Dove Communications Inc.

03/23/2023

Dole now says February attack spilled employee data

Dole now says February attack spilled employee data -

A ransomware attack that disrupted Dole food delivery systems is now tied to a breach of employee data.

03/22/2023

Hackers are Increasingly Targeting Auto Dealers

Hackers are Increasingly Targeting Auto Dealers -

Auto dealerships face new challenges in the face of new legislation and an increase in cyberattacks. How can the industry adapt?

03/21/2023

Cyberattackers Hoop NBA Fan Data via Third-Party Vendor

Cyberattackers Hoop NBA Fan Data via Third-Party Vendor -

The basketball playoffs are around the corner and convincing social-engineering attacks on fans using NBA-themed lures could be too.

03/20/2023

Ransomware Gang Threatens Amazon's Ring With Data Leak - CPO Magazine

Ransomware Gang Threatens Amazon's Ring With Data Leak - CPO Magazine -

The ransomware gang ALPHV has claimed to have breached Amazon's Ring on the underground site it uses to extort victims, though it has yet to provide any evidence.

03/16/2023

Acer Confirms Data Breach After Hacker Lists Stolen Data on Hacking Forum - CPO Magazine

Acer Confirms Data Breach After Hacker Lists Stolen Data on Hacking Forum - CPO Magazine -

Taiwanese PC maker Acer confirmed a data breach after a hacker listed the stolen data on a hacking forum, including technical product specifications and infrastructure details.

03/15/2023

Health Data Breach Exposes Members of Congress, 170K Records Offered on Underground Forum - CPO Magazine

Health Data Breach Exposes Members of Congress, 170K Records Offered on Underground Forum - CPO Magazine -

A health data breach appears to have exposed the sensitive personal information of members of Congress and their employees. DC Health Link is used by many (but not all) members and their assorted staff.

03/13/2023

Fake ChatGPT Chrome Extension Hijacking Facebook Accounts for Malicious Advertising

Fake ChatGPT Chrome Extension Hijacking Facebook Accounts for Malicious Advertising -

A fake ChatGPT Chrome browser extension has been found to hijack Facebook accounts and create rogue admin accounts.

03/08/2023

Microsoft discovers Shein app accessing clipboard on Android devices

Microsoft discovers Shein app accessing clipboard on Android devices -

A version of the Shein shopping application unnecessarily accessed the clipboard of Android devices and transmitted the contents to a remote server, Microsoft researchers reported.

03/07/2023

Chick-fil-A hack spells indigestion for 71K customers

Chick-fil-A hack spells indigestion for 71K customers -

Credential-stuffing attack compromises fast food chain Chick-fil-A customers loyalty accounts.

03/06/2023

Phishing Campaign Targets Job Seekers, Employers

Phishing Campaign Targets Job Seekers, Employers -

Threat actors are exploiting the ongoing economic downturn by using job-themed phishing and malware campaigns to target job seekers and employers to steal sensitive

03/01/2023

Dish Network confirms cyberattack

Dish Network confirms cyberattack -

Dish Network confirms cyberattack on website and SEC filings.

02/28/2023

Hackers sat on News Corp network for two years

Hackers sat on News Corp network for two years -

News Corp revealed that attackers behind a breach had two years of dwell time before being noticed.

02/27/2023

Namecheap Email System Hacked to Send DHL and Metamask Phishing Emails - CPO Magazine

Namecheap Email System Hacked to Send DHL and Metamask Phishing Emails - CPO Magazine -

Hackers compromised the Namecheap email system to send DHL and MetaMask phishing emails targeting wallet credentials. The company takes full responsibility after initially blaming a third party.

02/23/2023

Will Charging Station Cyberattacks Impact the EV Boom?

Will Charging Station Cyberattacks Impact the EV Boom? -

Threat actors have proven they are able and willing to launch attacks against EV charging stations. How will these security breaches affect EV consumers?

02/22/2023

Phishing Fears Ramp Up on Email, Collaboration Platforms

Phishing Fears Ramp Up on Email, Collaboration Platforms -

It's a banner year for attacks coming through traditional email as well as newer collaboration technologies, such as Slack and Microsoft Teams. What's next?

02/21/2023

Korean Car-Makers Sending Out Software Updates To Prevent Keyless USB Car Theft - CPO Magazine

Korean Car-Makers Sending Out Software Updates To Prevent Keyless USB Car Theft - CPO Magazine -

A rash of car thefts has erupted as some of the Korean car-makers models have a USB-A shaped slot that can be exposed by removing the steering column cover, and this slot grants direct access to the engine.

02/16/2023

Data Breach on Instant Checkmate and Truthfinder Background Check Services Leaked 20 Million Records - CPO Magazine

Data Breach on Instant Checkmate and Truthfinder Background Check Services Leaked 20 Million Records - CPO Magazine -

PeopleConnect, the parent company of Instant Checkmate and Truthfinder background check services, confirmed a data breach that leaked 20 million customer records online.

02/14/2023

Artificial intelligence offers swindlers a new tool for romance scams

Artificial intelligence offers swindlers a new tool for romance scams -

Nearly 7 in 10 people failed to distinguish if AI wrote a love letter, according to McAfee's Modern Love Research Report.

02/13/2023

Wave of telco attacks tied to bad third-party vendor security hygiene

Wave of telco attacks tied to bad third-party vendor security hygiene -

Cyble calculates that more than 74 million customer records at major carriers were exposed so far this year, the vast majority via third parties.

02/09/2023

securitytoday.com

See How Reddit Users Have Unlocked the Dark Side of ChatGPT -- Security Today -

02/08/2023

'Money Lover' Finance App Exposes User Data

'Money Lover' Finance App Exposes User Data -

A broken access control vulnerability could have led to dangerous follow-on attacks for users of the money-management app.

02/07/2023

Crypto Drainers Are Ready to Ransack Investor Wallets

Crypto Drainers Are Ready to Ransack Investor Wallets -

Cryptocurrency drainers are the latest hot ticket being used in a string of lucrative cyberattacks aimed at virtual currency investors.

02/06/2023

Researchers track worrying jump in ‘malvertising’ targeting Google ads

Researchers track worrying jump in ‘malvertising’ targeting Google ads -

The surge comes after malicious actors impersonated well-known brands, such as Adobe Reader and Microsoft Teams, to deliver numerous malware strains, including AuroraStealer, IcedID, Meta Stealer, RedLine Stealer and Vidar.

02/02/2023

Ticketmaster Says Bot Attack Is To Blame for the Misfortunes of Taylor Swift Fans - CPO Magazine

Ticketmaster Says Bot Attack Is To Blame for the Misfortunes of Taylor Swift Fans - CPO Magazine -

Ticketmaster executives have been brought in front of a Senate Judiciary Committee and claims now that a bot army were both purchasing tickets and attempting to breach the servers simultaneously.

02/01/2023

Chick-fil-A Hit With Privacy Lawsuit Over Data Collection Embedded in Viral Video Marketing Campaign - CPO Magazine

Chick-fil-A Hit With Privacy Lawsuit Over Data Collection Embedded in Viral Video Marketing Campaign - CPO Magazine -

Privacy lawsuit alleges that by embedding the Meta pixel on pages hosting its videos, Chick-fil-A violated the 1988 Video Privacy Protection Act (VPPA) which applies only to data collection of personally identifiable information when viewing videos.

01/30/2023

Security Breach at Riot Games Reveals Game Cheats, Source Code for Popular eSport “League of Legends” - CPO Magazine

Security Breach at Riot Games Reveals Game Cheats, Source Code for Popular eSport “League of Legends” - CPO Magazine -

Hackers exfiltrated not just internal game cheats, but the source code that underpins this system for certain Riot Games titles, including League of Legends. This creates the possibility of new game cheats and exploits being developed.

01/26/2023

A Third-Party Data Breach Exposed the Personal Information of 18,000 Nissan Customers - CPO Magazine

A Third-Party Data Breach Exposed the Personal Information of 18,000 Nissan Customers - CPO Magazine -

Nissan said a third-party data breach allowed hackers to access and exfiltrate customer information for software testing but stored on a misconfigured cloud service by a contracted software development firm.

01/24/2023

Another Security Breach at Mailchimp; Customer Support Tools Again Hijacked to Phish Clients, in Third Such Incident in a Year - CPO Magazine

Another Security Breach at Mailchimp; Customer Support Tools Again Hijacked to Phish Clients, in Third Such Incident in a Year - CPO Magazine -

The Mailchimp security breach appears to have lasted for less than a full day. The company says that client login information was not compromised, but customer support tools were used to send phishing emails.

01/23/2023

Data Breach Exposed 2 Million Aflac and Zurich Insurance Policyholders’ Records - CPO Magazine

Data Breach Exposed 2 Million Aflac and Zurich Insurance Policyholders’ Records - CPO Magazine -

A third-party data breach involving a U.S. contractor exposed the personal information of over 2 million Aflac cancer and Zurich automobile insurance policyholders in Japan.

01/19/2023

ChatGPT Could Create Polymorphic Malware Wave, Researchers Warn

ChatGPT Could Create Polymorphic Malware Wave, Researchers Warn -

The powerful AI bot can produce malware without malicious code, making it tough to mitigate.

01/18/2023

Twitter Now Claims Data Leak of 200 Million Profiles Was Phony, Data Set Was Assembled From Pre-Existing Sources - CPO Magazine

Twitter Now Claims Data Leak of 200 Million Profiles Was Phony, Data Set Was Assembled From Pre-Existing Sources - CPO Magazine -

Security researchers had matched email addresses to account names, providing an indication that the data leak was legitimate, but Twitter says that the data was gathered via a variety of publicly available sources.

01/16/2023

Sneaky New Stealer Woos Corporate Workers Through Fake Zoom Downloads

Sneaky New Stealer Woos Corporate Workers Through Fake Zoom Downloads -

Rhadamanthys spreads through Google Ads that redirect to bogus download sites for popular workforce software — as well as through more typical malicious emails.

01/13/2023

Severe API Security Flaws Affect Millions of Vehicles from 16 Car Manufacturers, Including BMW, Mercedes and Toyota - CPO Magazine

Severe API Security Flaws Affect Millions of Vehicles from 16 Car Manufacturers, Including BMW, Mercedes and Toyota - CPO Magazine -

API security flaws on millions of vehicles from 16 car manufacturers expose them to unauthorized remote control, account takeovers, and personal information disclosure. Multiple car manufacturers using nearly identical car systems with almost similar functionality.

01/12/2023

Functioning Malware Written by ChatGPT Spotted on Dark Web Says Check Point Research - CPO Magazine

Functioning Malware Written by ChatGPT Spotted on Dark Web Says Check Point Research - CPO Magazine -

Dark web forum posts indicate that low- or even no-skill threat actors have figured out how to manipulate ChatGPT instructions to get it to produce basic but viable malware.

01/11/2023

Targeting of GitHub Repositories Continues as Slack Reports Security Breach, Stolen Source Code - CPO Magazine

Targeting of GitHub Repositories Continues as Slack Reports Security Breach, Stolen Source Code - CPO Magazine -

Popular collaboration tool Slack is the latest to suffer a security breach involving its GitHub repositories, with the company reporting that private source code was stolen in late December.

01/09/2023

Widespread 2FA Bypass Attack Compromised Comcast Xfinity Accounts; Targets Coinbase, Gemini, Evernote, and Dropbox - CPO Magazine

Widespread 2FA Bypass Attack Compromised Comcast Xfinity Accounts; Targets Coinbase, Gemini, Evernote, and Dropbox - CPO Magazine -

A widespread 2FA bypass attack compromised Comcast Xfinity customer email accounts and attempted to take over their Coinbase and Gemini Wallets, Evernote and Dropbox accounts.

01/06/2023

200M Twitter Profiles, With Email Addys, Dumped on Dark Web for Free

200M Twitter Profiles, With Email Addys, Dumped on Dark Web for Free -

A data dump of Twitter user details on an underground forum appears to stem from an API endpoint compromise and large-scale data scraping.

01/05/2023

Five Guys Data Breach Puts HR Data Under a Heat Lamp

Five Guys Data Breach Puts HR Data Under a Heat Lamp -

Job applicants could face a raft of follow-on attacks after cyber intruders accessed their data in an opportunistic attack.

01/03/2023

Fortnite Maker Epic Games Hit With $520 Million in Fines, in Part for COPPA Violations - CPO Magazine

Fortnite Maker Epic Games Hit With $520 Million in Fines, in Part for COPPA Violations - CPO Magazine -

The FTC has assessed Fortnite maker Epic a total of $520 million in penalties, roughly divided between COPPA violations and the use of dark patterns to trick players into making in-game purchases.