We’ve all seen too many instances where vengeful former employees have tried to sabotage their former employer’s network. Even when their employers remember to revoke access for the individual, they often find other ways in — like using a former colleague’s credentials or having previously created another user on the system with credentials. But would…
Category: Business Sector
Threat actors claim to have stolen Jones Day files; law firm remains quiet
Over on AdvIntel, Tyler Combs has a post about threat actors attacking law firms. Many of us are already aware of a number of law firms who have been attacked and who have had their firm’s files dumped publicly when they refused to pay ransom demands, but if the biggest law firms fall prey, what…
Terrorist hackers target Atlassian & Oracle servers
Edward Kost writes: Volatile Cedar, a cybercriminal group affiliated with the Hezbollah Cyber Unit, has resurfaced after disappearing for almost 6 years. The criminal group was suddenly illuminated on the radar after suspicious activity on Oracle and Atlassian servers was discovered. Volatile cedar breached unpatched Atlassian and Oracle servers by exploiting the following vulnerabilities – CVE-2012-3152, CVE-2019-11581,…
Yandex suffers data breach after sysadmin sold access to user emails
Ionut Ilascu reports: Russian internet and search company Yandex announced today that one of its system administrators had enabled unauthorized access to thousands of user mailboxes. The company discovered the breach internally, during a routine check of its security team. The investigation revealed that the employee’s actions led to the compromise of almost 5,000 Yandex…
ECU Worldwide chief confirms IT systems are down after ‘cyber incident’
Alex Lennane reports: The chief executive of ECU Worldwide has confirmed the company’s systems have been affected by a “cyber incident”. In a note to customers, Tim Tudor wrote: “Our online systems have been temporarily unavailable due to a cyber incident. “As a precautionary measure we have taken our systems offline. This includes emails. “Our…
WeChat Data Leak Leads To Arrest Of Tencent Executive Zhang Feng
Cullen Paradis reports: Zhang Feng, an executive at China’s most valuable public company Tencent Holdings, has been detained by authorities in connection to a data leak and corruption scandal. According to the Wall Street Journal, Zhang is accused of sending user data from the messaging app juggernaut WeChat to Sun Lijun, the former vice public security minister now…