cyberattacks

0 Comments
Microsoft on Thursday revealed that the threat actors behind the SolarWinds supply chain attack were able to gain access to a small number of internal accounts and escalate access inside its internal network. The “very sophisticated nation-state actor” used the unauthorized access to view, but not modify, the source code present in its repositories, the
0 Comments
The UK’s National Cyber Security Centre (NCSC) has issued its first ever guidance for farmers, in a sign of the growing cyber-threat facing rural businesses. Published on Tuesday, Cybersecurity for Farmers is a comprehensive guide to best practices covering everything from spotting suspicious emails and phone calls to password management, device security and the importance
0 Comments
Chief information security officers who work with the U.S. Department of Defense must understand and comply with the Cybersecurity Maturity Model Certification requirements, but even organizations that do not work with the government can learn from the CMMC. In early 2020, the U.S. Office of the Under Secretary of Defense for Acquisition and Sustainment released
0 Comments
Citrix has issued an emergency advisory warning its customers of a security issue affecting its NetScaler application delivery controller (ADC) devices that attackers are abusing to launch amplified distributed denial-of-service (DDoS) attacks against several targets. “An attacker or bots can overwhelm the Citrix ADC [Datagram Transport Layer Security] network throughput, potentially leading to outbound bandwidth
0 Comments
An authentication bypass vulnerability in the SolarWinds Orion software may have been leveraged by adversaries as zero-day to deploy the SUPERNOVA malware in target environments. According to an advisory published yesterday by the CERT Coordination Center, the SolarWinds Orion API that’s used to interface with all other Orion system monitoring and management products suffers from
0 Comments
IBM Security X-Force’s COVID-19 threat intelligence task force discovered a massive phishing campaign earlier this month aimed at organizations within the vaccine distribution cold chain. Caleb Barlow, president and CEO of healthcare cybersecurity firm CynergisTek, said that part of the supply chain, which ensures vaccines are stored at the proper temperature, is especially vital for
0 Comments
A healthcare technology company leaked 12 million records on patients including highly sensitive diagnoses, before the exposed cloud server was struck by the infamous “meow” attacker, researchers have revealed. A team at SafetyDetectives led by Anurag Sen discovered the leaky Elasticsearch server in late October after a routine IP address scan, although it’s unknown how
0 Comments
Since January 1st of 2018, a barrage of cyber attacks and data breaches have hit almost every industry, targeting businesses large and small, many of which are now from IoT devices. By 2025, it is estimated that there will be approximately 75 billion connected devices around the world. With more IoT devices ­–from wearables and
0 Comments
An overview of some of the cyberattacks that Canadian organizations faced in the summer months of 2018. The summer season often seems like a quieter time of year. The past few months have been eventful in Canada, however, as several incidents reported in the media have highlighted the importance of cybersecurity once again. First, several