U.S. journalism suffers massive supply chain attack, hundreds of news sites were backdoored
According to BleepingComputer, the hackers are using an undisclosed media company infrastructure to deploy malware on the websites of hundreds of news sites across the United States. The malware infects website visitors by displaying fake update warnings on websites and then pretending to be browser update files. When a user’s computer is infected, it is used by hackers as a zombie of the employer’s corporate network in an attempt to deploy ransomware. The total number of news sites affected is currently unknown, but according to U.S. security firm Proofpoint, multiple media organizations (including national news organizations) from New York, Boston, Chicago, Miami, Washington, D.C., and others were affected.
Russian Hacker Claims Ukrainian Delta Combat Detection Mechanism Hacked
A hacker called Joker DPR posted on Telegram that he had successfully hacked into the U.S. DELTA battlefield command system used by the Ukrainian army, and posted a large number of screenshots of the software when operating the software. Evidence also claimed that there were “spies” in the office of the Ukrainian president. It is understood that the software system provided by the U.S. military to Ukraine stores battlefield information about friendly and enemy troops, including equipment coordinates and personnel numbers.
23 million Taiwanese people’s information leaked for $5,000
Breach Forums, a foreign forum, published an article in which a netizen with an ID of “OKE” peddled the household registration information of the Taiwanese people on the forum, said, he would sell information from www.ris.gov.tw (the official website of the Department of Household Affairs of the Ministry of the Interior), and stated that the data includes Taiwan’s population records, etc., and from these data can easily find the information of any person and his family, as well as military service, education records, residential addresses, and claims that there are more than 23 million people Personal information of Taiwanese.
German multinational auto giant hit by ransomware attack
LockBit, a well-known ransomware group, has announced that they have launched a cyberattack against the German multinational automotive group Continental. LockBit claims that they stole some data from Continental’s systems, and if they don’t receive the ransom by November 4 at 15:45:36 (23:45:36 GMT), they will publish the data on the data breach website .
Researchers discover new malware campaign targeting Indian government employees
Transparency Tribe (also known as APT36) Operation C-Major, and Mythic Leopard, is a suspected Pakistan adversarial collective that has a history of striking Indian and Afghanistan entities, used credential harvesting attacks to forge official websites, targeting Indian government employees.