Collaborate Disseminate
21 January 2024 [UPDATED: 10:45 CET, January 21] One of Tietoevry’s several datacenters in Sweden was partially subject to a ransomware attack during the night of Jan 19-20. While overall recovery has progressed, services for the customers in scope rem… Continue reading UPDATE: Ransomware attack affecting Tietoevry’s services for some customers in Sweden
Joseph Menn reports: Microsoft said hackers working for the Russian government broke into its corporate networks two months ago and stole email from executives and some employees in its cybersecurity and legal departments. Microsoft said in a late Frid… Continue reading Microsoft says Russian government hackers stole email from its leaders
Sergiu Gatlan reports: Today, CISA ordered U.S. federal agencies to secure their systems against three recently patched Citrix NetScaler and Google Chrome zero-days actively exploited in attacks, pushing for a Citrix RCE bug to be patched within a week… Continue reading CISA pushes federal agencies to patch Citrix RCE within a week
Reuters reports: Veon, the parent company of Ukraine’s largest mobile operator Kyivstar, will take a hit of around 3.6 billion hryvnias ($95 million) in revenue in 2024 due to a massive cyberattack in December, the Dutch telecoms group estimated … Continue reading Cyberattack on Ukraine’s Kyivstar will cost parent Veon almost $100 million in sales
Sharad Natani reports: Pharmaceutical giant Alkem Laboratories confirmed Friday that a cybersecurity incident led to a fraudulent transfer of Rs 52 crore from one of its subsidiaries. While the company maintained the impact was minimal and confined to … Continue reading Pharma Giant Alkem Laboratories Faces Security Breach, Rs 52 Crores at Stake
I’ve said it before, and I’ll say it again: If you’re not subscribed to Catalin Cimpanu’s Risky Business Newsletter, you’re missing out. From the newsletter: A ransomware attack has wreaked havoc inside the network of Tig… Continue reading Ransomware wrecks Paraguay’s largest telco
Politically motivated hacks continue. Two current examples outside of the U.S.: James Pearson and Tom Balmforth report: Hackers linked to Ukraine’s main spy agency have breached computer systems at a Moscow-based internet provider in retaliation for a … Continue reading Politically motivated hacks: Moscow ISP hit in response to Kyivstar cyberattack; Taiwan bombarded with cyberattacks ahead of election
Kevin Beaumont explains: So here’s a funny story. Earlier today, I noticed Orange Spain had an outage, caused by what appeared to be a BGP hijack: […] So, how did it happen? The threat actor accessed Orange’s RIPE account. RIPE look after interne… Continue reading How 50% of telco Orange Spain’s traffic got hijacked — a weak password
Insurance Journal reports: Merck & Co. Inc. has reportedly reached a deal with insurers over a closely-watched coverage dispute related to a massive cyberattack in 2017. The New Jersey Supreme Court in July 2023 agreed to hear the case after a stat… Continue reading Merck Settles Coverage Dispute With Insurers Over War Exclusion in NotPetya Attack
As incident response and public relations go, blaming victims for your breach is generally not an impressive strategy. Michael Edgar reports that 23andMe seems to be doing exactly that: Months after the San Francisco based company experienced a data b… Continue reading 23andMe Says Breach Victims Are to Blame, Legal Action is Futile