Security News

Infosys subsidiary named as source of Bank of America data leak
2024-02-13 05:28

Indian tech services giant Infosys has been named as the source of a data leak suffered by the Bank of America. Infosys disclosed the breach in a November 3, 2023, filing [PDF] that revealed its US subsidiary Infosys McCamish Systems LLC "Has become aware of a cyber security incident resulting in non-availability of certain applications and systems in IMS.".

Bank of America warns customers of data breach after vendor hack
2024-02-12 23:32

Bank of America is warning customers of a data breach exposing their personal information after one of its service providers was hacked last year.While Bank of America has yet to disclose how many customers were impacted by the data breach, Infosys McCamish Systems, the vendor that had its systems compromised, revealed in a recent filing with the Attorney General of Maine that 57,028 had their data exposed in the incident.

US shorts China's Volt Typhoon crew targeting America's criticals
2024-01-30 18:15

The US Justice Department and FBI may have scored a win over Chinese state-sponsored snoops trying to break into American critical infrastructure. Law enforcement obtained a court order granting them permission to "Remotely disable aspects of the Chinese hacking campaign."

Water services giant Veolia North America hit by ransomware attack
2024-01-23 21:52

Veolia North America, a subsidiary of transnational conglomerate Veolia, disclosed a ransomware attack that impacted systems part of its Municipal Water division and disrupted its bill payment systems. The attack hasn't disrupted Veolia's water treatment operations or wastewater services.

Future of America's Cyber Safety Review Board hangs in balance amid calls for rethink
2024-01-18 18:30

As the US mulls legislation that would see the Cyber Safety Review Board become a permanent fixture in the government's cyber defense armory, experts are calling for substantial changes in the way it's organized. All three senior industry figures in attendance agreed that a greater degree of independence was required to ensure the reports produced by the board were as richly detailed as possible, answering the questions that those in the private sector typically haven't in the past.

Zimbra users in Europe, Latin America face phishing threat
2023-08-18 07:57

ESET researchers have uncovered a mass-spreading phishing campaign aimed at collecting Zimbra account users' credentials. Zimbra Collaboration is an open-core collaborative software platform, a popular alternative to enterprise email solutions.

Florida man accused of hoarding America's secrets faces fresh charges
2023-07-29 00:59

Federal prosecutors have expanded their criminal case against a famous Floridian and his loyal minions for allegedly mishandling national security secrets and not being forthright about the storage and handling of hundreds of classified documents. The charges include: attempting to destroy evidence; attempting to induce others to destroy evidence; and a further Espionage Act violation related to the unlawful retention of a top secret document about Iran.

Outlook for the web outage impacts users across America
2023-06-27 14:19

Microsoft is investigating an ongoing issue preventing some customers from accessing their Exchange Online mailbox through Outlook on the web. While Microsoft says this outage only impacts the North American region, user reports show that the issue might also affect users in South America.

Zero-day MOVEit Transfer vulnerability exploited in the wild, heavily targeting North America
2023-06-06 12:48

MOVEit is managed file transfer software from Progress, an application development and digital experience technologies provider. Aspx is the native file used by MOVEit Transfer for its web interface.

New Botnet Malware 'Horabot' Targets Spanish-Speaking Users in Latin America
2023-06-02 12:03

Spanish-speaking users in Latin America have been at the receiving end of a new botnet malware dubbed Horabot since at least November 2020. "Horabot enables the threat actor to control the victim's Outlook mailbox, exfiltrate contacts' email addresses, and send phishing emails with malicious HTML attachments to all addresses in the victim's mailbox," Cisco Talos researcher Chetan Raghuprasad said.