Tag Archive for: maker

Charlotte honey bun maker hit with ransomware attack

/in


CHARLOTTE, N.C. (QUEEN CITY NEWS) — The creator of one of America’s first honey buns has become the latest victim of a cyber-attack. Charlotte-based Carolina Foods is on the list of companies hit with ransomware attacks.

Ransomware attacks happen when hackers get into a system and lock certain data and files demanding a payment to release the data. In Carolina Foods’ case, the nature of the data stolen is unknown, but experts say these attacks are happening more often.

State Department offers $10 million reward for info on UnitedHealthcare hackers

Tom Blanchard, CEO of Sterling Technology Solutions, explained many hacks come from outside the country, but it’s difficult to fully trace the origin.

“Usually they’re in cells, that’s a hacking group and with technology,” Blanchard explained. “The way it is that you don’t need to live in the same city, they can live wherever they want to live, they can execute these hacks from anywhere. They’re done on an automated basis.”

Ransomware tracking sites listed Carolina Foods as a victim of the Black Basta group possibly taking up to 450 gigabytes of company data encrypting it and demanding payment for its release.

“For Carolina Foods, what that might look like is their logistics system that helps them, I’m guessing they have truck deliveries and things like that, right?” Blanchard asked. “So, did something like that get encrypted that might impede their ability to do business?”

Carolina Foods, creator of the baked goods Dutchess brand, did not return requests for comment on the attack. Blanchard says ransomware attacks are happening more often.

“I would like to think that when businesses are seeing all these attacks, they would be a little more vigilant about doing things like having good backup that you can restore from quickly,” Blanchard said. “That’s the easiest protection against rampant ransomware.”

For the latest news, weather, sports, and streaming video, head to Queen City News.

Source…

Largest navigation device maker combats bots with Cequence’s API Spartan

/in


The world’s largest navigation device manufacturer has opted to secure its eCommerce experience and combat bot attacks with the bot detection and mitigation solution API Spartan, created by Cequence and part of the overarching Unified API Protection platform.

This decision was made in response to significant financial risks exposed by bot attacks. The company encountered approximately 100 million SSO login requests monthly, with 15 to 20 percent of these identified as malicious. They also revealed that account takeovers could result in costs ranging from $50 (40) to $12,000 (9,500) each. If left unchecked, these costs could culminate in billions potentially lost, spelling out disaster for the business.

Previously, the company had struggled with substandard bot protection from another internet security provider, who used rudimentary techniques reliant on identifying bad IP addresses. However, this method proved insufficient in detecting advanced malicious bots given its lack of behavioural analysis, leading to unresolved bot attacks and difficulties in ensuring business continuity and customer experience.

In searching for a more proactive solution to this predicament, the company turned to Cequence’s API Spartan. Cequence’s capabilities to discern genuine users from bots in real-time and adapt to evolving bot tactics appealed to the company, offering a reliable and future-proof answer to their bot issue.

“Bots aren’t just a technical nuisance; they’re customer experience assassins,” stated Ameya Talwalkar, CEO of Cequence. “Imagine loyal customers, eager to purchase your products, locked out by an army of automated bad actors. The frustration, lost sales, and reputational damage are a nightmare scenario no business can afford. That’s why Cequence is dedicated to providing solutions that go beyond simple bot detection. We empower companies to proactively safeguard their legitimate customers and foster a thriving online environment where trust and genuine interactions flourish.”

The OWASP API Security Top 10 highlights the vulnerability of poorly secured APIs to automated bot attacks, blurring the line between traditional API and bot attacks with unified security solutions…

Source…

Exclusive: North Korean hackers breached top Russian missile maker

/in


  • Hackers breached systems at NPO Mashinostroyeniya
  • Russian firm produces hypersonic missiles, satellites
  • Discovery comes shortly after Russian defence minister visits Pyongyang

LONDON/WASHINGTON, Aug 7 (Reuters) – An elite group of North Korean hackers secretly breached computer networks at a major Russian missile developer for at least five months last year, according to technical evidence reviewed by Reuters and analysis by security researchers.

Reuters found cyber-espionage teams linked to the North Korean government, which security researchers call ScarCruft and Lazarus, secretly installed stealthy digital backdoors into systems at NPO Mashinostroyeniya, a rocket design bureau based in Reutov, a small town on the outskirts of Moscow.

Reuters could not determine whether any data was taken during the intrusion or what information may have been viewed. In the months following the digital break-in Pyongyang announced several developments in its banned ballistic missile programme but it is not clear if this was related to the breach.

Experts say the incident shows how the isolated country will even target its allies, such as Russia, in a bid to acquire critical technologies.

NPO Mashinostroyeniya did not respond to requests from Reuters for comment. Russia’s embassy in Washington did not respond to an emailed request for comment. North Korea’s mission to the United Nations in New York did not respond to a request for comment.

News of the hack comes shortly after a trip to Pyongyang last month by Russian defence minister Sergei Shoigu for the 70th anniversary of the Korean War; the first visit by a Russian defence minister to North Korea since the 1991 breakup of the Soviet Union.

The targeted company, commonly known as NPO Mash, has acted as a pioneer developer of hypersonic missiles, satellite technologies and newer generation ballistic armaments, according to missile experts – three areas of keen interest to North Korea since it embarked on its mission to create an Intercontinental Ballistic Missile (ICBM) capable of striking the mainland United States.

According to technical data, the intrusion roughly began in late 2021 and continued until May 2022 when, according to internal…

Source…

Spyware maker LetMeSpy shuts down after hacker deletes server data

/in


Image Credits: JakeOlimb / Getty Images

Poland-based spyware LetMeSpy is no longer operational and said it will shut down after a June data breach wiped out its servers, including its huge trove of data stolen from thousands of victims’ phones.

In a notice on its website in both English and Polish, LetMeSpy confirmed the “permanent shutdown” of the spyware service and that it would cease operations by the end of August. The notice said LetMeSpy is blocking users from logging in or signing up with new accounts.

A separate notice on LetMeSpy’s former login page, which no longer functions, confirmed earlier reports that the hacker who breached the spyware operation also deleted the data on its servers.

“The breach consisted of unauthorized access to the LetMeSpy website’s database, downloading and at the same time deleting data from the website by the author of the attack,” the notice reads.

LetMeSpy’s app no longer functions, a network traffic analysis by TechCrunch shows, and the spyware maker’s website no longer provides the spyware app for download.

LetMeSpy was an Android phone monitoring app that was purposefully designed to stay hidden on a victim’s phone home screen, making the app difficult to detect and remove. When planted on a person’s phone — often by someone with knowledge of their phone passcode — apps like LetMeSpy continually steal that person’s messages, call logs and real-time location data.

A copy of the database was obtained by nonprofit transparency collective DDoSecrets, which indexes leaked datasets in the public interest, and shared with TechCrunch for analysis. The data showed that LetMeSpy, until recently, had been used to steal data from more than 13,000 compromised Android devices worldwide, though LetMeSpy’s website claimed prior to the breach that it controlled more than 236,000 devices.

The database also contained information that shows the spyware was developed by a Krakow-based tech company called Radeal, whose chief executive Rafal Lidwin did not respond to a request for comment.

LetMeSpy is the latest spyware operation to shut down in the past year in the wake of a security incident that exposed…

Source…