Retailer WH Smith suffered a cyber attack that leaked employee data, including names, dates of birth, and National Insurance Numbers. The incident leaked the data of current and former employees, but customer data was unaffected.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
150 non-emergency procedures were canceled along with about 3,000 appointments as a Barcelona hospital fell victim to a ransomware attack that crippled communications and slowed operations.
ChatGPT has answers for almost everything, but there’s one answer we may not know for a while: will this tool turn out to be the genie its creators regret taking out of the bottle over unintended consequences in AI for cybersecurity?
The EPA memo frames vulnerabilities in public water systems as a potential point of contamination, and thus a public health threat. The new cybersecurity requirements are part of an order to include new elements in periodic sanitary surveys.
Hackers stole and published the login credentials of major tech and Fortune 500 companies, accessed CCTV cameras, and probed portals after breaching two large data centers in Asia.
Ransomware operators have long targeted systems and data availability of their victims, and have been evolving their attack patterns to include the privacy and confidentiality of victim data as well. Attackers are increasingly pushing for double and sometimes triple extortion of their victims.
Leading U.S. satellite TV provider Dish Network confirmed that the ongoing widespread disruptions is the result of a ransomware attack that was yet to be resolved.
At ANY.RUN malware analysis sandbox, we noticed an increase in phishing scams that direct users to fake Microsoft Outlook login pages, collecting confidential credentials. We decided to analyze one such campaign.
Much of the new cybersecurity strategy addresses critical infrastructure companies, which were already in the administration's crosshairs, but software creators are also facing the prospect of a much greater degree of liability than in the past.
News Corp security breach lasted from February 2020 to January 2022, during which time confidential company information and personal data was taken. Investigation by Mandiant indicates that a Chinese state-backed hacking team may be involved.










