breaches – Page 2 – WindowsTechs.com

State Department sounds alarm over Red Cross breach

Posted on February 3, 2022 by Tim Starks

The U.S. State Department said the hack of the International Committee of the Red Cross last month was a “dangerous development” that has harmed the organization’s family re-unification mission. The commentary from Foggy Bottom comes in response to a Jan. 19 announcement from the Red Cross that a cyberattack compromised personal data for more than half a million people from at least 60 Red Cross and associated Red Crescent national organizations across the globe. “Targeting the Red Cross and Red Crescent Movement’s sensitive and confidential data is a dangerous development,” said Ned Price, a spokesman for the State Department. “It has real consequences: this cyber incident has harmed the global humanitarian network’s ability to locate missing people and reconnect families. This is why it is so vital that humanitarian data be respected and only used for intended purposes.” Price also called on other nations to join the State Department and […]

The post State Department sounds alarm over Red Cross breach appeared first on CyberScoop.

Continue reading State Department sounds alarm over Red Cross breach→

Excellent Write-up of the SolarWinds Security Breach

Posted on August 30, 2021 by Bruce Schneier

Robert Chesney wrote up the Solar Winds story as a case study, and it’s a really good summary.
Continue reading Excellent Write-up of the SolarWinds Security Breach→

Details of the Recent T-Mobile Breach

Posted on August 27, 2021 by Bruce Schneier

Seems that 47 million customers were affected. Surprising no one, T-Mobile had awful security.
I’ve lost count of how many times T-Mobile has been hacked.
Continue reading Details of the Recent T-Mobile Breach→

Bitglass Security Spotlight: Ransomware Developments, Additional SolarWinds Victims, and More Data Breaches

Posted on August 5, 2021 by Jeff Birnbaum

Here are the top security stories from recent weeks:

Kaseya Obtains Master Decryption Key for REvil Ransomware
DarkSide Ransomware Gang Rebrands as BlackMatter
DOJ Says Email Accounts of 27 U.S. Attorneys’ Offices Were Breached During SolarWinds Ha… Continue reading Bitglass Security Spotlight: Ransomware Developments, Additional SolarWinds Victims, and More Data Breaches→

SolarWinds CEO reveals much earlier hack timeline, regrets company blaming intern

Posted on May 19, 2021 by Tim Starks

SolarWinds saw signs of hackers invading their networks as early as January of 2019, about eight months earlier than the previously publicly disclosed timeline for the sweeping cyber-espionage campaign, and nearly two years before anyone discovered the breach. SolarWinds CEO Sudhakar Ramakrishna said in an appearance at the 2021 RSA Conference that while the federal contractor had once estimated the hackers’ first suspicious activity at around September or October of 2019, the company has “recently” learned that the attackers may have in fact “been in our environment” much earlier. “As we look back, they were doing very early [reconnaissance] activities in January of 2019,” he said. Ramakrishna’s revelation provides a deeper understanding yet of the stealthy nature of what U.S. government officials and cybersecurity firms have labeled an incredibly sophisticated attack, even by the standards of the alleged Russian government-connected hackers behind the effort. By leveraging seemingly trustworthy updates of SolarWinds […]

The post SolarWinds CEO reveals much earlier hack timeline, regrets company blaming intern appeared first on CyberScoop.

Continue reading SolarWinds CEO reveals much earlier hack timeline, regrets company blaming intern→

Cybersecurity Executive Order: Can automation fix the nation’s misconfiguration problem?

Posted on May 15, 2021 by Andrew Plato

President Joe Biden signed and released an Executive Order (EO) from the White House on May 12th, addressing his plan to improve the nation’s cybersecurity and protect federal government networks. This order comes on the heels of the Colonial Pipeline … Continue reading Cybersecurity Executive Order: Can automation fix the nation’s misconfiguration problem?→

Wine scams spiked during COVID-19 lockdown

Posted on April 7, 2021 by Tim Starks

Absolute monsters. Wine-themed domain registrations rose once COVID-19 lockdowns took hold, some of them malicious and used in phishing campaigns, Recorded Future and Area 1 Security said in a joint report out Wednesday. “As the interest in virtual happy hours and get-togethers increased so did the increase in wine-themed domain registrations,” the report states. Amid the COVID outbreak, alcohol has proven itself a target for hackers — but it hasn’t been clear before that scammers were trying to exploit people who were staying home and imbibing more. Alcohol delivery service Drizly, for instance, suffered a breach in July, while ransomware hit liquor and wine maker Brown-Forman around the same time. Recorded Future observed a mild jump in wine domain registrations in March of 2020, from the usual 3,000 to 4,000 per month up to nearly 5,500. April saw a bigger leap, to almost 7,200, and the numbers took off in […]

The post Wine scams spiked during COVID-19 lockdown appeared first on CyberScoop.

Continue reading Wine scams spiked during COVID-19 lockdown→

Top insurer CNA disconnects systems after cyberattack

Posted on March 24, 2021 by Tim Starks

CNA, one of the U.S.’s top providers of cybersecurity insurance, is struggling with a cyberattack that prompted it to disconnect its systems from its network. Its website hasn’t been working for the last couple days, and at press time displayed the message, “The attack caused a network disruption and impacted certain CNA systems, including corporate email.” The Chicago-based firm reported more than $10 billion in revenue in 2020, and is in the top 15 U.S. property and casualty insurers and top 10 U.S. providers of cyber insurance, according to recent measurements. If the attack proves to include policyholder data, a cyber insurance industry expert warned, it could enable particularly devastating further incidents that hackers could use as leverage in extortion attempts. If that’s the case, CNA said, it will keep customers updated. The company said it discovered the intrusion on March 21, adding that it is working with forensics experts […]

The post Top insurer CNA disconnects systems after cyberattack appeared first on CyberScoop.

Continue reading Top insurer CNA disconnects systems after cyberattack→

Twitter hacker pleads guilty, sentenced to 3 years

Posted on March 16, 2021 by Sean Lyngaas

A Florida teenager has admitted to orchestrating the hijacking of celebrity Twitter accounts last year as part of a plea deal that will see him serve three years in a juvenile facility, prosecutors said Tuesday. Graham Ivan Clark, 18, admitted to being behind a scheme that saw him steal more than $117,000 by taking over the Twitter accounts of numerous public figures and then blasted out tweets promoting cryptocurrency, according to prosecutors in Hillsborough County, Fla. More than 100 high profile people, from Microsoft founder Bill Gates to former president Barack Obama, had their accounts targeted in an incident that exposed glaring vulnerabilities in Twitter’s security protocols. Clark was 17 when he was arrested, and prosecutors touted the plea deal as a chance for him to mend his ways. The agreement includes three years of supervised release. Clark pleaded guilty to obtaining unauthorized access to a computer, and to numerous counts […]

The post Twitter hacker pleads guilty, sentenced to 3 years appeared first on CyberScoop.

Continue reading Twitter hacker pleads guilty, sentenced to 3 years→

Molson Coors says cyberattack disrupted beer brewing

Posted on March 11, 2021 by Tim Starks

Molson Coors confirmed in a regulatory filing on Thursday that it suffered a cyberattack that disrupted its beer production, and it may not be out of the woods yet. “Although the Company is actively managing this cybersecurity incident, it has caused and may continue to cause a delay or disruption to parts of the Company’s business, including its brewery operations, production, and shipments,” the company said in a Securities and Exchange Commission disclosure. The SEC filing also said that Molson Coors had contacted “leading forensic information technology firms and legal counsel” and was “working around the clock” to restore full operations. The company reported net sales of nearly $12 billion in 2020, and is one of the largest beer brewers in the U.S. The company was remarkably vague. It didn’t say what kind of attack, where it happened, which systems were affected or when it began. Local media near a […]

The post Molson Coors says cyberattack disrupted beer brewing appeared first on CyberScoop.

Continue reading Molson Coors says cyberattack disrupted beer brewing→