Evolve Bank and Trust has confirmed a LockBit data breach after the Russian ransomware group published the stolen records containing personal information on the dark web.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
A statement from TeamViewer indicated that the security breach was detected on June 26, and an employee account was apparently compromised as the APT group's source of access. There is not yet any mention of loss of data.
The ransomware group LockBit put itself in the international headlines once again last week when it boldly claimed to have stolen 33 TB of data from the US Federal Reserve. But the sample of stolen data turns out to have come from just one US bank.
Leading forklift manufacturer Crown Equipment has confirmed that the prolonged disruption resulted from a cyber attack by an international cybercriminal organization.
A Microsoft whistleblower says that the Active Directory security flaw that led to the SolarWinds breach was ignored because, at the time, the company was preparing a major bid for the government's cloud computing business.
In total, the cyber attack on Indonesia’s national data center impacted about 200 government agencies. Travel and immigration saw the most dramatic impacts, but also received priority attention and have largely been restored at this point.
CDK Global, a SaaS provider for the auto industry, has suffered a second cyber attack while recovering from a previous cybersecurity incident, disrupting thousands of auto dealers.
The National Railroad Passenger Corporation is notifying customers of a data breach affecting their Amtrak Guest Rewards accounts. Amtrak believes the threat actor gained access via a credential stuffing attack.
A leak on a hacking forum that exposed internal AMD data appears to have been confirmed by the company, as it acknowledged that an unnamed third-party vendor involved in product assembly was breached. Questions remain about the extent of the data breach, however.
A cyber attack on London hospitals that has unfolded over the course of June has had a devastating impact on the city's blood supply, and has caused hundreds of operations to be postponed.










