16 matches found
Serious F5 Breach
This is bad: F5, a Seattle-based maker of networking software, disclosed the breach on Wednesday. F5 said a "sophisticated" threat group working for an undisclosed nation-state government had surreptitiously and persistently dwelled in its network over a "long-term." Security researchers who have...
Why the F5 Hack Created an ‘Imminent Threat’ for Thousands of Networks
Networking software company F5 disclosed a long-term breach of its systems this week. The fallout could be severe...
CVE-2023-34362: MOVEit Vulnerability Timeline of Events
The following article was written by Drew Burton and Cynthia Wyre. Rapid7 continues to track the impact of CVE-2023-34362, a critical zero-day vulnerability in Progress Software’s MOVEit Transfer solution. CVE-2023-34362 allows for SQL injection, which can result in unauthorized access to sensiti...
How 1-Time Passcodes Became a Corporate Liability
Phishers are enjoying remarkable success using text messages to steal remote access credentials and one-time passcodes from employees at some of the worlds largest technology companies and customer support firms. A recent spate of SMS phishing attacks from one cybercriminal group has spawned a...
Colonial Pipeline attack expected to trigger imminent hardening of cybersecurity rules for federal agencies
UPDATE 04:23 pm Pacific Time, May 12: On Wednesday, President Joe Biden signed an Executive Order that broadly directs the Commerce Department to create cybersecurity standards for companies that sell software to the federal government. The Order comes in the immediate aftermath of a ransomware...
Mazafaka — Elite Hacking and Cybercrime Forum — Got Hacked!
In what's a case of hackers getting hacked, a prominent underground online criminal forum by the name of Maza has been compromised by unknown attackers, making it the fourth forum to have been breached since the start of the year. The intrusion is said to have occurred on March 3, with informatio...
Data from August Breach of Amazon Partner Juspay Dumped Online
Data from a breach that occurred five months ago involving Juspay, which handles payments for Amazon and other online retailers in India, has been dumped online, a researcher has found. Security researcher Rajshekhar Rajaharia discovered data of 35 million Indian credit-card holders from a breach...
Chris Vickery: AI Will Drive Tomorrow’s Data Breaches
From malicious hacks to accidental misconfigurations, Chris Vickery has seen it all. But as cybercriminals continue to innovate, Vickery, the director of risk research with UpGuard, said one emerging security threat will “blindside” the world: “fakeable” voices. More bad actors using artificial...
NTT Communications Data Breach Affects Customers, Threatens Supply Chain
Japan-based systems integrator NTT Communications has disclosed a recent data breach that it said impacted hundreds of customers. The total affected comes to as many as 621 customers, the company said, but security experts worry about the impacts of the data breach due to the company’s positionin...
Forever 21 Confirms Security Breach Exposed Customer Credit Card Details
First notified in November of a data breach incident, popular clothing retailer Forever 21 has now confirmed that hackers stole credit card information from its stores throughout the country for several months during 2017. Although the company did not yet specify the total number of its customers...
Disqus Hacked: More than 17.5 Million Users' Details Stolen in 2012 Breach
Another day, Another data breach disclosure. This time the popular commenting system has fallen victim to a massive security breach. Disqus, the company which provides a web-based comment plugin for websites and blogs, has admitted that it was breached 5 years ago in July 2012 and hackers stole...
Equifax Hackers Stole 200k Credit Card Accounts in One Fell Swoop
Visa and MasterCard are sending confidential alerts to financial institutions across the United States this week, warning them about more than 200,000 credit cards that were stolen in the epic data breach announced last week at big-three credit bureau Equifax. At first glance, the private notices...
M-Trends Asia Pacific: Organizations Must Improve at Detecting and Responding to Breaches
Since 2010, Mandiant, a FireEye company, has presented trends, statistics and case studies of some of the largest and most sophisticated cyber attacks. In February 2016, we released our annual global M-Trends® report based on data from the breaches we responded to in 2015. Now, we are releasing...
Web Hosting Service 000webhost Hacked, Information of 13 Million Leaked
Information on nearly 14 million users of 000webhost, a Lithuanian web hosting service, was spilled earlier this year when a hacker exploited an old version of the company’s website and gained access to the backend. 13.5 million customer usernames, plaintext passwords, email addresses, IP...
Linux Australia Breached by Hackers
Linux Australia, a consortium in charge of organizing Linux conferences Down Under, acknowledged over the weekend it was breached by attackers who were able to secure access to one of its servers, and with it, potential user information. In a detailed email to users on Saturday, the group’s...
Student Suspected in University Hack That Leaked Info of 654K Cornhuskers
Officials at the University of Nebraska suspect a current undergraduate student is behind a hack earlier this month that appears to have spilled the sensitive information of tens of thousands of past and present students. According to a report from the Omaha World-Herald today, Police Chief Owen...