Security News

Microsoft is extending Purview Audit log retention as promised after the Chinese Storm-0558 hacking group breached dozens of Exchange and Microsoft 365 corporate and government accounts in July.The changes to audit logging retention announced today will roll out to Microsoft Purview Audit customers with Standard licenses in the coming weeks, starting with enterprise tenants this month and government customers in November.

Japanese electronics manufacturer Casio disclosed a data breach impacting customers from 149 countries after hackers gained to the servers of its ClassPad education platform. Casio detected the incident on Wednesday, October 11, following the failure of a ClassPad database within the company's development environment.

Microsoft says that the North Korean Lazarus and Andariel hacking groups are exploiting the CVE-2023-42793 flaw in TeamCity servers to deploy backdoor malware, likely to conduct software supply chain attacks. In September, TeamCity fixed a critical 9.8/10 vulnerability tracked as CVE-2023-42793 that allowed unauthenticated attackers to remotely execute code.

On October 1, word of a data breach spread after a post on a hacking forum claimed to be selling 3 million lines of customer information as well as D-View source code for a one-time $500 fee. D-Link's public disclosure confirmed it became aware of the incident on October 2 and with the help of investigators called in from Trend Micro, the company determined the actual number of stolen records to be around the 700 mark - substantially off the previously advertised total.

Taiwanese networking equipment manufacturer D-Link has confirmed a data breach that led to the exposure of what it said is "low-sensitivity and semi-public information." "The data was confirmed...

Taiwanese networking equipment manufacturer D-Link confirmed a data breach linked to information stolen from its network and put up for sale on BreachForums earlier this month. The attacker claims to have stolen source code for D-Link's D-View network management software, along with millions of entries containing personal information of customers and employees, including details on the company's CEO. The stolen data allegedly includes names, emails, addresses, phone numbers, account registration dates, and the users' last sign-in dates.

Infosec in brief The fallout from the exploitation of bugs in Progress Software's MOVEit file transfer software continues, with the US Securities and Exchange Commission now investigating the matter, and lots of affected parties seeking compensation. Per the disclosure, it received a subpoena from the SEC on October 2, in which the Commission asked for "Various documents and information relating to the MOVEit Vulnerability."

The UK's Financial Conduct Authority has fined Equifax a smidge over £11 million for severe failings that put millions of consumers at risk of financial crime.The two companies involved here are Equifax Ltd and Equifax Inc. There are key differences between the two that are important in fully understanding the case.

Shadow PC, a provider of high-end cloud computing services, is warning customers of a data breach that exposed customers' private information, as a threat actor claims to be selling the stolen data for over 500,000 customers. According to multiple tips sent to BleepingComputer yesterday from Shadow customers, the company has begun sending data breach notifications following a successful social engineering attack targeting its employees.

The BianLian extortion group claims to have stolen 210GB of data after breaching the network of Air Canada, the country's largest airline and a founding member of Star Alliance. BianLian claims to have exfiltrated technical and operational data spanning from 2008 to 2023, including details about the company's technical and security challenges, SQL backups, personal information of employees, data regarding vendors and suppliers, confidential documents, and archives from company databases.