Security News

Use of machine identities is growing in state-sponsored cyberattacks
2022-09-05 06:30

66% of organizations have changed their cybersecurity strategy as a direct response to the conflict between Russia and Ukraine, while 64% suspect their organization has been either directly targeted or impacted by a nation-state cyber attack, according to Venafi. This Help Net Security video uncovers how exploiting machine identities is becoming the modus operandi for nation-state attackers.

Montenegro is the Victim of a Cyberattack
2022-09-02 13:18

A combination of ransomware and distributed denial-of-service attacks, the onslaught disrupted government services and prompted the country's electrical utility to switch to manual control. But the attack against Montenegro's infrastructure seemed more sustained and extensive, with targets including water supply systems, transportation services and online government services, among many others.

Montenegro says Russian cyberattacks threaten key state functions
2022-08-29 14:44

Members of the government in Montenegro are stating that the country is being hit with sophisticated and persistent cyberattacks that threaten the country's essential infrastructure. Targets include electricity and water supply systems, transportation services, online portals that citizens use to access various state services, and more.

Okta one-time MFA passcodes exposed in Twilio cyberattack
2022-08-28 17:15

The threat actor behind the Twilio hack used their access to steal one-time passwords delivered over SMS from customers of Okta identity and access management company. Okta provides its customers with multiple forms of authentication for services, including temporary codes delivered over SMS through Twilio.

AWS and Splunk partner for faster cyberattack response
2022-08-11 20:45

AWS and Splunk are leading an initiative aimed at creating an open standard for ingesting and analyzing data, enabling enterprise security teams to more quickly respond to cyberthreats. "Today's security leaders face an agile, determined and diverse set of threat actors," officials with cybersecurity vendor Trend Micro, one of the initial members of OCSF, wrote in a blog post.

Cisco reveals cyberattack on its corporate network
2022-08-11 19:47

A supplemental notice published by Cisco Talos, the company's threat intelligence arm, revealed greater details about the attack. Upon its investigation, Cisco Talos found that an employee's credentials were compromised after the attacker took control of a personal Google account in which the individual's credentials were stored and synchronized.

Don't be surprised if your organization suffers multiple cyberattacks
2022-08-11 16:15

Security experts spent years warning enterprises to expect cyberattacks and to plan their defenses accordingly, now Sophos researchers are saying organizations shouldn't be surprised if they get attacked multiple times. In a 23-page report [PDF] released this week, the researchers unwind the multiple factors that are fueling a rise in the number of entities hit by more than one attack.

7-Eleven stores in Denmark closed due to a cyberattack
2022-08-08 14:14

7-Eleven stores in Denmark shut down today after a cyberattack disrupted stores' payment and checkout systems throughout the country. The attack occurred early this morning, August 8th, with the company posting on Facebook that they were likely "Exposed to a hacker attack".

Cyberattacks on healthcare organizations negatively impact patient care
2022-08-08 04:00

Cynerio and the Ponemon Institute have examined the current impact of cyberattacks on healthcare facilities and network-connected IoT and medical devices, and found multiple alarming trends. The Insecurity of Connected Devices in HealthCare 2022 Report surveyed 517 experts in leadership positions at hospitals, clinics, healthcare service providers, and healthcare systems throughout the United States.

Iranian Hackers Likely Behind Disruptive Cyberattacks Against Albanian Government
2022-08-07 04:16

A threat actor working to further Iranian goals is said to have been behind a set of disruptive cyberattacks against Albanian government services in mid-July 2022. Cybersecurity firm Mandiant said the malicious activity against a NATO state represented a "Geographic expansion of Iranian disruptive cyber operations."