Israeli-Linked 'Predatory Sparrow' Group Claims Responsibility for Cyberattack Disrupting 70% of Iran's Petrol Stations
An Israeli-affiliated hacking collective, known as "Predatory Sparrow," has reportedly claimed responsibility for significant service disruptions at approximately 70% of petrol stations across Iran. This information was initially brought to light by Javad Owji, Iran's Oil Minister, during a statement on state television where he mentioned external intervention as a probable factor.
The claim by Predatory Sparrow was later corroborated by reports from both Iranian and Israeli media outlets. In a statement, purportedly from the group and cited by Iranian media, Predatory Sparrow indicated that the cyberattack was executed with precise control to circumvent any harm to emergency services. This recent incident aligns with the group's history of cyber warfare, notably their previous admission of orchestrating a cyberattack on Iran's major steel corporations, an operation subtly insinuated to be backed by Israel. Meanwhile, Iran's civil defence agency, tasked with the nation's cybersecurity, is conducting thorough investigations and remains open to all potential causes behind these widespread disruptions.
Xfinity Confirms Major Data Breach Affecting Over 35 Million Customers Following Citrix Server Hack
Comcast Cable Communications, trading as Xfinity, revealed on Monday that a breach of its Citrix server in October led to the theft of sensitive customer data. The breach was discovered on October 25, following the release of security patches for a critical vulnerability named Citrix Bleed (CVE-2023-4966) by Citrix two weeks prior. Malicious network activity was detected between October 16 and 19. An investigation found that the breach affected approximately 35.88 million people, with data exfiltration confirmed on November 16.
The compromised data includes usernames and hashed passwords, and potentially other personal information such as names, contact details, partial social security numbers, birth dates, and secret questions and answers. Xfinity disclosed these findings on December 6, 2023, noting that data analysis is ongoing.
Customers reported receiving password reset requests last week without explanation. Xfinity, while assuring customers that no data leaks or customer attacks were known, emphasized the importance of resetting passwords and encouraged enabling two-factor or multi-factor authentication. Despite the breach, Xfinity's operations remained unaffected, and there was no ransom demand. The company's cybersecurity team is actively monitoring the situation to ensure customer protection.
Video game developer Insomniac games victim of ransomware attack
Insomniac, the Sony-owned studio behind the PlayStation 5 hit Spider-Man 2, has suffered a significant ransomware attack. Last week, hackers demanded a $2 million ransom to prevent the release of confidential information. Since the demand, details about upcoming games, including work-in-progress footage of its highly anticipated Wolverine game, have been leaked online.
The leak reportedly includes sensitive employee data and internal emails. The gaming community, including developers, journalists, and fans, has strongly condemned the attack, advocating against sharing the leaked content. The leak also exposed employees' personal information.
The ransomware group Rhysida claimed responsibility for this attack and a recent one on the British Library. This method involves using malware to lock a company's network files, demanding a ransom for their release. This incident follows a trend of high-profile game studio leaks, including last year's leak of Rockstar Games' Grand Theft Auto 6 details.
Major Cybersecurity Breaches Hit MongoDB, VF Corp, and Mr. Cooper, Exposing Millions of Customers' Data
Three major companies, MongoDB Inc., VF Corp. (owner of North Face and Vans), and mortgage broker Mr. Cooper Group Inc., reported significant cyberattacks this week.
MongoDB's breach involved unauthorised access to its corporate systems, exposing customer account metadata and contact information. Customers were notified via email on December 13th, and the company is still investigating the extent of the breach.
VF Corp.'s hack, disclosed in a U.S. Securities and Exchange Commission filing, included the encryption of some systems and the theft of personal data. Also identified on December 13th, this incident, possibly the first reported under new SEC rules requiring disclosure within four days, is expected to impact the company's operations during the holiday season.
The most extensive breach affected Mr. Cooper, impacting 14.7 million current and former customers. This "cyber breach" compromised sensitive personal information, including names, addresses, Social Security numbers, birth dates, and bank account details. The company has taken measures to contain the incident and is monitoring the dark web for any misuse of the stolen data.
These incidents highlight the growing threat of cyberattacks in various sectors, particularly financial institutions.
