Collaborate Disseminate
The security community witnessed triple-digit growth in the number of publicly disclosed ransomware incidents in 2020. As noted in a previous blog post on Five Things You Need to Know About Ransomware Attacks, ransomware attacks grew 715% in H1 20… Continue reading Ransomware Trends: Six Notable Ransomware Attacks from 2021
Hackers have exposed data about employees, customers and suppliers of Bombardier, a Canadian plane manufacturer, in what appears to be the latest ripple effect from a larger security incident humming through the private sector in North America. A forensic analysis revealed that “confidential” information originating at Bombardier was stolen in a recent incident, the company said Tuesday. The Montreal-based Bombardier, which reported $16 billion in revenue in 2018, did not specify exactly what happened or when, though it did say the breach was the result of a “vulnerability affecting a third-party file-transfer application.” “The ongoing investigation indicates that the unauthorized access was limited solely to data stored on the specific servers,” the company said. “Manufacturing and customer support operations have not been impacted or interrupted.” The Bombardier news appears to be a reference to Accellion, an IT services provider victimized last year in an incident that is continuing to have […]
The post Plane-maker Bombardier discloses breach after stolen data surfaces appeared first on CyberScoop.
Continue reading Plane-maker Bombardier discloses breach after stolen data surfaces
Security investigators have identified the hacking group suspected to be behind a data breach of an IT firm that has affected a number of corporations, law firms and other organizations in recent months. Accellion, a software firm that provides file transfer services to more than 3,000 clients, on Monday said that UNC2546, a “criminal” attacker, had exploited multiple vulnerabilities in Accellion software to install malware. The group appeared to infiltrate an Accellion tool to gather information from Accellion clients, then contact victims, threatening to publish their stolen data. Mandiant, the incident response arm of the security vendor FireEye, made the determination that UNC3546 was behind the incident. The breach at Accellion, uncovered on Dec. 23, involved an attacker leveraging a zero-day vulnerability to break into the Palo Alto-based cloud company’s secure file transfer application, or FTA. “The motivation of UNC2546 was not immediately apparent, but starting in late January 2021, […]
The post FireEye IDs hacking group suspected in Accellion, Kroger breach appeared first on CyberScoop.
Continue reading FireEye IDs hacking group suspected in Accellion, Kroger breach