Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Maze Ransomware gang breached the US chipmaker MaxLinear

U.S. system-on-chip maker MaxLinear disclosed a security incident, Maze ransomware operators infected some of its computing systems in May. U.S. system-on-chip maker MaxLinear is the last victim of the Maze ransomware operators, the company revealed that the systems were infected last month, but the threat actors first compromised the company on April 15. MaxLinear is […]

maxlinear

U.S. system-on-chip maker MaxLinear disclosed a security incident, Maze ransomware operators infected some of its computing systems in May.

U.S. system-on-chip maker MaxLinear is the last victim of the Maze ransomware operators, the company revealed that the systems were infected last month, but the threat actors first compromised the company on April 15.

MaxLinear is an American hardware company that provides highly integrated radio-frequency (RF) analog and mixed-signal semiconductor solutions for broadband communications applications

The company already sent a data breach notification to the impacted individuals.

“On May 24, 2020, we discovered a security incident affecting some of our systems. We immediately took all systems offline, retained third-party cybersecurity experts to aid in our investigation, contacted law enforcement, and worked to safely restore systems in a manner that protected the security of information on our systems.” reads the data breach notification. “Our investigation to-date has identified evidence of unauthorized access to our systems from approximately April 15, 2020 until May 24, 2020. Our investigation has also identified evidence of unauthorized access to files containing personal information relating to you.”

In response to the incident, the IT staff took all systems offline and retained cybersecurity experts to investigate the incident. The company reset passwords of the affected customers and reported the intrusion to law enforcement.

MaxLinear restored some of the systems using its backups, despite Maze Ransomware threatened to leak over 1TB of data allegedly stolen before encrypting the infected systems.

On June 15, the gang leaked 10.3GB of accounting and financial information as proof of the hack

Source: BleepingComputer

According to the company, exposed data include name, personal and company email address and personal mailing address, employee ID number, driver’s license number, financial account number, Social Security number, date of birth, work location, compensation and benefit information, dependent, and date of employment.

According to documents filed with the U.S. Securities and Exchange Commission (SEC), the attack did not affect shipment, order fulfillment, and production capabilities.

“We have been able to reestablish certain affected systems and equipment, and this work is on-going. Although we have incurred and will incur incremental costs as a result of forensic investigation and remediation, we do not currently expect that the incident will materially or adversely affect our operating expenses.” states the SEC filing. “We carry cybersecurity insurance, subject to applicable deductibles and policy limits. We have also engaged with the appropriate law enforcement authorities.”

Recently Maze ransomware operators hit Threadstone Advisors LLP, a US corporate advisory firm specialising in mergers ‘n’ acquisitions.

Maze ransomware operators are very active in this period, recently they have stolen data from US military contractor Westech and the ST Engineering group, and they have released credit card data stolen from the Bank of Costa Rica (BCR) threatening to leak other lots every week.

Previous victims of the ransomware gang include IT services firms Cognizant and Conduent.

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – MaxLinear, Maze ransomware)

[adrotate banner=”5″]

[adrotate banner=”13″]