Daily Cyber Brief
Italy warns of cyberattacks on energy industry, the IRS leaks confidential information of 120K taxpayers, and Samsung admits to data breach that exposed some user's info...
Cybersecurity
The Internal Revenue Service has accidentally leaked confidential information for approximately 120,000 taxpayers who filed a form 990-T as part of their tax returns. IRS Form 990T is used to report 'unrelated business income' paid to a tax-exempt entity, such as…
One of the NFL’s most popular franchises — the San Francisco 49ers — began sending breach notification letters out Thursday, after more than 20,000 people’s sensitive information was accessed during a ransomware attack earlier this year. The BlackByte ransomware gang…
The source code of a remote access trojan (RAT) dubbed 'CodeRAT' has been leaked on GitHub after malware analysts confronted the developer about attacks that used the tool. The malicious operation, which appears to originate from Iran, targeted Farsi-speaking software…
Italy’s National Cyber Security Agency warned on Friday that attacks on Italian energy operators and infrastructure are increasing following two headline-grabbing breaches of major companies over the last week. The agency recommended that organizations “raise the levels…
South Korean chaebol Samsung on Friday said it experienced a cybersecurity incident that resulted in the unauthorized access of some customer information, the second time this year it has reported such a breach. "In late July 2022, an unauthorized third-party acquired…
A new and upgraded version of the SharkBot malware has returned to Google's Play Store, targeting banking logins of Android users through apps that have tens of thousands of installations. The malware was present in two Android apps that did not feature any…
Google on Friday shipped emergency fixes to address a security vulnerability in the Chrome web browser that it said is being actively exploited in the wild. The issue, assigned the identifier CVE-2022-3075, concerns a case of insufficient data validating in Mojo, which…
Hackers stole personal data including Social Security numbers, addresses and account numbers of home mortgage holders at KeyBank, the bank reports, in the breach of a third-party vendor that serves multiple corporate clients. The hackers obtained the information…
Researchers discovered a private Telegram channel-based backdoor in the information stealing malware, dubbed Prynt Stealer, which its developer added with the intention of secretly stealing a copy of victims' exfiltrated data when used by other cybercriminals…
Researchers have identified functional similarities between a malicious component used in the Raspberry Robin infection chain and a Dridex malware loader, further strengthening the operators' connections to the Russia-based Evil Corp group. The findings suggest that…