McDonald's not lovin' it when hacker exposes nuggets of rotten security

Threat Score:

Theregister

14 hours ago

Part of cluster #2066

Overview

Security McDonald's not lovin' it when hacker exposes nuggets of rotten security Burger slinger gets a McRibbing, reacts by firing staffer who helped A white-hat hacker has discovered a series of critical flaws in McDonald's staff and partner portals that allowed anyone to order free food online, get admin rights to the burger slinger's marketing materials, and could allow an attacker to get a corporate email account with which to conduct a little filet-o-phishing. The hacker, who goes by “Bobda...

Continue Reading on Original Site

5 articles

At least three UK organizations hit by SharePoint zero-day hacking campaign

Therecord • 9 hours ago

At least three British organizations have reported to the country’s data protection regulator that hackers exploited bugs affecting on-premise Microsoft SharePoint servers.

Score

Stop Reacting; Start Anticipating: The Global State of Threat Intelligence

Brighttalk • 6 hours ago

Presented by Jitin Shabadu, Forrester Analyst | Jayce Nichols, Director, Intelligence Solutions, Google Threat Intelligence Group

Score

Pharmaceutical Company Inotiv Confirms Ransomware Attack

SecurityWeek • 10 hours ago

Inotiv has notified the SEC that its business operations took a hit after hackers compromised and encrypted its internal systems.

Score

Elastic Refutes Claims of Zero-Day in EDR Product

SecurityWeek • 7 hours ago

Elastic has found no evidence of a vulnerability leading to RCE after details and PoC of a Defend EDR bypass were published online.

Score

New zero-day startup offers $20 million for tools that can hack any smartphone

TechCrunch • 7 hours ago

Prices for hacking tools that allow governments to break into mobile phones keep going up, thanks to efforts by tech firms shoring up their cybersecurity.

Score

DOMAINS

Paradox.ai

ATTACK TYPES

Advanced Persistent Threat

Exploitation of Client-Side Validation

Phishing

Ransomware

Unauthorized Access

VULNERABILITIES

Authentication Bypass

DDoS

Insecure Direct Object Reference

COMPANIES

IBM

McDonald's

AGENCIES

Cybersecurity and Infrastructure Security Agency

NCSC

SECURITY VENDORS

Palo Alto Networks

RANSOMWARE

First

One

QuantumLocker

Sodinokibi

Trojan

MITRE ATT&CK

Phishing

T1070

T1071

T1190

T1203

MALWARE

WannaCryptor

PLATFORMS

Mobile Applications

INDUSTRIES

Consumer Services

Fast Food

DOMAINS

Paradox.ai

ARTICLE INFORMATION

Article #12568

Published 14 hours ago

Theregister

THREAT HUNTING

THREAT INTELLIGENCE

BUSINESS INTELLIGENCE

Save to Folder

Article Intelligence

THREAT HUNTING

THREAT INTELLIGENCE

BUSINESS INTELLIGENCE

Overview

Related Articles

At least three UK organizations hit by SharePoint zero-day hacking campaign

Stop Reacting; Start Anticipating: The Global State of Threat Intelligence

Pharmaceutical Company Inotiv Confirms Ransomware Attack

Elastic Refutes Claims of Zero-Day in EDR Product

New zero-day startup offers $20 million for tools that can hack any smartphone

Save to Folder

Article Intelligence

We use cookies

Cookie Settings

Essential Cookies

Analytics Cookies

Performance Cookies

Marketing Cookies