Cyber Bites

The US department store Kmart has been victim to a ransomware attack which has impacted back-end services within the company. Kmart has been targetted by the Egregor ransomware operation this week which encrypted devices and servers on the network. A ransom note showed that the 'KMART' Windows domain was compromised as a result of the attack. KMART's online stores are still operating, but the 'Transformco Human Resources Site,' 88sears.com, a partner of KMART, is currently...

TransLink, the public transport agency for Vancouver, Canada, has been hit by a ransomware attack which has halted their operations. The attack took place on December 1, and has resulted in the residents of Vancouver being unable to use their metro cards, or pay for new tickets, at TransLink's Compass ticket kiosks. TransLink initially thought that the incident was a prolonged technical issue but soon realised the true nature of the incident once reporters from...

Xerox released a fix for two vulnerabilities in regards to DocuShare, their document management platform. If these bugs were exploited they could have made DocuShare users vulnerable to a malicious attack resulting in sensitive data loss. Yesterday, the Cybersecurity and Infrastructure Security Agency (CISA) issued a security bulletin to alert users and administrators to urgently apply a patch which would plug two security holes in the recently released versions (6.6.1, 7.0, and 7.5) of Xerox’s...

The ransomware gang Clop has claimed to be responsible for a cyberattack on E-Land Retail. Clop have said that they have stolen around 2 million credit card's details over the past year, with the attack ending last month. E-Land Retail is a subsidiary of E-Land Global, which manages a number of retail clothing stores, such as Land NC Department Store and New Core. E-land had to close 23 NC Department Store locations and a number...

Embraer, a Brazilian defence and aerospace group has recently been a target of a cyber attack which has halted the company's operations. According to a statement released by Embraer this week, the attack forced the "disclosure of data allegedly attributed to the company". The incident was only reported to the Brazilian Securities and Exchange Commission five days after it happened. Brazilian legislation requires immediate reporting of any problems, especially those related cyber attacks. The cyber...

The US Federal Bureau of Investigation (FBI) says that it is getting more common for cyber-criminals to use email forwarding rules in order to disguise themselves inside hacked email accounts. The FBI sent out a PIN (Private Industry Notification) alert last week, which was made public yesterday, which said that the technique has been seen and abused in BEC (Business Email Compromise) attacks reported throughout the summer. The technique relies on a feature found in...

The security team in charge of the 'npm' repository used for JavaScript libraries has removed two of the npm packages on Monday after they were found to contain malicious code that installed a remote access trojan (RAT) onto computers of developers who were working on JavaScript projects. The names of the packages were jdb.js and db-json.js, and they were both created by the same author. The packages were described as tools which help developers work...

The Supreme Court will possibly be reining in of one of the main anti-hacking laws in America, which has not been revised by Congress since 1986, and has tormented cybersecurity researches since the internet began. The American Supreme Court heard a number of arguments yesterday for the first time in a case which aims to challenge the broadest interpretations of the Computer Fraud and Abuse Act (CFFA). The interpretations of the CFFFA have left cybersecurity...

A Google Project Zero security researcher, Ian Beer, has revealed that, until recently, a number of varieties of Apple iPhones and other iOS devices were vulnerable to an exploit which would allow hackers to remotely reboot a device and then take complete control of it, without being anywhere near the device. This means that a malicious attacker would be able to remotely control the device, having access to emails, messages, photos, and even possibly watching...

Cyber-security researchers at Ben-Gurion University of the Negev have discovered a cyber attack which could allow hackers to remotely manipulate laboratory scientists into creating viruses and toxins. Medical researchers use synthetic DNA for a variety of reasons, one of which is to develop immunogens in order to create vaccines, which is especially popular at the moment with a race to develop COVID-19 vaccines. Researchers at Ben-Gurion University have developed and tested an end-to-end attack that...