Sean Lyngaas – Page 3 – WindowsTechs.com

McDonald’s discloses hack of customer data in South Korea and Taiwan

Posted on June 11, 2021 by Sean Lyngaas

Hackers recently breached the IT systems of McDonald’s and accessed email addresses, phone numbers and delivery addresses for certain customers in South Korea and Taiwan, the fast food giant said Friday. “In the coming days, a few additional markets will take steps to address files that contained employee personal data,” McDonald’s said in an emailed statement. The burger chain said it quickly identified and contained the breach, which involved a “small number of files.” No customer payment information was affected, according to McDonald’s. The breach also involved business contact information of U.S. employees and franchisees, the Wall Street Journal reported. In some cases, the intruders also accessed data about restaurant seating capacity and the square footage of play areas, the Journal reported. It was unclear who was responsible for the hack. A McDonald’s spokesperson did not respond to an emailed question on who the culprit might be. McDonald’s, which reported […]

The post McDonald’s discloses hack of customer data in South Korea and Taiwan appeared first on CyberScoop.

Continue reading McDonald’s discloses hack of customer data in South Korea and Taiwan→

Biden cyber nominees Easterly, Inglis describe ransomware as urgent national security threat

Posted on June 10, 2021 by Sean Lyngaas

It’s been two months since President Joe Biden announced his two most important Senate-confirmed cybersecurity picks: Jen Easterly to lead the Department of Homeland Security’s cybersecurity agency, and Chris Inglis to be the national cyber director. During that time, ransomware attacks have forced temporary shutdowns of a major fuel pipeline and a big meat supplier, and Biden has signaled he will raise the issue of harboring criminal hackers in a meeting next week with Russian President Vladimir Putin. Americans got their closest look yet of how Inglis and Easterly would approach those pressing issues during a Senate confirmation hearing Thursday. The nominees labeled ransomware a “scourge” that threatens national security, vowed to work with critical infrastructure firms to improve their defenses, and wondered aloud if additional federal regulations were necessary to incentivize firms to reduce their vulnerabilities to hacking. The U.S. government, Inglis said, must “seize back the initiative that […]

The post Biden cyber nominees Easterly, Inglis describe ransomware as urgent national security threat appeared first on CyberScoop.

Continue reading Biden cyber nominees Easterly, Inglis describe ransomware as urgent national security threat→

Meat supplier JBS says it paid $11 million ransom to keep attackers from stealing data

Posted on June 10, 2021 by Sean Lyngaas

JBS, one of America’s biggest meat processors, said Wednesday that it paid cybercriminals an $11 million ransom to ensure the hackers didn’t steal company data. The payment is more than double the $4.4 million that Colonial Pipeline, a major fuel supplier, paid to recover its data in the wake of a separate ransomware attack. “In consultation with internal IT professionals and third-party cybersecurity experts, the company made the decision to mitigate any unforeseen issues related to the attack and ensure no data was exfiltrated,” JBS’s U.S. division said in a statement. In the same company statement, Andre Nogueira, CEO of JBS’s U.S. division, said it was a “very difficult decision” for the company and for him. “However, we felt this decision had to be made to prevent any potential risk for our customers,” he said. The ransomware attack forced JBS, which accounts for an estimated one-fifth of U.S. beef production, […]

The post Meat supplier JBS says it paid $11 million ransom to keep attackers from stealing data appeared first on CyberScoop.

Continue reading Meat supplier JBS says it paid $11 million ransom to keep attackers from stealing data→

Biden revokes TikTok ban, issues new guidance for evaluating foreign apps

Posted on June 9, 2021 by Sean Lyngaas

President Joe Biden on Wednesday issued an executive order that overturns Trump-era efforts to ban Chinese applications TikTok and WeChat while offering new guidelines for federal agencies to assess the national security risks of such software. The order emphasizes additional criteria for the Commerce Department to use in assessing whether to restrict U.S. use of foreign software apps. Those criteria include whether the technology is connected to foreign military or intelligence agencies, or involved in malicious cyber activity or the collection of sensitive personal data. The order is a reprieve for TikTok, a popular video-sharing app owned by Beijing-based firm ByteDance. Then-President Donald Trump issued an order that sought to ban U.S. companies from providing internet and content delivery services to TikTok, citing concerns that Chinese spies could exploit that data. But implementation of that order has been held up by legal challenges waged by TikTok, which has denied improper […]

The post Biden revokes TikTok ban, issues new guidance for evaluating foreign apps appeared first on CyberScoop.

Continue reading Biden revokes TikTok ban, issues new guidance for evaluating foreign apps→

Chinese hackers implicated in breach of Russian government agencies

Posted on June 8, 2021 by Sean Lyngaas

Chinese hackers were likely behind a series of intrusions at Russian government agencies last year, security firm SentinelOne said Tuesday. Malicious code used in the breaches is similar to hacking tools associated with a broad set of suspected Chinese spies that have also targeted Asian governments in recent years, SentinelOne researchers said. SentinelOne’s research builds on a report released last month by the Federal Security Service (FSB), one of Russia’s main spy agencies, and the cyber unit of telecom firm Rostelecom. It said Russian government agencies had been targeted by “cyber mercenaries pursuing the interests of the foreign state.” The attackers collected stolen data using top Russian technology providers Yandex and Mail.Ru, according to the report, which did not name a culprit in the breaches. SentinelOne’s findings point to an often overlooked reality in U.S.-centric cybersecurity discussions: that the Russian and Chinese governments conduct plenty of cyber-espionage against each other. Last […]

The post Chinese hackers implicated in breach of Russian government agencies appeared first on CyberScoop.

Continue reading Chinese hackers implicated in breach of Russian government agencies→

Ransomware hits iConstituent, a service lawmakers use to communicate with voters

Posted on June 8, 2021 by Sean Lyngaas

The scourge of ransomware has now hit closer to home for U.S. politicians. Ransomware has impacted the newsletter service of iConstituent, a firm that U.S. lawmakers use to contact constituents, the House of Representatives’ Chief Administrative Officer (CAO) said Tuesday. Individual offices choose to buy iConstituent services, which include virtual town halls, email and texting, and other data services. “At this time, the CAO is not aware of any impact to House data,” the CAO office said in an emailed statement. “The CAO is coordinating with the impacted offices supported by iConstituent and has taken measures to ensure that the attack does not affect the House network and offices’ data.” iConstituent boasts that its software “supports millions of digital interactions between people and their governments each year.” It was unclear Tuesday morning how broadly the incident would impact House legislators’ communication with constituents. The Washington-based firm did not immediately respond […]

The post Ransomware hits iConstituent, a service lawmakers use to communicate with voters appeared first on CyberScoop.

Continue reading Ransomware hits iConstituent, a service lawmakers use to communicate with voters→

Trickbot indictment demonstrates how one hacking tool built on older malware

Posted on June 8, 2021 by Sean Lyngaas

More than five years ago, Russian authorities reportedly raided a Moscow-based film company affiliated with the scammers behind Dyre, a notorious piece of malicious software linked with tens of millions of dollars in losses. No charges against the hackers were made public, but scams using the Dyre banking trojans seemed to abruptly disappear. A U.S. indictment unsealed last week confirmed what security researchers had long suspected: From the ashes of Dyre sprung TrickBot, a piece of malicious code that has caused untold financial costs by infecting tens of millions of computers worldwide and playing a part in a series of ransomware attacks. TrickBot rose to such prominence, and menace, that U.S. military hackers took aim at its infrastructure ahead of the 2020 election to reduce the potential for ransomware attacks that could disrupt the vote. The episode exemplifies how cybercriminal groups can evolve and, drawing on old hacking tools, haunt […]

The post Trickbot indictment demonstrates how one hacking tool built on older malware appeared first on CyberScoop.

Continue reading Trickbot indictment demonstrates how one hacking tool built on older malware→

US Cyber Command, CISA warn of hackers exploiting critical VMware flaw

Posted on June 7, 2021 by Sean Lyngaas

Hackers have been leveraging a critical flaw in the software that Silicon Valley vendor VMware uses to manage virtual machines in large data centers, U.S. Cyber Command warned on Saturday. The flaw allows an attacker to execute code remotely and potentially infiltrate sensitive computing environments that run on VMware’s widely used server management software. Security fixes have been available since May 25, but the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency and Cyber Command, a U.S. military unit, urged users to update their software after researchers discovered at least one public exploit for the vulnerability. “Please patch immediately!” the command tweeted on Saturday. VMware itself issued an urgent advisory telling clients to apply the patch on May 25. As corporations and government agencies increasingly use cloud computing to consolidate data, the value of flaws in code built by VMware and other vendors has only grown. Bad Packets, a […]

The post US Cyber Command, CISA warn of hackers exploiting critical VMware flaw appeared first on CyberScoop.

Continue reading US Cyber Command, CISA warn of hackers exploiting critical VMware flaw→

Latvian national charged with writing malware used by Trickbot hackers

Posted on June 4, 2021 by Sean Lyngaas

U.S. prosecutors have charged a 55-year-old Latvian national with developing computer code used in tandem with the infamous malicious software known as TrickBot, which has defrauded countless people while infecting tens of millions of computers worldwide. The defendant, known as Alla Witte, was arraigned in a federal court in Cleveland on Friday after being arrested in Miami in February, the Justice Department said. She is accused of being part of a criminal organization that operated in Russia, Belarus, Ukraine and Suriname, and which infected the computers of hospitals, schools, public utilities and government agencies in the U.S. Witte wrote “code related to the control, deployment, and payments of ransomware,” the Justice Department said in a press release. She also allegedly provided computer code to other members of the criminal group that tracked users of the TrickBot malware. The malicious code was designed to steal banking login credentials, credit card numbers […]

The post Latvian national charged with writing malware used by Trickbot hackers appeared first on CyberScoop.

Continue reading Latvian national charged with writing malware used by Trickbot hackers→

Tokyo Olympics organizers’ data swept up in Fujitsu hack: report

Posted on June 4, 2021 by Sean Lyngaas

The organizing committee of the Tokyo Olympics is the latest victim of a breach in which hackers broke into a Japanese government contractor’s data-sharing tool, according to a Japanese media report. The breach affected some 170 people who participated in a cybersecurity drill ahead of the Olympic Games next month, Kyodo News reported. The leaked data included the names and affiliations of people from 90 organizations involved in hosting the Olympics, according to the outlet. It’s apparently the latest Japanese organization to be swept up in an incident that began with unidentified attackers accessing data-sharing software made by technology firm Fujitsu. The breach of the tool last month has reportedly given hackers access to data at multiple Japanese government ministries. Fujitsu has suspended use of the software as it investigates the breach. The Japanese government’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC), which hosted the cybersecurity drill, […]

The post Tokyo Olympics organizers’ data swept up in Fujitsu hack: report appeared first on CyberScoop.

Continue reading Tokyo Olympics organizers’ data swept up in Fujitsu hack: report→