Recent Security News
-
HPE Says Russian Government Hackers Had Access to Emails for 6 Months
January 25, 2024 at 05:18AM Hewlett Packard Enterprise (HPE) disclosed that its cloud email environment was targeted by hackers believed to be sponsored by the Russian government. The attack, attributed to the Midnight Blizzard and Cozy Bear threat groups, resulted in unauthorized access and data exfiltration. Microsoft also reported a similar attack by the same…
-
New CherryLoader Malware Mimics CherryTree to Deploy PrivEsc Exploits
January 25, 2024 at 02:30AM CherryLoader, a new Go-based malware loader, has been discovered by threat hunters. It masquerades as the legitimate CherryTree note-taking application to trick victims. The loader delivers privilege escalation tools and can swap out exploits without recompiling code. Its distribution method is unknown, but it is contained in a RAR archive…
-
Tech Giant HP Enterprise Hacked by Russian Hackers Linked to DNC Breach
January 25, 2024 at 01:06AM Hewlett Packard Enterprise’s cloud email environment was compromised by hackers connected to the Kremlin, attributed to the Russian state-sponsored group APT29. The breach lasted over six months and is linked to a previous security event involving unauthorized access to SharePoint files. The incident did not impact the company’s operations, according…
-
CISA’s Water Sector Guide Puts Incident Response Front & Center
January 24, 2024 at 03:50PM Water and wastewater utilities were given guidance by US Cybersecurity and Infrastructure Security Agency (CISA) to bolster their response to cyberattacks. The guide emphasizes incident response planning, highlights resource constraints for the sector, and examines recent cyber incidents targeting utilities. The water sector faces unique challenges in addressing these cyber…
-
Jason’s Deli Accounts Compromised by Credential Stuffing
January 24, 2024 at 03:12PM Jason’s Deli alerted its Deli Dollars rewards program members about potential exposure of personal data due to a credential-stuffing attack. It impacted over 344,000 customers. Names, addresses, phone numbers, birth dates, and partial credit card numbers were compromised. The restaurant is urging customers to update their login credentials and emphasizes…