Australia’s Optus telco is facing a $1 million extortion demand to prevent the release of up to 11.2 million sensitive customer records. The data appears to be legitimate. The attacker tells ISMG an unauthenticated API lead to the breach.
Researchers uncovered a never-before-seen advanced threat actor dubbed Metador targeting telecommunications, internet service providers and universities in several countries in the Middle East and Africa for cyberespionage. They found two different Windows-based malware platforms.
Scammers are taking advantage of the monkeypox virus outbreak to launch phishing campaigns targeting healthcare providers and public health organizations to harvest credentials, the Department of Health and Human Services' Health Sector Cybersecurity Coordination Center says.
Hackers behind a campaign of deceptive sweepstakes spam hacked their way into Azure cloud accounts that lacked multifactor authentication and obtained admin privileges for Exchange servers. Microsoft advises turning on MFA and other measures such as conditional access.
In the latest weekly update, ISMG editors discuss the industrywide implications of a teenager hacking into Uber's internal systems, key trends in the new Gartner SD-WAN Magic Quadrant report, and how ethics and security culture are center stage due to recent CISO revelations at Uber and Twitter.
What is the future of ransomware, and is it going to continue with the same intensity of the last few years? Michael DeBolt of Intel 471 says anti-ransomware efforts, including government action and better cybersecurity practices, are working. But ransomware isn't going away soon.
A criminal investigation is underway into a breach at Optus, Australia’s second-largest telecommunications company. Optus' CEO says the company will notify those affected. It's unknown so far who perpetrated the attack, and the data has not appeared on the dark web.
The chief executive of Portugal's state-owned airline said she will not negotiate with hackers even as the Ragnar Locker ransomware-as-a-service group posted online the data of 1.5 million customers. "We hope you support us in this ethical attitude," said Christine Ourmières-Widener.
Credit card giant Capital One is moving past its 2019 hacking incident as federal regulators stop requiring quarterly updates on efforts to improve cybersecurity and a federal judge signs off on a $190 million settlement in a proposed class action lawsuit.
Iranian hackers rambled across the Albanian government's network for 14 months before launching a ransomware and disk wiper attack in July, says the U.S. government. Iran exploited a Microsoft SharePoint vulnerability to gain access and then harvested credentials and exfiltrated data.
Australian telecommunications giant Optus is warning that current and former customers' personal details were exposed, including some driver's license and passport details, but no passwords or financial details, after it suffered a major data breach.
The latest edition of the ISMG Security Report discusses financial giant Morgan Stanley's failure to invest in proper hard drive destruction oversight, the future of ransomware and the gangs that have attacked organizations in recent years, and the methods required to secure new payments systems.
Cyberattacks against universities have forced academia to implement new rules and processes to safeguard sensitive research from adversaries such as China, Russia and Iran. Texas A&M set up an office in 2016 to oversee security around scholarship, and the office works to prevent foreign influence.
Whoever stole $160 million from Wintermute, the cryptocurrency trading firm's CEO, Evgeny Gaevoy, would like the money back, minus 10% that's on the house. A hack of the London-based crypto market maker rocked the company, which supplies liquidity to cryptocurrency trading.
School is out for more than 3,000 students of a suburban Detroit district undergoing its second day of forensics analysis following an online attack. Students have been told not to use district-issued Chromebooks. Federal authorities have warned that school districts are targets of ransomware gangs.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.asia, you agree to our use of cookies.
