Security News
A recent cyberattack on Hoya Corporation was conducted by the 'Hunters International' ransomware operation, which demanded a $10 million ransom for a file decryptor and not to release files stolen during the attack. As first reported by LeMagIT, Hunters International demanded a $10 million ransom not to release an alleged 1.7 million stolen files, amounting to 2 TB of data.
CISA has issued a new emergency directive ordering U.S. federal agencies to address risks resulting from the breach of multiple Microsoft corporate email accounts by the Russian APT29 hacking group. CISA says Russian Foreign Intelligence Service operatives now use information stolen from Microsoft's corporate email systems, including the authentication details shared between Microsoft and its customers by email, to gain access to certain customer systems.
An almost 6-year-old vulnerability in the Lighttpd web server used in Baseboard Management Controllers has been overlooked by many device vendors, including Intel and Lenovo. Although the vulnerability was addressed in August 2018, the maintainers of Lighthttpd patched it silently in version 1.4.51 without assigning a tracking ID. This led the developers of AMI MegaRAC BMC to miss the fix and fail to integrate it into the product.
Digital information is generally the lifeblood of any given organization, containing essential company data needed to run the business. Paperless offices have become the norm across industries and remote work depends on the ability to share electronic information for communication, announcements and collaboration.
Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.
The U.S. Cybersecurity and Infrastructure Security Agency is investigating the recent breach of data analytics company Sisense, an incident that also impacted critical infrastructure organizations. Today, CISA says the incident also affects critical infrastructure sector organizations in the United States, with the agency now working with partners in the private sector to assess its impact.
The U.S. Cybersecurity and Infrastructure Security Agency is investigating the recent breach of data analytics company Sisense, an incident that also impacted critical infrastructure organizations. Today, CISA says the incident also affects critical infrastructure sector organizations in the United States, with the agency now working with partners in the private sector to assess its impact.
Business intelligence / data analytics software vendor Sisense has apparently suffered a data breach that spurred the company and the US Cybersecurity and Infrastructure Security Agency to push the company's customers to "Reset credentials and secrets potentially exposed to, or used to access, Sisense services." Details about the security incident are still being kept under wraps by Sisense.
Apple has been notifying iPhone users in 92 countries about a "Mercenary spyware attack" attempting to remotely compromise their device. "Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID -xxx-," reads the notification.
Because modern employees can easily adopt new cloud and SaaS applications whenever and wherever they want, the old IT offboarding playbook of "Disable AD account, forward email, recover and wipe device, and call it a day" is no longer enough. This will make the account inaccessible to everyone, even admins, which could interfere with your ability to complete other offboarding tasks like transferring files and data.