Security News

Japanese game developer Capcom has suffered a ransomware attack where threat actors claim to have stolen 1TB of sensitive data from their corporate networks in the US, Japan, and Canada. Yesterday, Capcom announced that they had been hit with a cyberattack on November 2nd, 2020, that led to the halting of portions of their corporate network to prevent the attack's spread. "Beginning in the early morning hours of November 2, 2020 some of the Capcom Group networks experienced issues that affected access to certain systems, including email and file servers. The company has confirmed that this was due to unauthorized access carried out by a third party, and that it has halted some operations of its internal networks as of November 2.".

"Authorities and election officials know this is the case and have taken precautions to try to ensure a safe election. These include election infrastructure assessment and securing voting registration systems. However, given the recent hack involving Hall County, Ga., where election data was released to public for failure to pay a ransom, it really brings into question how effective the measures will be in the final stretch of the election." "If ransomware hits a county, the mail-in count will be thrown into question. Because Republicans are known to vote in person on election day and Democrats favor mail-in ballots, this is a danger."

Threatpost breaks down the scariest stories of the week ended Oct. 30 haunting the security industry -- including bugs that just won't die.

A data breach at a North Carolina community college may have affected many of its current and former students. The Greensboro News & Records reported Tuesday that Guilford Technical Community College was hit with a ransomware cyberattack in mid-September.

Index Engines announced the latest enhancements to its ransomware detection and recovery software, CyberSense, to help organizations win the war against cyberattacks. "Cyberattacks continue to evolve to be more aggressive and more stealth-like than ever before, so we've continued to improve CyberSense to tackle this refinement," said Jim McGann, Vice President at Index Engines.

Dr. Reddy's, the contractor for Russia's "Sputinik V" COVID-19 vaccine and a major generics producer, has had to close plants and isolate its data centers. COVID-19 vaccine manufacturer Dr. Reddy's Laboratories has shut down its plants in Brazil, India, Russia, the U.K. and the U.S. following a cyberattack, according to reports.

The European Union on Thursday imposed sanctions on two Russian officials and part of Russia's GRU military intelligence agency over a cyberattack against the German parliament in 2015. EU headquarters said in a statement that travel bans and asset freezes have been imposed on the two men: Igor Kostyukov, head of the Main Directorate of the General Staff of the Russian Armed Forces, and Dmitry Badin, a military intelligence officer.

Key findings Between 2015 and 2019, the number of reported cyberattacks that used machine identities grew by more than 700%, with this amount increasing by 433% between the years 2018 and 2019 alone. From 2015 to 2019, the number of vulnerabilities involving machine identities grew by 260%, increasing by 125% between 2018 and 2019.

French-headquartered IT outsourcer Sopra Steria has been struck by a "Cyberattack," reportedly linked to the Ryuk ransomware gang. The business declined to say what had happened, though French media reports indicated that Sopra Steria's Active Directory infrastructure had been compromised, seemingly by hackers linked to the Ryuk malware crowd.

The bug exists in the Citrix Application Delivery Controller and Gateway, a purpose-built networking appliance meant to improve the performance and security of applications delivered over the web. Microsoft bugs are well-represented, including the BlueKeep RCE bug in Remote Desktop Services, which is still under active attack a year after disclosure.