Category Archives: Incident response

Tines Bags $50 Million Funding for Security Workflow Automation

Posted on by

Irish startup Tines raises $50 million in new venture capital funding as investors make big bets on automation and orchestration startups.
The post Tines Bags $50 Million Funding for Security Workflow Automation appeared first on SecurityWeek.
Continue reading Tines Bags $50 Million Funding for Security Workflow Automation

UnitedHealth Says Patient Data Exposed in Change Healthcare Cyberattack

Posted on by

UnitedHealth confirms that personal and health information was stolen in a ransomware attack that could cost the company up to $1.6 billion.
The post UnitedHealth Says Patient Data Exposed in Change Healthcare Cyberattack appeared first on SecurityWeek.
Continue reading UnitedHealth Says Patient Data Exposed in Change Healthcare Cyberattack

MITRE breached by nation-state threat actor via Ivanti zero-days

Posted on by

MITRE has been breached by attackers via two zero-day vulnerabilities (CVE-2023-46805, CVE-2024-21887) in Ivanti’s Connect Secure VPN devices. The attackers have also managed to move laterally and compromise the company network’s VMware inf… Continue reading MITRE breached by nation-state threat actor via Ivanti zero-days

BreachRx Raises $6.5M to Revamp Incident Response Reporting Systems

Posted on by

Investors make an early-stage $6.5 million bet on BreachRx, a startup promising to shield cybersecurity executives from personal liability.
The post BreachRx Raises $6.5M to Revamp Incident Response Reporting Systems appeared first on SecurityWeek.
Continue reading BreachRx Raises $6.5M to Revamp Incident Response Reporting Systems

Cisco Duo Says Hack at Telephony Supplier Exposed MFA SMS Logs

Posted on by

Cisco Duo warns that breach exposed phone numbers, phone carriers, metadata and other logs that could lead to downstream social engineering attacks.
The post Cisco Duo Says Hack at Telephony Supplier Exposed MFA SMS Logs appeared first on SecurityWeek.
Continue reading Cisco Duo Says Hack at Telephony Supplier Exposed MFA SMS Logs

Using the LockBit builder to generate targeted ransomware

Posted on by

Kaspersky researchers revisit the leaked LockBit 3.0 builder and share insights into a real-life incident involving a custom targeted ransomware variant created with this builder. Continue reading Using the LockBit builder to generate targeted ransomware

US Government on High Alert as Russian Hackers Steal Critical Correspondence From Microsoft

Posted on by

The US government says Midnight Blizzard’s compromise of Microsoft corporate email accounts “presents a grave and unacceptable risk to federal agencies.”
The post US Government on High Alert as Russian Hackers Steal Critical Correspondence From Microso… Continue reading US Government on High Alert as Russian Hackers Steal Critical Correspondence From Microsoft

Scathing Federal Report Rips Microsoft for Shoddy Security, Insincerity in Response to Chinese Hack

Posted on by

Cyber Safety Review Board, said “a cascade of errors” by Microsoft let state-backed Chinese cyber operators break into email accounts of senior U.S. officials.
The post Scathing Federal Report Rips Microsoft for Shoddy Security, Insincerity in Response… Continue reading Scathing Federal Report Rips Microsoft for Shoddy Security, Insincerity in Response to Chinese Hack

How to design and deliver an effective cybersecurity exercise

Posted on by

Armed forces have always utilized war-gaming exercises for battlefield training to prepare for times of conflict. With today’s digital transformation, the same concept is being applied in the form of cybersecurity exercises – tests and simulations base… Continue reading How to design and deliver an effective cybersecurity exercise