Latest Security News – Page 24

Microsoft Observed Nation-State Attacks Targeting 10,000 of Its Customers

Posted on July 18, 2019 by David Bisson

Microsoft has notified approximately 10,000 of its customers that they were the targets of nation-state attacks over the past year. On 17 July, Microsoft’s Corporate Vice President of Customer Security & Trust Tom Burt revealed that 84 percen… Continue reading Microsoft Observed Nation-State Attacks Targeting 10,000 of Its Customers→

Posted on July 17, 2019 by David Bisson

A crypto-ransomware attack has disrupted some services at all library locations across Onondaga County in New York State. On 16 July, the Onondaga County Public Library system published a tweet in which it explained that many of its public services wer… Continue reading Ransomware Attack Disrupts Some Services at Onondaga County Libraries→

Posted on July 16, 2019 by David Bisson

Social-planning website Evite has revealed a security incident that potentially involved unauthorized access to its systems. Evite first became aware of the security incident back in April 2019. It responded by retaining a data forensics firm to launch… Continue reading Evite Reveals Security Incident Potentially Involving Unauthorized Access→

Posted on July 12, 2019 by David Bisson

Mayors in the United States have collectively declared that they’ll no longer meet attackers’ ransom demands in connection to a digital security event. At its 87th annual meeting, the U.S. Conference of Mayors approved a resolution entitled… Continue reading Mayors Say They’ll No Longer Pay Ransoms Connected to Security Events→

Posted on July 11, 2019 by David Bisson

Magecart actors are using spray and pray tactics to discover misconfigured Amazon S3 buckets and deploy their payment card skimmers. In April 2019, RiskIQ began tracking a Magecart group campaign in which threat actors took to automatically scanning fo… Continue reading Magecart Actors Using Spray and Pray Tactics to Find Misconfigured Buckets→

Posted on July 10, 2019 by David Bisson

A malvertising campaign is redirecting users to the RIG exploit kit for the purpose of loading ERIS ransomware onto vulnerable machines. Over the 5-7 July weekend, security researcher nao_sec discovered a malvertising campaign that was abusing the popc… Continue reading Malvertising Campaign Redirects to RIG Exploit Kit, ERIS Ransomware→

Posted on July 9, 2019 by David Bisson

A security researcher found a misconfigured ElasticSearch cluster that exposed over 90 million personal and businesses data records. On 1 July, GDI Foundation member and an independent security researcher Sanyam Jain found that the unprotected ElasticS… Continue reading Misconfigured ElasticSearch Cluster Exposed Over 90 Million Records→

Posted on July 8, 2019 by David Bisson

A national trade association has disclosed a data breach that allegedly took place following a successful phishing attack. On 3 July, the American Land Title Association (ALTA) said that the security incident affected title and settlement company usern… Continue reading National Trade Association Discloses Data Breach Tied to Alleged Phishing Attack→

Posted on July 3, 2019 by David Bisson

The United States Senate has passed a bill to help strengthen the defenses of the U.S. energy grid against digital attacks. On 27 June, the Senate passed the Securing Energy Infrastructure Act. Introduced by U.S. Senators Angus King (I-Maine) and Jim R… Continue reading Senate Passes Bill to Help Defend U.S. Energy Grid against Digital Attacks→

Posted on July 2, 2019 by David Bisson

A municipality in Florida fired its IT director shortly after paying off bad actors who infected its computer systems with ransomware. Joe Helfenberg, the city manager of Lake City, confirmed to WCJB that the municipality fired Brian Hawkins, who was i… Continue reading Florida City Fires IT Director after Meeting Ransomware Actors’ Demands→