 A shipbuilding U.S. Navy contractor named Fincantieri Marine Group has been hit by a cyberattack. The company is the world's sixth-largest shipbuilder and the largest in Europe. More: - The attack targeted the company's email server and network infrastructure, enabling the threat actor to shut down the company's manufacturing machines.
- Once it tracked the attack, the company's cybersecurity team isolated the affected systems and reported the incident to law authorities.
- The company, a subsidiary of Italy-based Fincantieri Spa, claims that it has no evidence that employees' personal information was affected.
- While the cyberattack has been tracked, the threat actor responsible for this breach is unknown.
- Founded in 1959, Fincantieri specializes in commercial and military ships.
- The company is considered the sixth-largest shipbuilding company in the world and the largest in Europe.
- It currently employs over 20,000 people and has over $5B in revenue.
Zoom Out: - Recently, U.K. security agencies warned that Russian-backed could launch attacks on critical national infrastructure.
| |
Hackers are using a recently tracked WordPress flaw to breach thousands of websites. The flaw has been active for the last 11 years. More: - The malware, which is programmed in PHP, is spread via an infected plugin.
- The number of websites that had downloaded the plugin reached 6,988 by March 30, 2023, while it has been downloaded over 23,110 times in the last week alone.
- Researchers stated that they've detected over 6,000 instances of this backdoor on compromised websites in the last six months, describing the pattern of inserting the malware directly into the database.
Zoom Out: - Only a few weeks ago, a security flaw enabled hackers to infect over 1 million WordPress websites.
- According to researchers, at least 13,000 WordPress websites are hacked every day.
| |
 A message from BRILLIANT AI won’t take your job. Someone using AI will. Will a robot be sitting at your desk tomorrow? Probably not. But the person competing for your next job will probably know the concepts behind AI — and how to put them to work. Luckily, there’s Brilliant. More: - Brilliant is the best way to level up on cutting-edge technology like AI, neural networks, and more.
- With Brilliant, you can master and practice concepts in just 15 minutes a day.
- Forget spending hours watching videos or dropping thousands on a course. Brilliant was built for modern learners who want to quickly build skills they can put to work.
- They have thousands of quick, visual, hands-on lessons you can dip into anytime, anywhere.
Zoom out: Try for free
| |
Yellow Pages Canada has confirmed that it has been hacked. The Black Basta ransomware group has taken credit for the attack. More: - The ransomware group has stolen data such as:
- passports,
- driver licenses,
- Tax documents,
- Social Insurance Number,
- Sales and purchase agreements,
- financial information, etc.
- According to researchers, the cyber attack occurred on or after March 15, 2023.
- As soon as the company became aware of the attack, it immediately commenced a thorough investigation into this issue with the assistance of external cyber security experts to contain the incident.
Zoom Out: - Last year, Black Basta hacked Canadian food retail giant Sobeys. The breach shut down the company's point-of-sale infrastructure, rendering it unable to complete transactions.
| |
Hackers are using Google Ads to spread the Bumblebee malware. The malware campaign disguises itself as Zoom, ChatGPT, Cisco AnyConnect, etc. More: - The malware is believed to be a new variant of BazarLoader, a backdoor previously used by Conti.
- The BumbleBee malware is installed through a trojanized MSI installer that is promoted on a fake landing page.
- Once executed, the user’s computer receives a disguised PowerShell script and a legitimate program installer.
- The genuine installer then installs the application on the device inconspicuously while the PowerScrip script deploys BumbleBee malware.
- To inject malware into memory, Bumblebee uses the same post-exploitation framework module, enabling it to evade the existing antivirus products without raising any security alarm.
- Researchers have recommended that users:
- Only download software installers and updates from known, official, and trusted websites.
- Ensure that computer users are not allowed to install software and run scripts. To prevent the execution of malware, security tools like AppLocker must be used and enabled.
- Make sure to use a reputed antivirus solution.
- Ensure regular backups of their data.
| |
Outsourcing company Capita has admitted that it's been hit with a cyberattack that led to a data breach. The attack affected 4% of the company's server capacity. More: - It is believed that the hacker group stole data such as:
- customer information,
- supplier information,
- and company employee data.
- On March 31, 2023, Capita disclosed an IT issue that impacted its services. Three days later, the company announced that the outage was caused by a cyberattack that prevented access to its internal Microsoft Office 365 applications.
- At the time, Capita did not provide many details about the nature of the cyberattack.
- According to the company statement, the initial breach occurred on March 22, 2023, and was not stopped until March 31.
- On April 17, 2023, the Black Basta ransomware gang claimed on its portal that it had breached and threatened to sell stolen data unless the company pays a ransom.
- Black Basta posted data such as:
- personal bank account details,
- physical addresses,
- passports, etc.
.Zoom Out: - The Black Basta ransomware group was first tracked in 2022. Believed to be based in Russia, the group breached over 20 victims in just two weeks.
- Most of its targets are large manufacturing and healthcare organizations that have over $100M in revenue and are located in the U.S., Canada, New Zealand, and Australia.
- Researchers have also speculated that the group may be a branch of the Conti ransomware group.
| |
Fiverity has raised a $4M Seed round to provide anti-fraud software for financial institutions. The company is based in Boston. More: - Through its product, the company aims to help businesses identify:
- credit card fraud,
- account opening fraud,
- loan application fraud, etc.
- Mendon Venture Partners led the funding round, with participation from FinCapital, Mendoza Ventures, Service Provider Capital, and Grasshopper Bank.
- With this investment, FiVerity will expand its network of information providers and data while introducing advanced machine-learning algorithms.
- Since its inception in 2017, the company has raised $6M.
Zoom Out: - According to reports, 91% of company executives said that fraud rates have increased at their organization year-over-year.
| |
Quick Hits: - Looking to excel with Google Cloud? The Google Cloud Cookbook offers step-by-step tutorials for practical, hands-on learning.*
- Hackers have created 3,000 fake Facebook profiles through which they are trying to steal passwords. The hacking campaign is being deployed in 20 languages.
- VMware has patched a vRealize Log Insight flaw that allows hackers to gain privileges remotely.
- A recent cyberattack that targeted 3CX also breached energy firms and two financial traders.
- Threat actors are marketing an info stealer malware named EvilExtractor. The info stealer is being marketed as educational software.
- Brilliant’s bite-sized interactive lessons make it easy (but not too easy) to sharpen your math, data, and CS skills. Try it free for 30 days.*
*This is sponsored content.
| |
Upcoming events at Inside: - April 24 - Inside Marketing Coffee Break w/Jacob Bowman (Paloma Studios) (Register Here)
- April 27 - Inside.com Book Club - REWORK by 37signals (Register Here)
| |
 |  | Arbër is an Inside writer who also has experience in entrepreneurship. He has experience covering Consumer Tech, Venture Capital, NFTs, Crypto, etc. Arbër holds a Bachelor's degree in Business from XAMK University in Finland. When he is not reading(and writing) business news, he chooses to watch sports or anime...and then read news about sports or anime. |   | | Editor | Aaron Crutchfield is based in the high desert of California. Over the last two decades, he has spent time writing and editing at various local newspapers and defense contractors in California. When he's not working, he can often be found looking at the latest memes with his kids or working on his 1962 and 1972 Fords. | |
| |
