Recent Security News
-
1.3 Million Maine Residents Impacted by MOVEit Hack
November 10, 2023 at 07:00AM The State of Maine has reported significant impact from a cyberattack on Progress Software’s MOVEit file transfer tool earlier this year. Over 2,500 organizations and 69 million individuals have been affected. The attackers accessed personal information, including names, Social Security numbers, and medical information. The Maine Department of Health and…
-
Ransomware Attack on China’s Biggest Bank Disrupts Treasury Market Trades, Reports Say
November 10, 2023 at 07:00AM China’s Industrial and Commercial Bank of China Financial Services, a financial services business of China’s largest bank, experienced a ransomware attack that disrupted trading in the U.S. Treasury market. The attack affected some of its systems, but the company disconnected parts to mitigate the impact. The incident is being investigated…
-
Cerber Ransomware Exploits Atlassian Confluence Vulnerability CVE-2023-22518
November 10, 2023 at 05:23AM Cerber ransomware has been exploiting the Atlassian Confluence vulnerability CVE-2023-22518. The vulnerability allows unauthorized users to reset and create a Confluence instance administrator account, granting them full admin privileges. Cerber previously targeted Atlassian in 2021. The ransomware uses an encoded PowerShell command to download and execute a remote payload, encrypting…
-
The New 80/20 Rule for SecOps: Customize Where it Matters, Automate the Rest
November 10, 2023 at 04:03AM Automated security tools are becoming increasingly important for SOC teams, as they help cover the 80% of common threats across organizations. However, customization is still necessary for the remaining 20% of unique use cases. Automation can improve data ingestion, detection, investigation, and response, but customization allows organizations to address their…
-
Alert: ‘Effluence’ Backdoor Persists Despite Patching Atlassian Confluence Servers
November 10, 2023 at 04:03AM Researchers have discovered a stealthy backdoor called Effluence that exploits a security flaw in Atlassian Confluence Data Center and Server. The backdoor allows attackers to move laterally within the network and exfiltrate data. It can be accessed remotely without authenticating to Confluence. The attack chain involves exploiting two critical bugs…