Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks

Breach Notification , Incident & Breach Response , Security Operations So Are We Supposed to Keep This Data Breach Notification Just Between Us Friends? Mathew J. Schwartz (euroinfosec) • March 26, 2021     (See update on Fat Face paying a $2 million ransom.) See Also: Live Webinar | Mitigating the Risks Associated with Remote…

A grand jury has indicted a California resident accused of stealing Shopify customer data on over a hundred merchants, TechCrunch has learned. The indictment charges Tassilo Heinrich with aggravated identity theft and conspiracy to commit wire fraud by allegedly working with two Shopify customer support agents to steal merchant and customer data from Shopify customers…

With the continuing spread of the novel coronavirus pandemic, organizations across the globe are gradually flattening their recessionary curve by leveraging technology. Many businesses will go through response, recovery, and renewal phases. As per Technavio’s pandemic-focused market research, market growth is likely to increase in 2021 as compared to 2020. This post-pandemic business planning research…

Enterprise cloud security firm Qualys has become the latest victim to join a long list of entities to have suffered a data breach after zero-day vulnerabilities in its Accellion File Transfer Appliance (FTA) server were exploited to steal sensitive business documents. As proof of access to the data, the cybercriminals behind the recent hacks targeting…

Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime , Governance & Risk Management Agency Is the Latest Victim of Attacks Exploiting Newly Exposed Flaws Akshaya Asokan (asokan_akshaya) • March 9, 2021     A Microsoft Exchange Server at the European Banking Authority, a regulatory agency of the European Union, was hacked. But the agency…

3rd Party Risk Management , Breach Notification , Critical Infrastructure Security Microsoft, FireEye Find Additional Payloads Used During Supply Chain Attack Scott Ferguson (Ferguson_Writes) • March 4, 2021     Researchers with Microsoft and FireEye are disclosing additional malware used by the hacking group that targeted SolarWinds in December 2020, according to a pair of…