WCED News reports: The parent company of Penelec and other electric companies in our state, the First Energy Corporation, is requiring all customers to reset their passwords due to a security breach. First Energy disabled the online accounts and asked customers to reset the passwords on Friday after detecting hackers making numerous unauthorized attempts to…
Category: Business Sector
ALTDOS claims some of their servers were seized but they did not lose data
It would be great if the good guys had backups as good as the threat actors have. Threat actors who call themselves “ALTDOS” have re-emerged after a brief hiatus that had left this site wondering if something had happened to them following a joint advisory about them. ALTDOS has attacked a number of ASEAN firms,…
Nevada Restaurant Services, Inc. Provides Notice Of Data Privacy Event
From the I-have-questions department: Nevada Restaurant Services reported that they experienced a breach in January of this year and that the threat actor was able to copy some of their files. The type of data varied by person but the notification stated that the scope of information potentially involved includes individuals’ name, date of birth,…
Chinese hackers behind July 2021 SolarWinds zero-day attacks
Catalin Cimpanu reports: In mid-July this year, Texas-based software provider SolarWinds released an emergency security update to patch a zero-day in its Serv-U file transferring technology that was being exploited in the wild. At the time, SolarWinds did not share any details about the attacks and only said that it learned of the bug from…
Juniper Breach Mystery Starts to Clear With New Details on Hackers and U.S. Role
Jordan Robertson reports: Days before Christmas in 2015, Juniper Networks Inc. alerted users that it had been breached. In a brief statement, the company said it had discovered “unauthorized code” in one of its network security products, allowing hackers to decipher encrypted communications and gain high-level access to customers’ computer systems. Further details were scant,…
SEC fines three companies over hacked employee email accounts
Catalin Cimpanu reports: The US Securities and Exchange Commission has fined three brokerage firms on Monday for neglecting to secure employee accounts, incidents that led to the exposure of their customers’ data. Cetera Advisor Networks LLC, Cetera Investment Services LLC, Cetera Financial Specialists LLC, Cetera Advisors LLC, and Cetera Investment Advisers LLC (collectively, the Cetera entities); Cambridge…