Security News
Source Defense provides in-depth analysis of the client-side threat landscape and specific attacks like formjacking, Magecart and web browser threats. The research offers a rare window on web security sentiments for a population relying almost exclusively on websites for all manner of shopping, healthcare, financial services and other essential needs during the pandemic.
Royal Dutch Shell is the latest corporation to be attacked by the Clop ransomware gang. It attempted to downplay the impact noting that "There is no evidence of any impact to Shell's core IT systems," and the server accessed was "Isolated from the rest of Shell's digital infrastructure." But it did acknowledge that the crooks had probably grabbed "Some personal data and... data from Shell companies and some of their stakeholders."
Royal Dutch Shell is the latest corporation to be attacked by the Clop ransomware gang. It attempted to downplay the impact noting that "There is no evidence of any impact to Shell's core IT systems," and the server accessed was "Isolated from the rest of Shell's digital infrastructure." But it did acknowledge that the crooks had probably grabbed "Some personal data and... data from Shell companies and some of their stakeholders."
Royal Dutch Shell is the latest corporation to be attacked by the Clop ransomware gang. It attempted to downplay the impact noting that "There is no evidence of any impact to Shell's core IT systems," and the server accessed was "Isolated from the rest of Shell's digital infrastructure." But it did acknowledge that the crooks had probably grabbed "Some personal data and... data from Shell companies and some of their stakeholders."
Indonesian officials have asked its nation's citizens to stop leaking their own personal data on social media by sharing pictures of certificates attesting to their receipt of COVID-19 vaccinations. In a Tuesday press conference, Indonesia's COVID-19 task force spokesman Wiku Adisasmito explained that the certificates include a QR code that, when scanned, can yield personal medical data.
Bulk SMS messages sent by local councils across the UK contained weblinks leading to pages that freely exposed to the public thousands of taxpayers' names, addresses, and outstanding debts, The Register can reveal. Text messages sent by Telsolutions Ltd on behalf of a dozen local authorities contained shortlinks to webpages urging council tax defaulters to pay up - and in a dozen cases seen by The Register there was little or no authentication protecting personal data from prying eyes.
Almost 10 days after application security company F5 Networks released patches for critical vulnerabilities in its BIG-IP and BIG-IQ products, adversaries have begun opportunistically mass scanning and targeting exposed and unpatched networking devices to break into enterprise networks. News of in the wild exploitation comes on the heels of a proof-of-concept exploit code that surfaced online earlier this week by reverse-engineering the Java software patch in BIG-IP. The mass scans are said to have spiked since March 18.
An English college has temporarily closed all eight of its campuses and moved all teaching online after a "Major" ransomware attack "Disabled" its IT systems. "The College has suffered a major ransomware attack on our IT system which has disabled many of our core IT systems," the institute said in a note to students posted on its website.
Starting at approximately 3:34 PM EST, users began reporting being unable to login to their Microsoft 365 accounts, Microsoft Teams, or access other Microsoft apps. "As a result of the issues currently facing Azure AAD, we are currently experiencing problems on the Microsoft Tech Community with login and authentication. This will result in users being unable to login and users already logged in getting unexpected errors as sessions timeout," posted a Microsoft Tech Community manager.
Veracode announced the launch of the Veracode Hacker Games. The two-week collegiate competition will challenge computer science and cybersecurity student teams from eight leading universities across the U.S. and the U.K., including University of Virginia, Tufts and University of Warwick, to test their secure coding skills and give them the opportunity to win individual prizes, plus $15,000 in charitable donations for the top universities.