Security News > 2023 > March

Fintech banking platform Hatch Bank has reported a data breach after hackers stole the personal information of almost 140,000 customers from the company's Fortra GoAnywhere MFT secure file-sharing platform. As reported by TechCrunch, data breach notifications sent to impacted customers and filed with Attorney General's offices warned that hackers exploited a vulnerability in the GoAnywhere MFT software to steal the data of 139,493 customers.

The Australian Federal Police arrested a woman in Werrington, Sydney, for allegedly email bombing the office of a Federal Member of Parliament. Email bombing is an online attack where attackers bombard an email address with thousands of emails to overwhelm a recipient's inbox or mail server.

The Biden-Harris administration today released its national cybersecurity strategy that focuses on shifting the burden of defending the country's cyberspace towards software vendors and service providers. Washington's new cybersecurity defense plan also acknowledges the collaboration between public and private sectors and with international allies and partners as essential for securing the nation against cyber threats.

British retailer WH Smith has suffered a data breach that exposed information belonging to current and former employees. "WH Smith PLC has been the target of a cyber security incident which has resulted in illegal access to some company data, including current and former employee data," reads the company's cybersecurity notice filed with London's Stock Exchange.

The U.S. Cybersecurity & Infrastructure Security Agency has released 'Decider,' an open-source tool that helps defenders and security analysts quickly generate MITRE ATT&CK mapping reports.CISA recently published a "Best practices" guide about MITRE ATT&CK mapping, highlighting the importance of using the standard.

A sophisticated attack campaign dubbed SCARLETEEL is targeting containerized environments to perpetrate theft of proprietary data and software. "The attacker exploited a containerized workload and then leveraged it to perform privilege escalation into an AWS account in order to steal proprietary software and credentials," Sysdig said in a new report.

Less than a year after its online greetings card subsidiary Funky Pigeon was attacked, WH Smith has admitted someone broke into its systems. WH Smith said the attack had "Resulted" in illegal access to some company data, including on current and former employees.

One its elements points to a new trend: attackers have increasinly begun using the transfer. Redis servers are meant to be accessed only by trusted clients inside trusted environments but they are often getting exposed online - and attackers know it.

Troy Hunt is collecting examples of dumb password rules. My worst experiences are with sites that have artificial complexity requirements that cause my personal password-generation systems to fail.

Misconfigured Redis database servers are the target of a novel cryptojacking campaign that leverages a legitimate and open source command-line file transfer service to implement its attack. The attack chain commences with targeting insecure Redis deployments, followed by registering a cron job that leads to arbitrary code execution when parsed by the scheduler.