The PCI Security Standards Council on Thursday released the Payment Card Industry Data Security Standard version 4.0. The latest version's improvements are intended to counter evolving threats and technologies, and the new version will enable innovative methods to combat new threats.
Two serious remote-code-execution vulnerabilities have been discovered in VMware's widely used Spring, which is a platform for building online applications. With at least one of the vulnerabilities already being actively exploited, VMware urges immediate patching.
Globant, the Luxembourg-based software development company, on Thursday confirmed that an undisclosed actor - reportedly Lapsus$ - has illegally accessed the company's code repository, containing source code associated with some of its clients.
Sophos says it has provided a fix to a critical RCE bug known to be actively exploited primarily in South Asia. Sophos says no customer action is needed if the "Allow automatic installation of hotfixes" feature is enabled, but versions close to their end of life need manual configuration.
On Monday, Ukrainian ISP Ukrtelecom was hit by a cyberattack that reduced its services, the SSSCIP of Ukraine says. It is reportedly the largest outage since Russia invaded Ukraine. Meanwhile, Russia’s internet services could be affected by a shortage of equipment due to ongoing sanctions.
The U.S. Department of Justice has indicted a 23-year-old Russian national for operating a cybercriminal marketplace that sold thousands of stolen login credentials, PII and authentication tools, according to U.S. Attorney Brit Featherston of the Eastern District of Texas.
Greek postal service Hellenic Post says a ransomware incident has forced it to pull a majority of its operations offline. It is working with IT security experts to probe the attack and restore services. Its subsidiary ELTA Courier has taken over nearly all operations to maintain business continuity.
Yet another ransomware-wielding group of criminals has hit an organization in the health sector. This time, it's cybercrime group RansomEXX, which has been trumpeting an attack against the Scottish Association for Mental Health. The crime gang says it has stolen more than 12GB of data from SAMH.
The U.S. National Rifle Association States reportedly fell victim to a ransomware attack in October 2021. The NRA did not acknowledge the attack at the time, but a recent FEC filing explaining a financial discrepancy has forced it to confirm the ransomware attack and detail its impact.
A security researcher found two critical vulnerabilities and one high-severity vulnerability in two separate Veeam products that may allow attackers to perform remote code execution and allow local privilege execution on victims' systems, respectively. Veeam has issued patches for all three bugs.
On Monday night, Israeli government websites including those of the prime minister and the ministries of Interior, Health, Justice, and Welfare, went offline. The Israel National Cyber Directorate confirmed a massive DDoS attack against a communications provider, resulting in temporary access loss.
Automotive technology/parts supplier Denso confirmed that it suffered a ransomware attack last week. Investigations are ongoing. The company has not disclosed the ransom demanded or the attacker's name, but dark web monitoring platform DarkTracer says it's the work of the Pandora ransomware group.
Ransomware groups continue to target critical infrastructure sectors internationally. An FBI alert says that ransomware group RagnarLocker has targeted 52 entities across 10 critical infrastructure sectors, while Romania's premier petrol supplier, Rompetrol, has reportedly been hit by Hive.
Russia's National Coordination Center for Computer Incidents has published a list of 17,576 IP addresses and 166 domains that it says are targeting the country's information resources via distributed denial-of-service attacks. It also published a 20-point list of remediation measures.
A phishing campaign, likely carried out by a state-sponsored threat actor, is targeting European government personnel who are aiding Ukrainian refugees, Proofpoint says. The TTPs in the campaign resemble those of Ghostwriter, a group that was the subject of a Ukrainian CERT warning on Feb. 25.