Supply-chain breach at Lidl, via a stored customer-data file from one of its IT service providers. Affected PII data: name, email, phone, DOB, customer number. Not shop systems and payments.
|
Key Takeaways
submitted by /u/wslyvh |
|
Key Takeaways
submitted by /u/wslyvh |
For years, zero day vulnerabilities have been dangerous, but they used to be scarce and difficult to exploit at scale. Finding one required patience, specialized skill and a deep understanding of software behavior. As Nicole Perlroth and other journalists reported, there was a trade in zero days, and nation states treated them as extremely valuable…
Cybersecurity researchers have discovered 11 old, Microsoft-signed, Unified Extensible Firmware Interface (UEFI) applications that could be abused to bypass Secure Boot on most systems using the modern firmware standard. “An attacker exploiting one of these vulnerable applications can execute untrusted code during system boot, enabling deployment of malicious UEFI bootkits or other malware,” ESET researcher…
McAfee Mobile Security has once again earned a perfect score from AV-TEST, one of the cybersecurity industry’s most respected independent testing organizations. In AV-TEST’s latest Android security evaluation, McAfee achieved a flawless 18 out of 18 points, receiving perfect 6/6 scores in Protection, Performance, and Usability. The result also earned McAfee AV-TEST’s highest certification for mobile security. …
SecurityWeek’s weekly cybersecurity news roundup offers a concise overview of important developments that may not receive full standalone coverage but remain relevant to the broader threat landscape. This curated summary highlights key stories across vulnerability disclosures, emerging attack methods, policy updates, industry reports, and other noteworthy events to help readers maintain a well-rounded awareness of…
Microsoft said it has closed off RoguePlanet, a privilege escalation flaw in the Windows Defender scanning engine that could let a local attacker spawn a SYSTEM-level shell, but the researcher who found the zero-day bug has poked new holes in the anti-malware tool. A race condition bug, the vulnerability works on Windows 10 and 11…
Japan’s largest taxi operator, Nihon Kotsu, announced that its systems were compromised in a cyberattack, forcing the company to shut down part of its infrastructure. The incident occurred over the weekend, early Saturday morning, and impacted operations, including the company’s taxi dispatch system, which remains offline as of today. Nihon Kotsu is Japan’s largest taxi…