November 16, 2023 at 07:00AM Research shows that incomplete IT offboarding can have negative effects on organizations, leading to security incidents, surprise bills, and missed handoffs. Nudge Security offers a SaaS management platform that helps with IT offboarding by providing a single source of truth for deprovisioning accounts and automating tasks like revoking OAuth grants … Read more
November 16, 2023 at 07:00AM Novel attack methods targeting Google Workspace and the Google Cloud Platform have been demonstrated, posing risks of ransomware, data exfiltration, and password recovery attacks. Threat actors could exploit vulnerabilities in Google Credential Provider for Windows (GCPW) to gain access to machines and bypass multi-factor authentication protections. These attacks highlight the … Read more
November 16, 2023 at 01:18AM Russian threat actors are suspected of launching the largest cyber attack on Danish critical infrastructure in May 2023. The attack targeted 22 energy sector companies and was coordinated and successful. Evidence suggests the involvement of Russia’s GRU military intelligence agency. The attacks exploited a critical command injection flaw in Zyxel … Read more
November 15, 2023 at 10:37PM Swedish digital rights organization Qurium has uncovered approximately 250 cloned websites that are suspected of redirecting users to Chinese gambling sites. Investigations revealed that various organizations had their websites copied and pasted, including private businesses, universities, and public libraries. Qurium alleges that the gambling ads on these cloned sites are … Read more
November 15, 2023 at 09:04PM The ALPHV/BlackCat ransomware group has filed a complaint with the U.S. Securities and Exchange Commission (SEC) against software company MeridianLink for not disclosing a cyberattack within the four-day rule. The ransomware group threatened to leak stolen data unless a ransom was paid. MeridianLink confirmed the cyberattack and stated that it … Read more
November 15, 2023 at 07:46PM The chief security officer of Clorox, Amy Bogac, has left her position following a corporate network breach that cost the company hundreds of millions of dollars. In separate news, ransomware group AlphV has claimed to have breached digital lending firm MeridianLink and filed a complaint against the company with the … Read more
November 15, 2023 at 06:12PM Samsung Electronics has experienced a data breach in the UK, affecting customers who made purchases between July 2019 and June 2020. The breach was caused by a hacker exploiting a vulnerability in a third-party application used by the company. Customer names, phone numbers, addresses were exposed, but financial information and … Read more
November 15, 2023 at 05:46PM ALTR Solutions, Inc. has closed its $25 million Series C Preferred financing to meet the growing demand for its SaaS-based data access governance and security solutions. The funding will be used to strengthen ALTR’s position in the cloud data access governance and security market, expand its footprint across data sources, … Read more
November 15, 2023 at 05:38PM Egress and KnowBe4 have announced an update to their partnership to help organizations address human risk. KnowBe4 will now use live email threat intelligence from Egress to automatically deploy context-based training and phishing simulations. This integration allows joint customers to benefit from adaptive email defenses and enhanced automation for security … Read more
November 15, 2023 at 04:48PM Rackspace Technology has incurred significant expenses and losses following a ransomware attack on one of its Microsoft Exchange servers. The incident costs have reached eight figures, with expenses for recovery totaling at least $6 million. Additionally, the company has already suffered losses of over $10.8 million and faces lawsuits. Despite … Read more