Danish company LEGO recently had its official website compromised on the evening of Oct. 4 to promote a cryptocurrency scam. Attackers placed an ad on the Lego website homepage that urged visitors to click a link that would "unlock secret rewards," which redirects to a third-party marketplace enabling purchases of the fraudulent LEGO token with Ethereum. The company immediately took down the banner ad. The company said no user accounts have been compromised, and customers can continue shopping as usual.

Hackers recently stole sensitive employee data from a software-as-a-service company, CreditRiskMonitor.com.  CreditRiskMonitor.com advises consumers on trade credit and provides supply chain risk monitoring.  The company said that hackers got away with an unspecified amount of data between July 9 and July 17.  The stolen files included personally identifiable information of employees and independent contractors but did not include customer data.

David Hyde of Vanderbilt University weighs in on a major cybersecurity breach targeting U.S. telecommunications firms, with potential ties to Chinese state-sponsored hackers.

US money transfer giant MoneyGram has recently confirmed to customers that their personal information (PII) may have been stolen in a data breach incident.  The firm posted a notice on its website yesterday.  The company claimed that it discovered evidence of the breach on September 27 after an "unauthorized third party" was able to access the PII of an unknown number of customers between September 20 and 22.

According to Europol, police investigators from across the globe joined forces recently in a digital operation to identify human trafficking suspects and victims.  Led by police in Germany and the Netherlands, Europol's EMPACT hackathon featuring participation from 27 countries and 76 experts came togeather over four days to investigate leads on internet-enabled trafficking.  The hackathon's focus was to identify indicators of illegal activity online, such as the misuse of "legal business structures," social networks, cryptocurrency, and gaming platforms.

Aqua Security researchers are warning of a new malware family named "perfctl" that targets Linux systems. It establishes persistent access and hijacks resources to conduct cryptocurrency mining. The perfctl malware, found to have been active for over three years, exploits more than 20,000 misconfigurations and known vulnerabilities. It uses a rootkit to hide on compromised systems, runs in the background as a service, and more. The malware's operators have used additional tools for reconnaissance, deploying proxy-jacking software, and other activities.

Qualcomm has released security patches to address a zero-day vulnerability in the Digital Signal Processor (DSP) service, which affects dozens of chipsets. Google Project Zero's Seth Jenkins and Amnesty International Security Lab's Conghui Wang reported the security flaw. It is stems from a use-after-free vulnerability that, if successfully exploited by local attackers with low privileges, can result in memory corruption.

Researchers at NSFOCUS discovered a new botnet malware family named "Gorilla," also known as "GorillaBot," which is based on leaked "Mirai" source code. Last month, NSFOCUS reported that the botnet issued over 300,000 attack commands between September 4 and 27, 2024. On average, the botnet issues 20,000 commands every day to launch Distributed Denial-of-Service (DDoS) attacks. The botnet has attacked universities, government websites, telecommunications, banks, gaming, and gambling sectors in over 100 countries. This article continues to discuss findings regarding the Gorilla botnet.