Typhoon, a Chinese state-sponsored cyber group known for targeting critical infrastructure sectors across the US and beyond. The decision highlights the persistent threat posed by Chinese threat actors, which were named as a significant risk to US national security in the latest Office of the Director of National Intelligence (ODNI) Annual Threat Assessment. In fact, recent attacks even extended to the Treasury’s own…
An engineering team from Wiz has discovered a critical vulnerability in Nuclei, a popular open-source security tool developed by ProjectDiscovery. The vulnerability, assigned as CVE-2024-43405, enables malicious actors to bypass the tool’s signature verification process, potentially enabling arbitrary code execution. This discovery has raised the alarm within the cybersecurity community, particularly among entities that rely on Nuclei for automated vulnerability scanning. Nuclei’s Role in Security Operations The tool is widely used for its YAML-based templates. According to Wiz, these templates “define the logic for detecting vulnerabilities, misconfigurations, and other security issues across various protocols and technologies.” One feature that sets Nuclei…
The ubiquity of mobile applications has created a perfect storm for bad actors, offering ample opportunities to exploit unsuspecting users. One of the latest instances is FireScam, a sophisticated malware that targets Android devices. Disguised as a fake “Telegram Premium” app, FireScam uses phishing websites to lure victims into downloading malware that infects their devices to steal sensitive information. A recent report by CYFIRMA examines FireScam’s inner workings, unpacking its distribution tactics, advanced surveillance capabilities, and implications for individuals and entities alike. A Deceptive Threat FireScam is distributed via a phishing website hosted on GitHub.io. The site is carefully crafted…
As the world steps into 2025, the cybersecurity landscape is set to evolve at an unprecedented pace, driven by the convergence of emerging technologies, sophisticated threats, and tightening regulations. The fourth edition of this report delves into the critical trends shaping the industry, offering key insights to help organizations navigate the challenges ahead. From the rising threat of insider attacks and the vulnerabilities within global supply chains to the disruptive potential of quantum computing and the transformative role of artificial intelligence, the stakes have never been higher. At the same time, regulatory frameworks worldwide are becoming more stringent, urging businesses…
Doughnut giant Krispy Kreme has disclosed a cyberattack that happened on 29 November and has led to significant operational disruptions, particularly affecting its online ordering system in parts of the United States. The doughnut chain disclosed the cyberattack in an 8-K filing with the SEC. The company was alerted to unauthorized activity on its information technology systems and has since engaged leading cybersecurity experts to investigate and remediate the situation. Despite the attack, Krispy Kreme’s physical stores remain open globally, and customers can still place orders in person. Daily deliveries to retail and restaurant partners are also uninterrupted. However, the disruption of…
The 40+ dating platform Senior Dating has been the victim of a data breach, compromising the personal information of 765,517 users. The breach, linked to an exposed Firebase database, has raised serious concerns about protecting sensitive data in online matchmaking services. The information exposed includes personal details such as email addresses, profile photos, genders, dates of birth, precise geographic locations, links to Facebook accounts, and details on users’ drinking and smoking habits, education levels, occupations, and relationship statuses. This granular data could be exploited for identity theft, fraud, or other malicious activities. The breach, dated 23 November 2024, came to…
Artivion, a prominent manufacturer of heart surgery devices, disclosed a significant ransomware attack that has disrupted its operations. The incident involved the encryption and acquisition of company files, prompting Artivion to take immediate measures to contain the breach. According to a recent Form 8-K filing, Artivion responded swiftly by taking affected systems offline, launching an investigation, and engaging external cybersecurity and legal experts to address the situation. Despite these efforts, the incident has caused delays in order processing, shipping, and some corporate functions. The company stressed that it will continue to deliver products and services to customers, stating that most…
Independent cybersecurity experts Noam Rotem and Ran Locar have exposed a sophisticated cyber operation targeting vulnerabilities in public websites, leading to unauthorized access to sensitive customer data, infrastructure credentials, and proprietary source code. The researchers collaborated with the AWS Fraud team on a customer notification to implement measures aimed at mitigating the impact of this event. They said that although they identified some of the victims of this operation, they have not been included in the report for privacy reasons. They said: “Our investigation has identified the names and contact information of some of the individuals behind this incident. This…