Recent Security News
-
Japan on Line Breach: Clean Up Post-Merger Tech Sprawl
March 6, 2024 at 06:16PM The Japanese government’s analysis of the recent Line data breach has prompted a directive for the organization to separate its technology from parent company Naver. The merger with Yahoo Japan and dependence on Naver’s technology have raised concerns about cybersecurity practices. Japanese regulators are calling for regular updates and a…
-
Hacked WordPress sites use visitors’ browsers to hack other sites
March 6, 2024 at 05:40PM Hackers have been targeting WordPress sites with widescale attacks, initially using crypto wallet drainer scripts to steal cryptocurrency. More recently, they have switched to injecting malicious scripts that force visitors’ browsers to conduct bruteforce attacks on other websites. The threat actor’s goal seems to be building a larger portfolio of…
-
Cloud-y Linux Malware Rains on Apache, Docker, Redis & Confluence
March 6, 2024 at 05:39PM Researchers have detected a cyber campaign targeting vulnerable cloud servers running Apache Hadoop, Atlassian Confluence, Docker, and Redis. The attackers deploy a cryptomining tool and a Linux-based reverse shell for potential future targeting. The campaign, known as Spinning YARN, exploits known vulnerabilities and misconfigurations, with tactics overlapping with threat groups…
-
First BofA, Now Fidelity: Same Vendor Behind Third-Party Breaches
March 6, 2024 at 05:31PM FILI notified 30,000 individuals of a third-party data breach, affecting names, Social Security numbers, bank account details, and more. This is the second breach involving IMS this year. Jeff Margolies points to increased third-party security breaches and the need for better third-party access management. Fidelity offers 24 months of credit…
-
Veeam Launches Veeam Data Cloud
March 6, 2024 at 05:08PM VeeamĀ® Software, a global leader in data protection and ransomware recovery, has unveiled the new Veeam Data Cloud, based on Microsoft Azure, offering backup-as-a-service for Microsoft 365 and Azure. This solution provides reliable cyber resiliency and data protection, complemented by industry-leading technology, security, and intuitive interface. Learn more at veeam.com.…