Tag Archive for: multiple
Yamaha confirms cyberattack after multiple ransomware gangs claim attacks
Yamaha’s Canadian music division confirmed that it recently dealt with a cyberattack after two different ransomware groups claimed to have attacked the company.
The Yamaha Corporation — different from the spun-off motorcycle division — is a Japanese manufacturing giant producing musical instruments and audio equipment. It is considered the world’s largest producer of musical equipment.
In a statement last Thursday, Yamaha Canada Music said it “recently encountered a cyberattack that led to unauthorized access and data theft.”
“In response, we swiftly implemented measures to contain the attack and collaborated with external specialists and our IT team to prevent significant damage or malware infiltration into our network,” the company said.
“Yamaha Canada has been notifying affected individuals, and we are offering credit monitoring services to those at risk of potential harm. Additionally, we have taken decisive actions to reinforce our network defenses and ensure enhanced security measures moving forward.”
The company added that its primary focus right now is to “mitigate any adverse consequences stemming from this criminal act.”
Representatives did not respond to requests for comment about whether the incident involved ransomware but the company is the latest example of a growing cybersecurity trend drawing alarm among experts.
On June 14, the company was posted on the Black Byte ransomware gang’s list of victims, according to cybersecurity expert Dominic Alvieri. But on Friday, Yamaha appeared on the leak site of the Akira ransomware group.
Alvieri said it is becoming increasingly common for victim organizations to be posted by two different ransomware groups. He noted that at least one organization this year was posted by three different groups.
“It is a major trend this year,” he said. “There is way more double posting going on.”
There have been several high-profile double postings this year, including the city of Oakland, which appeared on the leak sites of the Play and LockBit ransomware gangs.
Seasoned ransomware experts did not have a clear answer on why victims are showing up on multiple leak sites, floating several theories that may be…
Apple Fixes Multiple 4-Year-Old Zero-Days
Fraud Management & Cybercrime
,
Governance & Risk Management
,
Mobile Payments Fraud
Bugs Exploited to Install Spyware and Remotely Execute Code in Some Cases
Apple has fixed multiple zero-days that were actively being exploited since 2019 and infect several iOS devices with a spyware implant dubbed TriangleDB via zero-click iMessage exploits.
See Also: Live Webinar | The Secret Sauce to Secrets Management
The patches released for the flaws tracked as CVE-2023-32434 and CVE-2023-32435 arose from integer overflow and memory corruption issues, respectively. Attackers could exploit the flaws and gain arbitrary code execution privileges, the smartphone giant said in its Wednesday security update.
The latest patch addressed flaws in iOS, iPadOS, macOS, watchOS and Safari browser. Kaspersky security researchers Georgy Kucherin, Leonid Bezvershenko and Boris Larin are credited with reporting the vulnerabilities to Apple.
Apple also addressed the anonymously reported third zero-day tracked as CVE-2023-32439, which can result in arbitrary code execution when using maliciously crafted web content.
TriangleDB Zero-Click Spyware
Apple’s attribution to Kaspersky came after the Russian cybersecurity firm earlier this month said it had discovered a campaign dubbed “Operation Triangulation,” in which an APT group launched zero-click iMessage exploits on iOS-powered devices to drop spyware in its corporate network (see: Kaspersky Discloses Apple Zero-Click Malware).
In a blog post by Kaspersky on Wednesday, researchers disclosed technical details of the TriangleDB…
Multiple Vulnerabilities Found in the Kiddoware Kids Place Parental Control Android App
Kiddoware is the world’s leading parental control solutions company with a wide range of products and serving over 5 million families worldwide. Kiddoware is committed in helping you to protect your kids while providing you intelligence to be proactive about your childs’ online activities.
Earlier this week, SEC Consult Group identified numerous security flaws in a parental control app called Kids Place, which allowed hackers to access login credentials, send files to a child’s device without parental knowledge, or install malware onto the system. These bad actors were even able to remove all restrictions set on the device and bypass any settings established by the parent.
Dr Klaus Schenk, SVP security and threat research at Verimatrix, commented “The vulnerabilities found in the Kiddowares ‘Parental Control – Kids Place’ app for Android underscores the critical importance of prioritising cybersecurity in both the architecture and design of web servers and applications. The root cause lies in the neglect of basic development principles, highlighting the significance of adhering to secure coding practices.
“Developers should follow reputable security frameworks and cybersecurity tools to support them in building secure applications.
“Prevention tactics include:
- Thorough security scans and adherence to fundamental principles (e.g., password hashing)
- Applying security scanning to their web design (e.g., security headers assessment, SSL/TLS configuration audit)
- Applying app hardening and threat detection technologies to monitor/analyse the app’s functionalities to prevent or flag suspicious behaviours
“The vulnerabilities uncovered in the Kiddowares app are a clear-cut indication that integrating robust security measures at every stage of the app development process in a must. By prioritising security in architecture, design, and development, organisations can protect user data, prevent unauthorised access, and uphold the trust of their users.”