The Straits Times reports: Another South Korean government-run online service suffered an outage on Nov 24, marking the fourth such failure within the past week. A website and mobile applications providing online ID services went down, according to the Ministry of the Interior and Safety. The breakdown in the government’s e-ID service on Nov 24 […]
Americans who hoped to close on home sales this week may have had their hopes dashed by an attack on Fidelity National Financial. The Register reports: Fortune 500 insurance biz Fidelity National Financial (FNF) has confirmed that it has fallen victim to a “cybersecurity incident.” The announcement came in the form of an 8-K filing […]
All too often, attempts at responsible disclosure are ignored or otherwise fail to get data locked down. When those who discover data leaks repeatedly try to get data owners to secure their data but are ignored, they may decide to reveal the leak publicly even though the data are still unsecured. Today’s example is brought […]
Seen on Back End News: Retail organizations faced a growing threat from ransomware attacks, with fewer managing to stop the encryption of their data. Sophos, a cybersecurity leader, revealed that only a quarter of retailers prevented data encryption during attacks in the last year, marking a decline from previous years. This trend indicated a struggle […]
GB Hackers provides one of this week’s examples of the insider threat: The sequence of events sounds like it was taken straight from a movie script. Five software programmers were working late into the night, chatting on their phones while they worked. During the wee hours of October 9, between 1:00 am and 4:00 am, […]
CyberScoop reports: A cybercrime group that has engaged in politically motivated attacks breached a human resources application belonging to Idaho National Laboratory, claiming in a post to Telegram on Sunday that it had obtained detailed information on employees working at the nuclear research lab. The hacking group SiegedSec said it had accessed “hundreds of thousands of user, […]
Earlier today, CISA issued an advisory: StopRansomware: LockBit 3.0 Ransomware Affiliates Exploit CVE 2023-4966 Citrix Bleed Vulnerability. The advisory includes TTPs and IOCs obtained from FBI, ACSC, and voluntarily shared by Boeing following its recent attack by LockBit that resulted in their data being leaked. Boeing observed LockBit 3.0 affiliates exploiting CVE-2023-4966, to obtain initial […]
Bleeping Computer reports: The Canadian government says two of its contractors have been hacked, exposing sensitive information belonging to an undisclosed number of government employees. These breaches occurred last month and impacted Brookfield Global Relocation Services (BGRS) and SIRVA Worldwide Relocation & Moving Services, both providers of relocation services to Canadian government employees. Government-related information stored […]
Bleeping Computer reports: The former chief operating officer of a cybersecurity company has pleaded guilty to hacking two hospitals, part of the Gwinnett Medical Center (GMC), in June 2021 to boost his company’s business. Vikas Singla, who worked for Securolytics, a network security company that provided services to the healthcare industry, pleaded guilty to hacking […]
The420 reports: A lethal cyber attack has rocked the revered British Library, leaving its IT systems crippled for weeks. The brazen ransomware gang, known as the Rhysida group, has claimed responsibility for the attack, demanding a hefty sum of 20 Bitcoin, equivalent to approximately £602,500, for the return of stolen sensitive data, including employee passport […]
