cyberattack (9)

12400169052?profile=RESIZE_400xA Microsoft spokesman reported that the Russian government-backed hacking team that broke into its corporate network and spied on senior executives also stole source code and may still be poking around its internal computer systems.  In what is being described as an “ongoing attack,” the world’s largest software maker says it has evidence the hacking group “is using information initially exfiltrated from our corporate email systems to gain, or attempt to gain, unauthorized access.”  This has inc

12389945471?profile=RESIZE_400xCybersecurity experts are warning that hospitals around the country are at risk for attacks like the one that is crippling operations at a premier Midwestern children’s hospital and that the US government is doing too little to prevent such breaches.  Hospitals in recent years have shifted their use of online technology to support everything from telehealth to medical devices to patient records.  Today, they are a favorite target for internet thieves who hold systems’ data and networks hostage f

12306209278?profile=RESIZE_400xOur friends at SentinelLabs report that Hack-for-Hire threat actors go by many names, such as surveillance-for-hire, mercenaries, private-sector-offensive-actors (PSOAs), and nonstate offensive threat actors.  Such groups represent an exciting challenge for security researchers and network defenders. They should be considered a severe threat to all organizations, worthy of proactive tracking in ongoing intrusions and analysis of historical cases to understand their significant impacts.  Many pub

12299288673?profile=RESIZE_400xRecently, it was announced that the Clorox company’s CISO has stepped down from her position.  Her departure comes as the company is still recovering from a devastating cyberattack that paralyzed its order fulfillment facilities for more than a month, leading to a 20% decline in net revenue in the first quarter of the fiscal year.

The reasons behind her departure have not been publicly disclosed. Still, her decision to step down during such a critical time for Clorox's cybersecurity efforts has

12263916864?profile=RESIZE_400xOkta Security has identified adversarial activity that leveraged access to a stolen credential to access Okta's support case management system.  The threat actor was able to view files uploaded by certain Okta customers as part of recent support cases. It should be noted that the Okta support case management system is separate from the production Okta service, which is fully operational and has not been impacted. In addition, the Auth0/CIC case management system is not impacted by this incident.

12239425294?profile=RESIZE_400xIn 1923, the Soviet Union created the Nagorno-Karabakh Autonomous Oblast (an oblast is an administrative region or province) within the Azerbaijan Soviet Socialist Republic.  This oblast has a 95% ethnically Armenian population.  In 1988, Nagorno-Karabakh intended to leave Azerbaijan and join the neighboring Republic of Armenia.  While the Soviet Union was able to keep the resulting tension under control, once the USSR began to collapse, armed conflict between Azerbaijan and Armenia began for co

10920542099?profile=RESIZE_192XI should not be writing this article in 2022, but sometimes the apparent need to be restated.  Reality has a way of asserting itself, irrespective of any personal or commercial choices we make, good or bad.  For example, recently, the city services of Antwerp in Belgium were the victim of a highly disruptive cyberattack.  See: https://www.bleepingcomputer.com/news/security/play-ransomware-claims-attack-on-belgium-city-of-antwerp/

As usual, all parties cried "foul play" and suggested that proper

10638461098?profile=RESIZE_180x180Gartner’s top eight cybersecurity predictions warn organizations that they need to employ greater resilience to reduce the impact of more severe cyberattacks.  Reducing the blast radius of larger, more potentially devastating attacks is key.   Implied in the predictions is advice to focus not just on ransomware or any other currently trending type of cyberattack, but to prioritize cybersecurity investments as core to managing risks and see them as investments in the business.  By 2025, 60% of or

10051028253?profile=RESIZE_400xThe U.S. Department of Homeland Security is reportedly warning that the U.S. could witness a retaliatory cyberattack at the hands of Russia if it decides to respond to the latter's potential invasion of Ukraine, where 100,000 or more troops have been amassed for weeks.  According to a DHS Intelligence and Analysis bulletin dated 23 January 2022 and sent to law enforcement agencies around the country, officials believe that if the U.S. responds to rising tensions at Ukraine's eastern border, the