Security News

66% of organizations have changed their cybersecurity strategy as a direct response to the conflict between Russia and Ukraine, while 64% suspect their organization has been either directly targeted or impacted by a nation-state cyber attack, according to Venafi. This Help Net Security video uncovers how exploiting machine identities is becoming the modus operandi for nation-state attackers.

A combination of ransomware and distributed denial-of-service attacks, the onslaught disrupted government services and prompted the country's electrical utility to switch to manual control. But the attack against Montenegro's infrastructure seemed more sustained and extensive, with targets including water supply systems, transportation services and online government services, among many others.

Members of the government in Montenegro are stating that the country is being hit with sophisticated and persistent cyberattacks that threaten the country's essential infrastructure. Targets include electricity and water supply systems, transportation services, online portals that citizens use to access various state services, and more.

The threat actor behind the Twilio hack used their access to steal one-time passwords delivered over SMS from customers of Okta identity and access management company. Okta provides its customers with multiple forms of authentication for services, including temporary codes delivered over SMS through Twilio.

AWS and Splunk are leading an initiative aimed at creating an open standard for ingesting and analyzing data, enabling enterprise security teams to more quickly respond to cyberthreats. "Today's security leaders face an agile, determined and diverse set of threat actors," officials with cybersecurity vendor Trend Micro, one of the initial members of OCSF, wrote in a blog post.

A supplemental notice published by Cisco Talos, the company's threat intelligence arm, revealed greater details about the attack. Upon its investigation, Cisco Talos found that an employee's credentials were compromised after the attacker took control of a personal Google account in which the individual's credentials were stored and synchronized.

Security experts spent years warning enterprises to expect cyberattacks and to plan their defenses accordingly, now Sophos researchers are saying organizations shouldn't be surprised if they get attacked multiple times. In a 23-page report [PDF] released this week, the researchers unwind the multiple factors that are fueling a rise in the number of entities hit by more than one attack.

7-Eleven stores in Denmark shut down today after a cyberattack disrupted stores' payment and checkout systems throughout the country. The attack occurred early this morning, August 8th, with the company posting on Facebook that they were likely "Exposed to a hacker attack".

Cynerio and the Ponemon Institute have examined the current impact of cyberattacks on healthcare facilities and network-connected IoT and medical devices, and found multiple alarming trends. The Insecurity of Connected Devices in HealthCare 2022 Report surveyed 517 experts in leadership positions at hospitals, clinics, healthcare service providers, and healthcare systems throughout the United States.

A threat actor working to further Iranian goals is said to have been behind a set of disruptive cyberattacks against Albanian government services in mid-July 2022. Cybersecurity firm Mandiant said the malicious activity against a NATO state represented a "Geographic expansion of Iranian disruptive cyber operations."