bleepingcomputer.com - The Lumma infostealer malware operation is gradually resuming activities following a massive law enforcement operation in May, which resulted in the seizure of 2,300 domains and parts of its infrastructure.
Although the Lumma malware-as-a-service (MaaS) platform suffered significant disruption from the law enforcement action, as confirmed by early June reports on infostealer activity, it didn't shut down.
The operators immediately acknowledged the situation on XSS forums, but claimed that their central server had not been seized (although it had been remotely wiped), and restoration efforts were already underway.
Gradually, the MaaS built up again and regained trust within the cybercrime community, and is now facilitating infostealing operations on multiple platforms again.
According to Trend Micro analysts, Lumma has almost returned to pre-takedown activity levels, with the cybersecurity firm's telemetry indicating a rapid rebuilding of infrastructure.
"Following the law enforcement action against Lumma Stealer and its associated infrastructure, our team has observed clear signs of a resurgence in Lumma's operations," reads the Trend Micro report.
"Network telemetry indicates that Lumma's infrastructure began ramping up again within weeks of the takedown."
U.K. retail giant Marks & Spencer has confirmed hackers stole its customers’ personal information during a cyberattack last month.
In a brief statement with London’s stock exchange on Tuesday, the retailer said an unspecified amount of customer information was taken in the data breach. The BBC, which first reported the company’s filing, cited a Marks & Spencer online letter as saying that the stolen data includes customer names, dates of birth, home and email addresses, phone numbers, household information and online order histories.
The company also said it was resetting the online account passwords of its customers.
Marks & Spencer continues to experience disruption and outages across its stores, with some grocery shelves remaining empty after the hack affected the company’s operations. The company’s online ordering system for customers also remains offline.
It’s not clear how many individuals’ data was stolen during the hack. When reached by TechCrunch, Marks & Spencer spokesperson Alicia Sanctuary would not say how many individuals are affected and referred TechCrunch to its online statement. Marks & Spencer had 9.4 million online customers as of 30 March 2024, per its most recent annual report.
OpenAI on Tuesday announced the launch of ChatGPT for government agencies in the U.S. ...It allows government agencies, as customers, to feed “non-public, sensitive information” into OpenAI’s models while operating within their own secure hosting environments, OpenAI CPO Kevin Weil told reporters during a briefing Monday.
France's Navy personnel revealed classified information about submarine patrols through the Strava fitness app, found an investigation by Le Monde.
WordPress plugin Jetpack released a critical security update earlier today, addressing a vulnerability that allowed a logged-in user to access forms submitted by other visitors to the site.
Ukrainian national Mark Sokolovsky has pleaded guilty to his involvement in the Raccoon Stealer malware-as-a-service (MaaS) cybercrime operation.
A massive infostealer malware operation encompassing thirty campaigns targeting a broad spectrum of demographics and system platforms has been uncovered, attributed to a cybercriminal group named
#Atomic #Computer #Info #InfoSec #Information #Information-stealing #Marko #Polo #Rhadamanthys #Security #Stealc #Stealer #malware
A vulnerability in Microsoft Copilot Studio could be exploited to access sensitive information on the internal infrastructure used by the service, Tenable reports.
The flaw, tracked as CVE-2024-38206 (CVSS score of 8.5) and described as a ‘critical’ information disclosure bug, has been fully mitigated, Microsoft said in an August 6 advisory.
Researchers have discovered several vulnerabilities in popular WordPress plugins that allow attackers to create rogue admin accounts.
#attacks #breach #computer #cyber #data #hack #hacker #hacking #how #information #malware #network #news #ransomware #security #software #the #to #today #updates #vulnerability
Researchers uncover a fresh wave of the Raspberry Robin campaign spreading malware through malicious Windows Script Files (WSFs) since March 2024.
#attacks #breach #computer #cyber #data #hack #hacker #hacking #how #information #malware #network #news #ransomware #security #software #the #to #today #updates #vulnerability
Meet the guy who taught US intelligence agencies how to make the most of the ad tech ecosystem, "the largest information-gathering enterprise ever conceived by man."
#Ads #US #department-of-defense #information-gathering #longreads #secrecy-and-surveillance #spies #wired
Multiple information stealers for the macOS platform have demonstrated the capability to evade detection even when security companies follow and report about new variants frequently.
Informations actuelles de l'administration. Tous les communiqués de l'administration fédérale, des départements et des offices.
SweepWizard, an app that law enforcement used to coordinate raids, left sensitive information about hundreds of police operations publicly accessible.
TAG highlights four case studies involving Russian IO tied to the Internet Research Agency and Russian oligarch Yevgeny Prigozhin.
The National Security Agency (NSA) and partner cybersecurity authorities released a Cybersecurity Information Sheet today recommending that Microsoft Windows® operators and administrators properly
New Mandiant research detailing the various IO activities seen by nation-state actors, resulting from the Russian invasion of Ukraine.
