Security News

The term "Hacker" has almost become synonymous with Russia. Russia has for decades been a breeding ground for computer experts.

Most residents of Tulsa are being prevented from paying their water bills after the city shut down its computer network as a security measure following an attempted ransomware attack, a city official said Friday. The attempted breach was stopped before any personal data was accessed, city spokesman Carson Colvin said.

In early March, Microsoft shocked businesses around the world when it issued a warning that Chinese cyber-espionage operators were chaining multiple zero-day exploits to siphon e-mail data from Microsoft Exchange servers around the world. In this exclusive session at SecurityWeek's Threat Intelligence Summit, Josh Grunzweig, Threat Intelligence Analyst at Volexity, the firm credited with discovering the original attack, will detail the original discovery of the Microsoft Exchange zero-day vulnerabilities that were exploited by targeted attackers in early 2021.

The U.S. government is hoping to obtain additional information on the 2017 hacker attack targeting the EtherDelta cryptocurrency trading platform and it has asked victims of the incident to come forward. EtherDelta was a decentralized trading platform for Ether and Ethereum-based tokens.

Personal data of an unspecified number of travelers has been compromised after a company that serves India's national carrier was hacked, Air India said. The hackers were able to access 10 years' worth of data including names, passport and credit card details from the Atlanta-based SITA Passenger Service System, Air India said in a statement Friday.

India's flag carrier airline, Air India, has disclosed a data breach affecting 4.5 million of its customers over a period stretching nearly 10 years after its Passenger Service System provider SITA fell victim to a cyber attack earlier this year. The breach involves personal data registered between Aug. 26, 2011 and Feb. 3, 2021, including details such as names, dates of birth, contact information, passport information, ticket information, Star Alliance, and Air India frequent flyer data as well as credit card data.

An investigation conducted by industrial cybersecurity firm Dragos into the recent cyberattack on the water treatment plant in Oldsmar, Florida, led to the discovery of a watering hole attack that...

An investigation conducted by industrial cybersecurity firm Dragos into the recent cyberattack on the water treatment plant in Oldsmar, Florida, led to the discovery of a watering hole attack that initially appeared to be aimed at water utilities. While investigating the incident, Dragos' threat hunters noticed that the website of a Florida water infrastructure construction company had been compromised and set up to serve as a watering hole.

More than a dozen U.S. lawmakers led by Rep. Emanuel Cleaver have reintroduced the Pipeline Security Act, whose goal is to aid the DHS's efforts to protect pipeline infrastructure against cyberattacks, terrorist attacks and other threats. The Pipeline Security Act was first introduced in 2019, but it did not receive a vote.

The massive blast radius from the Codecov supply chain attack remains shrouded in mystery as security teams continue to assess the fallout from the breach but a handful of victims are starting to publicly acknowledge possible exposure of sensitive developer secrets. The stealth software supply chain compromise of the Codecov Bash Uploader went undetected since January this year and exposed sensitive secrets like tokens, keys and credentials from organizations around the world.