Security News
Indian Railways has revealed it has suffered "a number of incidents... regarding breaches in various IT applications" and appears to have blamed some of them on sloppy infosec practices among staff working from home due to the COVID-19 pandemic. The organisation's document [PDF] announcing the cyber-transgressions says "a majority of these are application related," but doesn't explain what applications were affected nor the extent of the intrusions.
The attacks occurred in mid-December 2020 and involved the Clop ransomware gang and the FIN11 threat group. After we reported on the Singtel breach earlier this month, the Clop gang contacted us and stated that they stole 73 GB of data as part of their attack.
The attacks occurred in mid-December 2020 and involved the Clop ransomware gang and the FIN11 threat group. After we reported on the Singtel breach earlier this month, the Clop gang contacted us and stated that they stole 73 GB of data as part of their attack.
A ransomware attack against the widely used payment processor ATFS has sparked data breach notifications from numerous cities and agencies within California and Washington. Due to the large amount of potential data allegedly stolen by the Cuba Ransomware operation, cities utilizing AFTS as their payment processor or address verification service have begun disclosing potential data breaches.
In 2020, there were 599 healthcare breaches that collectively affected over 26 million individuals. Bitglass' report takes an in-depth look at the breaches that healthcare organizations faced, comparing them to previous years and revealing key trends and cybersecurity challenges facing the industry.
Analyzing data from the U.S. Department of Health and Human Services, threat protection company Bitglass found that the count of healthcare breaches reported in 2020 increased to 599, a jump of more than 50% compared to the previous year. Most of the breaches were caused by hacking and IT incidents, which exposed data from 24.1 million individuals, making them vulnerable to identity theft and phishing attacks.
Singtel and the QIMR Berghofer Medical Research Institute are the latest companies to disclose data breaches caused by a vulnerability in the Accellion FTA secure file transfer software. As Accellion FTA service is used by numerous government agencies, educational institutions, and companies, we have begun to see a wide-scale impact as companies report related data breaches.
Sonrai Security announced significant new functionality designed to automate prevention of data breaches in public cloud deployments for its Sonrai Dig platform. Supporting leading public cloud databases in combination with advanced behavioral modeling and automated blocking, the newly enhanced service helps ensure critical corporate data is secure wherever it resides in cloud environments.
Image: USCG. The U.S. Coast Guard has ordered MTSA-regulated facilities and vessels using SolarWinds software for critical functions to report security breaches in case of suspicions of being affected by the SolarWinds supply-chain attack. "Reporting malicious cyber activity enhances maritime domain awareness and allows us all to be better postured to prevent and respond to cyber incidents that could disrupt commerce or jeopardize national security."
These installers-such as Python Package Index for Python or npm and the npm registry for Node-are usually tied to public code repositories where anyone can freely upload code packages for others to use, Birsan noted. Birsan decided to answer this question last summer while attempting to hack PayPal with another ethical hacker, Justin Gardner, who shared with him "An interesting bit of Node.js source code found on GitHub," Birsan said.