Security News > 2023 > July

Lawyer sees almost 1,000 complainants sign up to Capita breach class action
2023-07-21 10:38

The law firm that last month sent a Letter of Claim to Capita over the breach in late March says it has signed up nearly 1,000 clients as it prepares a class action lawsuit aimed at the outsourcing biz. The Pension's Regulator advised clients to speak to Capita to ascertain the risk.

VirusTotal apologizes for data leak affecting 5,600 customers
2023-07-21 09:35

VirusTotal apologized on Friday for leaking the information of over 5,600 customers after an employee mistakenly uploaded a CSV file containing their info to the platform last month. The data leak impacted only Premium account customers, with the uploaded file containing their names and corporate email addresses.

DDoS Botnets Hijacking Zyxel Devices to Launch Devastating Attacks
2023-07-21 09:03

Several distributed denial-of-service botnets have been observed exploiting a critical flaw in Zyxel devices that came to light in April 2023 to gain remote control of vulnerable systems. "Through the capture of exploit traffic, the attacker's IP address was identified, and it was determined that the attacks were occurring in multiple regions, including Central America, North America, East Asia, and South Asia," Fortinet FortiGuard Labs researcher Cara Lin said.

Citrix NetScaler ADC and Gateway Devices Under Attack: CISA Urges Immediate Action
2023-07-21 05:26

The U.S. Cybersecurity and Infrastructure Security Agency issued an advisory on Thursday warning that the newly disclosed critical security flaw in Citrix NetScaler Application Delivery Controller and Gateway devices is being abused to drop web shells on vulnerable systems. "In June 2023, threat actors exploited this vulnerability as a zero-day to drop a web shell on a critical infrastructure organization's non-production environment NetScaler ADC appliance," the agency said.

Attackers intensify DDoS attacks with new tactics
2023-07-21 04:30

As we entered 2023, the cybersecurity landscape witnessed an increase in sophisticated, high-volume attacks, according to Gcore. The maximum attack power rose from 600 to 800 Gbps. UDP flood attacks were most common and amounted to 52% of total attacks, while SYN flood accounted for 24%. In third place was TCP flood.

How healthcare organizations should measure their device security success
2023-07-21 04:00

In this Help Net Security video, Chris Westphal, Head of Product Marketing at Ordr, discusses how healthcare organizations should measure their device security success and where they should be...

Life sciences leaders act to counter insider-driven data loss
2023-07-21 03:30

Life sciences companies, including medical device manufacturers, biotech and pharmaceutical companies, are experiencing increasing rates of insider-driven data loss events, according to Code42. Faced with this growing threat, life sciences leaders are prioritizing modern data loss prevention strategies, which are proving effective.

CISOs are making cybersecurity a business problem
2023-07-21 03:00

U.S. enterprises are responding to growing cybersecurity threats by working to make the best use of tools and services to ensure business resilience, according to ISG. Enterprises face growing cybersecurity threats. "It was a tumultuous year for cybersecurity in the U.S.," said Doug Saylors, partner and co-lead, ISG Cybersecurity.

GitHub warns of Lazarus hackers targeting devs with malicious projects
2023-07-20 22:48

GitHub is warning of a social engineering campaign targeting the accounts of developers in the blockchain, cryptocurrency, online gambling, and cybersecurity sectors to infect their devices with malware. In a new security alert, GitHub warns that the Lazarus Group is compromising legitimate accounts or creating fake personas that pretend to be developers and recruiters on GitHub and social media.

MOVEit body count closes in on 400 orgs, 20M+ individuals
2023-07-20 21:01

As of today, the number of affected organizations is closing is on 400 and include some really big names: the US Department of Energy and other federal agencies as well as huge corporations like energy company Shell, Deutsche Bank, consulting and business services firm PwC, and retail giant TJX Companies, which confirmed to The Register on Wednesday that "Some files were downloaded by an unauthorized third party before Progress notified us of the vulnerability." As the infosec team notes, some of the companies whose MOVEit installations were breached provide services to many other organizations.