securityweek.com - LG Innotek LNV5110R security cameras are affected by a vulnerability that can be exploited for unauthenticated remote code execution.
Hundreds of LG security cameras are vulnerable to remote hacking due to a recently discovered flaw and they will not receive a patch.
The cybersecurity agency CISA revealed on Thursday that LG Innotek LNV5110R cameras are affected by an authentication bypass vulnerability that can allow an attacker to gain administrative access to the device.
The flaw, tracked as CVE-2025-7742 and assigned a ‘high severity’ rating, can allow an attacker to upload an HTTP POST request to the device’s non-volatile storage, which can result in remote code execution with elevated privileges, according to CISA.
LG Innotek has been notified, but said the vulnerability cannot be patched as the product has reached end of life.
Souvik Kandar, the MicroSec researcher credited by CISA for reporting the vulnerability, told SecurityWeek there are roughly 1,300 cameras that are exposed to the internet and which can be remotely hacked.
securityweek.com - The MITRE AADAPT framework provides documentation for identifying, investigating, and responding to weaknesses in digital asset payments.
The non-profit MITRE Corporation on Monday released Adversarial Actions in Digital Asset Payment Technologies (AADAPT), a cybersecurity framework designed to help the industry tackle weaknesses in cryptocurrency and other digital financial systems.
Modeled after the MITRE ATT&CK framework, AADAPT delivers a structured methodology that developers, financial organizations, and policymakers can use to find, investigate, and address risks in digital asset payments.
Insights that more than 150 sources from academia, government, and industry provided on real-world attacks on digital currencies and related technologies were used to create a playbook of adversarial TTPs linked to digital asset payment technologies.
The increased use of cryptocurrency has led to the emergence of sophisticated threats, such as phishing schemes, ransomware campaigns, and double-spending attacks, often with severe impact on organizations that lack cybersecurity resources, such as local governments and municipalities.
AADAPT is meant to help them enhance their stance through practical guidance and tools that specifically cover this financial market segment.
According to MITRE, AADAPT was founded on an in-depth review of underlying technologies such as smart contracts, distributed ledger technology (DLT) systems, consensus algorithms, and quantum computing, along with vulnerabilities and credible attack methods.
The tool supports critical use cases to help develop analytics for emulating threats, create detection techniques, compare insights, and assess security capabilities to prioritize decisions, essentially assisting stakeholders in adopting best practices.
“Digital payment assets like cryptocurrency are set to transform the future of global finance, but their security challenges cannot be ignored. With AADAPT, MITRE is empowering stakeholders to adopt robust security measures that not only safeguard their assets but also build trust across the ecosystem,” MITRE VP Wen Masters said.
Cyberattack disrupted UNFI’s operations in June; company estimates $50–$60 million net income hit but anticipates insurance will cover most losses.
United Natural Foods, Inc. (NYSE: UNFI), the main distributor for Amazon’s Whole Foods, said the June 2025 cyberattack that caused disruptions to business operations will impact fiscal 2025 net sales by an estimated $350 to $400 million.
In an update on Wednesday, the Rhode Island-based natural food products giant said “anticipated insurance” proceeds would significantly offset those loses.
“The Company estimates that the cyber incident will impact fiscal 2025 net sales by approximately $350 to $400 million, net (loss) income by $50 to $60 million, which includes the estimated tax impact, and adjusted EBITDA by approximately $40 to $50 million,” the company said in a business update on July 16th. “These estimates do not reflect the benefit of anticipated insurance proceeds, which the Company expects will be adequate for the incident. The Company does not currently expect a meaningful operational or financial impact beyond the fourth quarter of fiscal 2025 aside from insurance reimbursement.”
The company revealed in a filing with the SEC on June 9 that it had detected unauthorized activity on some IT systems on June 5. In response to the intrusion, certain systems were taken offline, which impacted its ability to fulfill and distribute customer orders.
UNFI advertises itself as the largest full-service grocery partner in North America, delivering products to over 30,000 locations, including natural product superstores, conventional supermarket chains, e-commerce providers, and independent retailers. With more than $30 billion in annual revenue, the company offers more than 250,000 natural, organic and conventional SKUs through its more than 50 distribution centers.
“We are grateful to our customers, suppliers, and associates for their resilience and collaboration as we worked through a challenging period for all of us. With our operations returning to more normalized levels, we remain focused on adding value for our customers and suppliers while becoming a more efficient and effective partner,” said Sandy Douglas, UNFI’s CEO.
The Company updated its full-year outlook to reflect its strong performance for the first three fiscal quarters of 2025 and the estimated costs and charges associated with the June cyber incident.
securityweek.com - DragonForce says it stole more than 150 gigabytes of data from US department store chain Belk in a May cyberattack
The DragonForce ransomware gang has claimed responsibility for a disruptive cyberattack on US department store chain Belk.
The incident was identified on May 8 and prompted Belk to disconnect affected systems, restrict network access, reset passwords, and rebuild impacted systems, which disrupted the chain’s online and physical operations for several days. The company’s online store is still offline at the time of publication.
Belk’s investigation into the attack determined that hackers had access to its network between May 7 and May 11, and that they exfiltrated certain documents, including files containing personal information.
In a data breach notification submitted to the New Hampshire Attorney General’s Office, Belk said at least names and Social Security numbers were compromised in the attack.
The company is providing the impacted individuals with 12 months of free credit monitoring and identity restoration services, which also include up to $1 million identity theft insurance.
The company has not named the group responsible for the attack, but the DragonForce ransomware gang has claimed the incident on Monday, adding Belk to its Tor-based leak site.
The Irish Data Privacy Commission announced that TikTok is facing a new European Union privacy investigation into user data sent to China.
TikTok is facing a fresh European Union privacy investigation into user data sent to China, regulators said Thursday.
The Data Protection Commission opened the inquiry as a follow up to a previous investigation that ended earlier this year with a 530 million euro ($620 million) fine after it found the video sharing app put users at risk of spying by allowing remote access their data from China.
The Irish national watchdog serves as TikTok’s lead data privacy regulator in the 27-nation EU because the company’s European headquarters is based in Dublin.
During an earlier investigation, TikTok initially told the regulator it didn’t store European user data in China, and that data was only accessed remotely by staff in China. However, it later backtracked and said that some data had in fact been stored on Chinese servers. The watchdog responded at the time by saying it would consider further regulatory action.
“As a result of that consideration, the DPC has now decided to open this new inquiry into TikTok,” the watchdog said.
“The purpose of the inquiry is to determine whether TikTok has complied with its relevant obligations under the GDPR in the context of the transfers now at issue, including the lawfulness of the transfers,” the regulator said, referring to the European Union’s strict privacy rules, known as the General Data Protection Regulation.
TikTok, which is owned by China’s ByteDance, has been under scrutiny in Europe over how it handles personal user information amid concerns from Western officials that it poses a security risk.
TikTok noted that it was one that notified the Data Protection Commission, after it embarked on a data localization project called Project Clover that involved building three data centers in Europe to ease security concerns.
“Our teams proactively discovered this issue through the comprehensive monitoring TikTok implemented under Project Clover,” the company said in a statement. “We promptly deleted this minimal amount of data from the servers and informed the DPC. Our proactive report to the DPC underscores our commitment to transparency and data security.”
Under GDPR, European user data can only be transferred outside of the bloc if there are safeguards in place to ensure the same level of protection. Only 15 countries or territories are deemed to have the same data privacy standard as the EU, but China is not one of them.
securityweek.com - Nippon Steel Solutions has disclosed a data breach that resulted from the exploitation of a zero-day in network equipment.
Japan-based Nippon Steel Solutions on Tuesday disclosed a data breach that resulted from the exploitation of a zero-day vulnerability.
Nippon Steel Solutions, also called NS Solutions, offers cloud, cybersecurity and other IT solutions. The company is a subsidiary of Japanese steel giant Nippon Steel, which recently acquired US Steel in a controversial deal.
Nippon Steel Solutions said in a statement posted on its Japanese-language website that it detected suspicious activity on some servers on March 7.
An investigation showed that hackers had exploited a zero-day flaw in unspecified network equipment, and gained access to information on customers, partners and employees.
In the case of customers, the attackers may have stolen information such as name, company name and address, job title, affiliation, business email address, and phone number.
The exposed information in the case of partners includes names and business email addresses, while in the case of employees the attackers may have obtained names, business email addresses, job titles, and affiliation.
Nippon Steel Solutions said the information may have been exfiltrated, but to date it has found no evidence of a data leak on the dark web or elsewhere.
The notorious ransomware group BianLian claimed to have stolen hundreds of gigabytes of data from Nippon Steel USA in mid-February, including files related to finances, employees, and production.
The cybercriminals at the time threatened to leak all of the stolen data, but the group went dark a few weeks later.
Nippon Steel does not appear to have confirmed a data breach in response to BianLian’s claims and it’s unclear if the two incidents are related.
SecurityWeek has reached out to NS Solutions for clarifications and will update this
