Hackerzhome

hackerzhome-logo-bg

Cybersecurity news all over the world

HACKERZHOME NEWS

April 11, 2023

Tuesday

After a ransomware assault, the owner of KFC and Pizza Hut announces a data compromise.

A number of people whose personal information was stolen in a January 13 ransomware assault are now receiving data breach notification letters from Yum! Brands, the company that owns the KFC, Pizza Hut, and Taco Bell fast food businesses.


The business had previously stated that although some data had been taken from its network, it had no proof that any client information had been taken by the attackers.


Yum! Brands disclosed that it has now discovered the attackers obtained some individuals’ personal information, including names, driver’s license numbers, and other ID card numbers, in the breach notification letters delivered to impacted consumers beginning on Thursday.


We are writing to alert you about a cybersecurity issue involving your personal data that took place in mid-January 2023, according to Yum! Brands.
Almost 300 restaurants are owned by Yum! Brands had to close in the United Kingdom due to the January ransomware assault.


In its 2022 annual report, the company reported that on January 18, 2023, it announced a ransomware attack that affected certain IT Systems and resulted in the temporary disruption of some of our affected systems, the theft of data from our network, and the closure of fewer than 300 restaurants in one market for one day.

NEWS 1
After a ransomware assault, the owner of KFC and Pizza Hut announces a data compromise.

Breaking news

LIVE

You are not up to date!

Subscribe to our newsletter and stay updated on cybersecurity news

Apple updates older iPhones and iPads with freshly discovered zero-day vulnerabilities.

In order to address two actively exploited zero-day vulnerabilities that also affect earlier iPhones, iPads, and Macs, Apple has published emergency upgrades to backport security patches that were announced on Friday.

In security warnings released on Monday, Apple stated that it is aware of a claim that this flaw may have been actively exploited.

The first vulnerability (identified as CVE-2023-28206) in IOSurfaceAccelerator allows threat actors to run arbitrary code on affected devices with kernel capabilities by using maliciously created apps.

After fooling their targets into loading malicious web pages, threat actors can utilize the second zero-day (CVE-2023-28205), a WebKit use-after-free vulnerability, to execute malicious code on hacked iPhones, Macs, or iPads.

The business claims that the problems have been resolved for the following devices: iPad Air 2, iPhone SE (first generation), iPhone 7, iPhone 6s, iPad mini (4th generation), iPod touch (7th generation), and Macs running macOS Monterey and Big Sur.

Security researchers from Google’s Threat Analysis Group and Amnesty International’s Security Lab found the holes being used in attacks as a link in an exploit chain and reported them.

NEWS 2

For placing advertisements and promotions in this newspaper, or anywhere on our website, contact us through email at [email protected] or fill out this contact form.

Share this news:

April 11, 2023 /

Tuesday

Hackerzhome News

2

Have you heard?
Data Theft By A Ransomware Gang From The Owner Of The KFC, Taco Bell, And Pizza Hut Brands Know more!

13 NuGet Packages are Used to Spread Bitcoin Stealer Malware

13 NuGet Packages are Used to Spread Bitcoin Stealer Malware

According to cybersecurity researchers, in a supply chain attack on.NET developers, 13 malicious NuGet packages were used to disseminate the cryptocurrency-stealing virus.

JFrog described the sophisticated typosquatting effort late last month. It used fake legal packages to run PowerShell code that was intended to retrieve a follow-on malware from a fixed server.

The two-stage attack culminates in the implementation of Impala Stealer, a persistent backdoor built on.NET that can access users’ Bitcoin accounts without their permission.

An optimization method called.NET AoT compilation enables native code to be generated in advance for apps. Native AOT apps can operate on a system without the .NET runtime installed and have a quicker startup time and reduced memory footprint.

The second-stage payload has an auto-update feature that enables it to download updated executables from a distance.

By injecting JavaScript code into apps for Microsoft Visual Studio Code or Discord, it can also maintain persistence by causing the stealer malware to start.

The program then goes on to look for the Exodus Wallet desktop application installation before injecting JavaScript code into a number of HTML files in order to gather and exfiltrate private information to a hard-coded Discord webhook.

NEWS 3

A DoS attack is caused by hackers flooding NPM with bogus packages.

A DoS attack is caused by hackers flooding NPM with bogus packages.
NEWS 4

The npm open-source package repository for Node.js was flooded by threat actors with fake packages, briefly leading to a denial-of-service (DoS) assault.

In research released last week, Checkmarx’s Jossef Harush Kadouri stated that threat actors establish malicious websites and distribute empty packages with links to those dangerous websites in order to profit from the open-source ecosystems’ positive reputation on search engines.

Due to the attackers’ denial-of-service (DoS), NPM became unstable and occasionally reported “Service Unavailable” errors.

Although similar efforts were recently seen disseminating phishing links, the most current wave dramatically increased the number of package versions from the approximately 800,000 packages released on npm to 1.42 million.

The attack method takes advantage of the greater search engine ranking of open source repositories to build rogue websites and upload empty npm modules with links to those sites in the README.md files.

After a cyberattack, SD Worx suspends payroll and HR services in the UK.

Due to a cyberattack, the massive Belgian HR and payroll company SD Worx had to take down all of its IT systems for its services in the UK and Ireland.

5.2 million people from more than 82,000 enterprises are served by SD Worx, a European HR and payroll management company with headquarters in Belgium, according to the company’s website.

Today, SD Worx started informing clients that its UK and Ireland divisions had been the target of a cyberattack that necessitated the shutdown of IT systems in order to contain it.

Last night, our security team found suspicious activity taking place in our hosted data center. To reduce any additional effect, we have taken urgent action and preventively separated all systems and servers.

An alert to consumers of SD Worx UK and Ireland states that as a result, there is presently no access to our systems, which of course we regret very much.

The privacy and data of SD Worx clients are always protected by highly strict organizational and technical security measures, the company emphasizes.

It goes without saying that we are treating this situation seriously and that we are diligently developing a solution to allow you to access our systems once more.

After a cyberattack, SD Worx suspends payroll and HR services in the UK.
NEWS 5

For placing advertisements and promotions in this newspaper, or anywhere on our website, contact us through email at [email protected] or fill out this contact form.

Share this news: