The Awake Security division of Arista Networks has discovered evidence linking the Hades ransomware gang to Hafnium, the state-sponsored threat actor operating from China that Microsoft says is behind the recent Exchange hacks.
Clop ransomware group has allegedly hacked the grades and social security numbers for students at the University of Colorado and patient data of the University of Miami.
Cyberinsurance firm CNA Financial was reportedly hit by a possible cyberattack. The company is one of the largest insurance providers in the U.S.
The company's website is experiencing widespread network disruptions and employee services have been down for more than three days. CNA says it was hit by a sophisticated cyberattack and has engaged a team of third-party forensic experts to investigate and determine the full scope of this incident, which is ongoing.
Another challenge is the new home office, where spouses may be working remotely, often alongside their children attending school online. Home networks lack typical protections and bifurcations of the corporate office and may be prone to attacks using lateral movement techniques. In these scenarios, after gaining initial access through an insufficiently protected device, such as a family computer, attackers move deeper into a network, searching for other devices to compromise or obtain increased privileges. This continued probing could eventually lead to the exfiltration of sensitive corporate data or high-value intellectual property.
As economic uncertainty continues alongside the ongoing pandemic, IT and Security budgets are likely to see modest - if any – growth this year. Therefore, it will fall to CIOs to focus on maximizing existing investments, getting back to the basics, and doing more with the same (or less).
There are some core principles I believe are important to keep top of mind when it comes to minimizing risk and maximizing budgets.
American arts and crafts giant Hobby Lobby has exposed a large amount of customer data, including names, phone numbers, physical and email addresses, and the last four digits of payment cards, and the source code for the company's app, according to a security researcher known as "boogeyman," who discovered the leak.
Have you considered a career as a cybersecurity professional, but weren't really sure if you had the right degree or skillset needed for success? Here, Jay Leaf-Clark, Head of IT at Dashlane, walks you through how to get started in cybersecurity.
LogMeIn, Inc. has announced that security and privacy veteran, Michael Oberlaender, has joined the company as its new Chief Information Security Officer (CISO). Oberlaender will be responsible for managing and growing LogMeIn’s security program, including infrastructure, applications, and overall data security for both internal systems and the company’s products.
There has been an significant increase in PYSA ransomware targeting education institutions in 12 U.S. states and the U.K., according to a joint Federal Bureau of Investigation (FBI) and Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) flash industry alert.
