Details from more than 500 million Facebook users have been found available on a website for hackers. The information appears to be several years old, but it is another example of the vast amount of information collected by Facebook and other social media sites, and the limits to how secure that information is. The availability…
Cloud Security , Network Detection & Response , Network Firewalls, Network Access Control Webinar | Securing Remote Workers: Using SASE to Maintain Visibility and Maximize Efficiency Information Security Media Group , • April 6, 2021 As remote work continues, organizations across EMEA – and beyond – must ensure that their employees can…
The FBI and the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) are warning about advanced persistent threat (APT) actors exploiting a Fortinet vulnerability to gain access to government and other networks, according to an April 2 joint advisory. The joint advisory warns that APT actors are trying to utilize common vulnerabilities…
The personal details belonging to 30,000 individuals based in Singapore may have been illegally accessed after a security breach targeted a third-party vendor of a job-matching organization called Employment and Employability Institute. The leaked data included names, identification numbers, contact information, educational qualifications, and employment history. The e2i purpose is to bring together and connect…
A grand jury has indicted a California resident accused of stealing Shopify customer data on over a hundred merchants, TechCrunch has learned. The indictment charges Tassilo Heinrich with aggravated identity theft and conspiracy to commit wire fraud by allegedly working with two Shopify customer support agents to steal merchant and customer data from Shopify customers…
The US authorities are urging Fortinet customers to patch three legacy vulnerabilities being exploited in the wild to compromise government, commercial and technology service provider networks. A joint cybersecurity advisory from the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) on Friday warned that threat actors are actively scanning for devices via ports 4443, 8443 and…
Breach Notification , Business Continuity Management / Disaster Recovery , COVID-19 Conti Ransomware Gang Hit Scottish Environment Protection Agency on Christmas Eve Mathew J. Schwartz (euroinfosec) • April 6, 2021 Pressure tactics: After SEPA refused to pay the Conti ransomware operation’s ransom, the gang leaked stolen data on its dedicated data leak site….
A hacking group related to a Chinese-speaking threat actor has been linked to an advanced cyberespionage campaign targeting government and military organizations in Vietnam. The attacks have been attributed with low confidence to the advanced persistent threat (APT) called Cycldek (or Goblin Panda, Hellsing, APT 27, and Conimes), which is known for using spear-phishing techniques…
A new spear-phishing campaign is targeting professionals on LinkedIn with weaponized job offers in an attempt to infect targets with a sophisticated backdoor trojan called “more_eggs.” To increase the odds of success, the phishing lures take advantage of malicious ZIP archive files that have the same name as that of the victims’ job titles taken…
A hacking group related to a Chinese-speaking threat actor has been linked to an advanced cyberespionage campaign targeting government and military organizations in Vietnam.The attacks have been attributed with low confidence to the advanced persistent threat (APT) called Cycldek (or Goblin Panda, Hellsing, APT 27, and Conimes), which is known for using spear-phishing techniques to compromise
