Douglas Busvine and Nadine Schimroszik report: Business software group SAP disclosed on Tuesday that some of its cloud products did not meet contractual or statutory security standards and said it would take remedial action to fix the problem as soon as possible. The shortcomings were not identified in response to a specific security incident, the…
Category: Business Sector
Data from Hundreds of Law Firms Left Exposed on Old Database, Report Says
Simon Lock reports: Detailed and potentially sensitive information uploaded by firms including Clifford Chance, Slaughter and May, Weil Gotshal & Manges and White & Case was left “exposed” on an open database platform, according to a report by a cybersecurity firm. The cache of data, which included Companies House forms, partial security authentication details, business email addresses…
Hacker Bribed ‘Roblox’ Insider to Access User Data
Joseph Cox reports: A hacker bribed a Roblox worker to gain access to the back end customer support panel of the massively popular online video game, giving them the ability to lookup personal information on over 100 million active monthly users and grant virtual in-game currency. With this access, the hacker could see users’ email address, as well as…
Taiwan’s Formosa Petrochemical gas stations hit by malware attack
Matthew Strong reports: A day after top oil refiner CPC Corp., Taiwan became the target of a malware attack, its privately held competitor, Formosa Petrochemical Corp., suffered a similar ordeal, reports said Tuesday (May 5). The company said it had shut down its computer system, but its refining and petrochemical activities had not been affected, CNA reported….
Tarkett floored by cyber attack
Graham Cluley reports: French flooring company Tarkett has revealed that it was hit by a cyber attack on April 29th, and that its operations continue to be disrupted as a result Read more on GrahamCluley.
GoDaddy notifies users of breached hosting accounts
Sergiu Gatlan reports: GoDaddy notified some of its customers that an unauthorized party used their web hosting account credentials to connect to their hosting account via SSH. The security incident took place on October 19, 2019, after the company’s security team discovered suspicious activity on a subset of GoDaddy’s servers. Read more on BleepingComputer.