Security News

MSI hit in cyberattack, warns against installing knock-off firmware
2023-04-07 23:26

Owners of MSI-brand motherboards, GPUs, notebooks, PCs, and other equipment should exercise caution when updating their device's firmware or BIOS after the manufacturer revealed it has recently suffered a cyberattack. In a statement shared on Friday, MSI urged users "To obtain firmware/BIOS updates only from its official website," and to avoid using files from other sources.

Google TAG Warns of North Korean-linked ARCHIPELAGO Cyberattacks
2023-04-05 12:19

A North Korean government-backed threat actor has been linked to attacks targeting government and military personnel, think tanks, policy makers, academics, and researchers in South Korea and the U.S. Google's Threat Analysis Group is tracking the cluster under the name ARCHIPELAGO, which it said is a subset of another threat group tracked by Mandiant under the name APT43. The tech giant said it began monitoring the group in 2012, adding it has "Observed the group target individuals with expertise in North Korea policy issues such as sanctions, human rights, and non-proliferation issues."

Capita cyberattack disrupted access to its Microsoft Office 365 apps
2023-04-03 13:20

British outsourcing services provider Capita announced today that a cyberattack on Friday prevented access to its internal Microsoft Office 365 applications. The cyber incident prompted the Capita on March 31 to announce an IT issue that impacted its internal systems.

Pakistan-Origin SideCopy Linked to New Cyberattack on India's Ministry of Defence
2023-03-28 12:31

An advanced persistent threat group that has a track record of targeting India and Afghanistan has been linked to a new phishing campaign that delivers Action RAT. According to Cyble, which attributed the operation to SideCopy, the activity cluster is designed to target the Defence Research and Development Organization, the research and development wing of India's Ministry of Defence. Known for emulating the infection chains associated with SideWinder to deliver its own malware, SideCopy is a threat group of Pakistani origin that shares overlaps with Transparent Tribe.

Even after armed with defense tools, CISOs say successful cyberattacks are ‘inevitable’: New study
2023-03-24 21:15

Tom Gillis, senior vice president for Cisco Security, said enterprises are in the midst of a strategic shift away from security through collections of individual software security tools and cloud solutions for securing assets. "For decades, new problems in security have arisen and small companies come up with innovative solutions to address these. But buying individual best-in-breed solutions from new vendors puts the burden on the customer to ingest all of these solutions and integrate them," Gillis said.

2023 Cybersecurity Maturity Report Reveals Organizational Unpreparedness for Cyberattacks
2023-03-23 10:39

CYE's new Cybersecurity Maturity Report 2023 tackles this question by shedding light on the strength of cybersecurity in different sectors, company sizes, and countries. Among countries, Norway scored the highest on overall cybersecurity maturity level, followed by Croatia and Japan.

Latitude cyberattack leads to data theft at two service providers
2023-03-16 17:32

Latitude Financial Services has disclosed a data breach after suffering a cyberattack, causing the company to shut down internal and customer-facing systems. Latitude is one of Australia's largest personal loans provider and the country's largest non-bank consumer credit lender.

Fortinet FortiOS Flaw Exploited in Targeted Cyberattacks on Government Entities
2023-03-14 06:01

Government entities and large organizations have been targeted by an unknown threat actor by exploiting a security flaw in Fortinet FortiOS software to result in data loss and OS and file corruption. The zero-day flaw in question is CVE-2022-41328, a medium security path traversal bug in FortiOS that could lead to arbitrary code execution.

British retail chain WH Smith says data stolen in cyberattack
2023-03-02 14:59

British retailer WH Smith has suffered a data breach that exposed information belonging to current and former employees. "WH Smith PLC has been the target of a cyber security incident which has resulted in illegal access to some company data, including current and former employee data," reads the company's cybersecurity notice filed with London's Stock Exchange.

Covert cyberattacks on the rise as attackers shift tactics for maximum impact
2023-03-01 05:00

Global malware volume increased 2% year-over-year, but it was jumps in IoT malware and cryptojacking that offset the decline of overall global ransomware volume, signifying a strategic shift. Threat actors have embraced slower and more stealthy approaches to achieve financially-motivated cyberattacks.