October 22nd, 2021 by Admin
Beijing-backed hackers caused a crisis after hacking Exchange email servers this year with flaws Microsoft didn’t know about, but Microsoft says Russian hackers are far more prolific than those from China, or any other nation.
“During the past year, 58% of all cyberattacks observed by Microsoft from nation-states have come from Russia,” Tom Burt, Microsoft corporate vice president said in a blogpost detailing government-backed hacking over the past year.
[ Source : ZDNet ]
October 22nd, 2021 by Admin
Risk resulting from a cybersecurity event affects the entire organization. “As such, the cyber workforce—those responsible for preventing and responding to an attack—are no longer limited to just ‘the geeks in the basement,'” said James Hadley, CEO and founder of Immersive Labs, in an email exchange. “Until we prioritize cyber skills and education for the workforce at large, the threat landscape will continue to outpace us.”
To be more precise, cyberattacks can have a financial, reputational, regulatory, legal and technical impact. “This goes far beyond making sure employees don’t click on a phishing email,” Hadley added. “When cyber risk is all-pervasive, the skills that go towards protection and response must be equally as extensive.”
[ Source : TechRepublic ]
October 22nd, 2021 by Admin
INDIANAPOLIS — Eskenazi Health said Friday that a cyberattack on Aug. 4 resulted in the personal information of patients and employees to show up on a portion of the Internet known as the dark web.
Eskenazi Health has determined that medical, financial, and demographic information of certain individuals was obtained and posted on the dark web. The information impacted may include name, date of birth, age, address, telephone number, email addresses, medical record number, patient account number, diagnosis, clinical information, physician name, insurance information, prescriptions, date(s) of service, driver’s license number, passport number, face photos, Social Security number, and credit card information.
[ Source : wthr.com ]
October 22nd, 2021 by Admin
More than 6,000 Coinbase users had funds stolen from their accounts after hackers used a vulnerability in Coinbase’s SMS-based two-factor authentication system to breach accounts.
The intrusions took place earlier this year, between March and May, the exchange said in a data breach notification letter it has filed with US state attorney general offices.
“The third party took advantage of a flaw in Coinbase’s SMS Account Recovery process in order to receive an SMS two-factor authentication token and gain access to your account,” Coinbase said.
[Source : therecord ]
October 1st, 2021 by Admin
A suspected state-sponsored hacking group has attempted to breach the network of the Port of Houston, one of the largest port authorities in the US, using a zero-day vulnerability in a Zoho user authentication appliance, CISA officials said in a Senate hearing today. Port officials said they successfully defended the attack, and “no operational data or systems were impacted as a result” of the attempted intrusion.
The investigation into the attack resulted in CISA, the FBI, and the Coast Guard sending a joint advisory on September 16 warning US organizations about attacks carried out by a nation-state hacking group using the Zoho zero-day. According to Matt Dahl, Principal Intelligence Analyst at security firm CrowdStrike, the zero-day had been used in attacks since late August.
[Source : therecord ]