Jonathan Greig reports: Yamaha’s Canadian music division confirmed that it recently dealt with a cyberattack after two different ransomware groups claimed to have attacked the company. The Yamaha Corporation — different from the spun-off motorcycle division — is a Japanese manufacturing giant producing musical instruments and audio equipment. It is considered the world’s largest producer…
Author: Dissent
North Korean hackers targeting JumpCloud mistakenly exposed their IP addresses, researchers say
Zack Whittaker reports: Security researchers say they have high confidence that North Korean hackers were behind a recent intrusion at enterprise software company JumpCloud because of a mistake the hackers made. Mandiant, which is assisting one of JumpCloud’s affected customers, attributed the breach to hackers working for North Korea’s Reconnaissance General Bureau, or RGB, a hacking unit…
IBM Report: Half of Breached Organizations Unwilling to Increase Security Spend Despite Soaring Breach Costs
From IBM: IBM Security today released its annual Cost of a Data Breach Report,1 showing the global average cost of a data breach reached $4.45 million in 2023 – an all-time high for the report and a 15% increase over the last 3 years. Detection and escalation costs jumped 42% over this same time frame, representing the highest…
Half of breached organisations unwilling to up security spend
From IT-Online: IBM Security’s newly-released annual Cost of a Data Breach Report says that the global average cost of a data breach reached $4,45-million in 2023 – an all-time high for the report and a 15% increase over the last three years. Detection and escalation costs jumped 42% over this same time frame, representing the…
Norway says Ivanti zero-day was used to hack govt IT systems
Sergiu Gatlan reports: The Norwegian National Security Authority (NSM) has confirmed that attackers used a zero-day vulnerability in Ivanti’s Endpoint Manager Mobile (EPMM) solution to breach a software platform used by 12 ministries in the country. The Norwegian Security and Service Organization (DSS) said on Monday that the cyberattack did not affect Norway’s Prime Minister’s Office, the…
In SEC Battle, Covington Ordered to Disclose Names of 7 Clients
Abigail Adcox reports: U.S. District Judge Amit Mehta of the District of Columbia has ruled that Covington & Burling must disclose to the U.S. Securities and Exchange Commission the names of seven clients whose information may have been exposed in a 2020 cyberattack that impacted the firm. “Covington shall produce to the Commission the names…