Security News

MDM vendor Mobile Guardian attacked, leading to remote wiping of 13,000 devices
2024-08-06 04:25

UK-based mobile device management vendor Mobile Guardian has admitted that on August 4 it suffered a security incident that involved unauthorized access to iOS and ChromeOS devices managed by its tools. Mobile Guardian focuses on the education sector - offering device management, web filtering, and classroom management tools.

Former IT employee gets 2.5 years for wiping 180 virtual servers
2024-06-14 15:51

A former quality assurance employee of National Computer Systems was sentenced to two years and eight months in prison for reportedly deleting 180 virtual servers after being fired. Nagaraju Kandula, 39, pleaded guilty to deleting the virtual servers in an attempt to sabotage the firm's systems out of spite for getting fired from NCS, causing damages estimated to $678,0000.

Former IT staff gets 2.5 years for wiping 180 virtual servers
2024-06-14 15:51

A former quality assurance employee of National Computer Systems was sentenced to two years and eight months in prison for reportedly deleting 180 virtual servers after being fired. Nagaraju Kandula, 39, pleaded guilty to deleting the virtual servers in an attempt to sabotage the firm's systems out of spite for getting fired from NCS, causing damages estimated to $678,0000.

Suspected Russian Data-Wiping 'AcidPour' Malware Targeting Linux x86 Devices
2024-03-19 09:59

A new variant of a data wiping malware called AcidRain has been detected in the wild that's specifically designed for targeting Linux x86 devices. The malware, dubbed AcidPour, is compiled for...

FBI disrupts Chinese botnet by wiping malware from infected routers
2024-01-31 17:43

The FBI has disrupted the KV Botnet used by Chinese Volt Typhoon state hackers to evade detection during attacks targeting U.S. critical infrastructure. Devices compromised and added to this botnet included Netgear ProSAFE, Cisco RV320s, and DrayTek Vigor routers, as well as Axis IP cameras, according to Lumen Technologies' Black Lotus Labs team, who first linked the malware to the Chinese threat group in December.

Akira ransomware attackers are wiping NAS and tape backups
2024-01-12 14:06

NCSC-FI has received 12 reports of Akira ransomware hitting Finnish organizations in 2023, and three of the attacks happened during Christmas vacations. "Of the ransomware malware cases reported to the Cybersecurity Center in December, six out of seven involved Akira family malware," they added.

Finland warns of Akira ransomware wiping NAS and tape backup devices
2024-01-11 15:01

The Finish National Cybersecurity Center is informing of increased Akira ransomware activity in December, targeting companies in the country and wiping backups. Wiping the backups amplifies the damage of the attack and allows the threat actor to put more pressure on the victim as they eliminate the option of restoring the data without paying a ransom.

Cloud engineer gets 2 years for wiping ex-employer’s code repos
2023-12-12 15:02

Miklos Daniel Brody, a cloud engineer, was sentenced to two years in prison and a restitution of $529,000 for wiping the code repositories of his former employer in retaliation for being fired by the company. First Republic Bank was a commercial bank in the U.S., employing over seven thousand people and having an annual revenue of $6.75 billion.

Atlassian Confluence data-wiping vulnerability exploited
2023-11-06 10:08

Threat actors are trying to exploit CVE-2023-22518, a critical Atlassian Confluence flaw that allows unauthenticated attackers to reset vulnerable instances' database, Greynoise is observing. "Instances accessible to the public internet, including those with user authentication, should be restricted from external network access until you can patch," Atlassian advised.

Atlassian warns of exploit for Confluence data wiping bug, get patching
2023-11-02 21:46

Atlassian warned admins that a public exploit is now available for a critical Confluence security flaw that can be used in data destruction attacks targeting Internet-exposed and unpatched instances. Tracked as CVE-2023-22518, this is an improper authorization vulnerability with a 9.1/10 severity rating affecting all versions of Confluence Data Center and Confluence Server software.