November 21, 2023 at 01:09PM AutoZone, the leading automotive spare parts retailer in the US, has suffered a data breach as part of the Clop MOVEit file transfer attacks. Approximately 185,000 people were affected by the breach, which occurred on May 28, 2023. While the specific data compromised has not been disclosed, identity theft protection … Read more
November 21, 2023 at 09:00AM The ransomware strain Play is now available as a service for other threat actors, according to cybersecurity company Adlumin. Affiliates who purchase the ransomware follow step-by-step instructions from playbooks delivered with it, resulting in attacks with minimal variations. Play, also known as Balloonfly and PlayCrypt, has previously targeted networks through … Read more
November 21, 2023 at 08:39AM The Canadian government has reported a data breach involving two moving and relocation services firms contracted by the government. The breach exposed personal information of present and former public service employees, as well as members of the Canadian Armed Forces and Royal Canadian Mounted Police. The government is offering credit … Read more
November 20, 2023 at 03:50PM Progress Software’s MOVEit file transfer application has been exploited by the Russian ransomware group Clop, impacting 2,620 organizations and over 77 million individuals. Avast, the antivirus company, is among the victims, with 3 million customers’ information reportedly leaked on a hacking forum. Welltok, a patient communication services provider, has also … Read more
November 20, 2023 at 03:27PM CISA has introduced a pilot program to offer cybersecurity services to critical infrastructure entities facing increasing cyberattacks. The program includes deploying Protective Domain Name System to participating organizations and hosting roundtables to understand their needs. Initially, the program targets healthcare, water, and K-12 education, with plans to expand to 100 … Read more
November 20, 2023 at 12:27PM The Canadian government has reported that two of its contractors, Brookfield Global Relocation Services (BGRS) and SIRVA Worldwide Relocation & Moving Services, were hacked, resulting in the exposure of sensitive information belonging to government employees. The breach, reportedly attributed to the LockBit ransomware gang, has affected data dating back to … Read more
November 20, 2023 at 10:12AM Silverfort is the first unified identity protection platform that integrates with existing identity and access management solutions to protect organizations from identity-based attacks. The platform offers features such as Risk-Based Authentication and Multi-Factor Authentication (MFA) and can protect a wide range of resources, including command-line tools and service accounts. A … Read more
November 20, 2023 at 07:12AM The Rhysida ransomware group claims responsibility for the October cyberattack on the British Library, leaking stolen data including passport scans and HMRC employment documents. They have initiated an auction for the data with a starting bid of 20 Bitcoin ($745,000). The British Library confirmed the ransomware attack in November and … Read more
November 20, 2023 at 06:03AM Thousands of K-12 public schools in the United States are vulnerable to ransomware attacks due to lax cybersecurity measures. In response, the Biden administration has been offering free cybersecurity services to school districts and urging more to take advantage of these programs. Ransomware attackers, often based in Russia, target schools … Read more
November 17, 2023 at 06:29PM Ransomware gangs are targeting vulnerable Citrix Netscaler devices using a publicly available exploit to breach large organizations, steal data, and encrypt files. The threat actors exploit the Citrix Bleed vulnerability (CVE-2023-4966). Many recent victims, including Toyota Financial Services, ICBC, DP World, Allen & Overy, and Boeing, were found to have … Read more