Over on SuspectFile, Marco A. De Felice writes: In August 2023, Postel S.p.A., a leading Italian company in the postal services and digital communications sector, became the victim of a serious cyberattack. The Medusa cybercriminal group exploited unresolved vulnerabilities in the company’s systems, gaining access to a large amount of sensitive data. This breach raised significant…
Category: Business Sector
SEC Charges Four Companies With Misleading Cyber Disclosures
Washington D.C., Oct. 22, 2024 — The Securities and Exchange Commission today charged four current and former public companies – Unisys Corp., Avaya Holdings Corp., Check Point Software Technologies Ltd, and Mimecast Limited – with making materially misleading disclosures regarding cybersecurity risks and intrusions. The SEC also charged Unisys with disclosure controls and procedures violations….
Hong Kong watchdog slams sports club for sloppy cybersecurity ahead of ransomware attack
Sammy Heung reports: Hong Kong’s privacy watchdog has found a prominent sports club had been in breach of privacy regulations in the run-up to a large-scale leak involving about 72,000 members’ personal information. The Office of the Privacy Commissioner for Personal Data said on Tuesday that the South China Athletic Association (SCAA) had failed to…
Cisco takes DevHub portal offline after hacker publishes stolen data
Lawrence Abrams reports: Cisco confirmed today that it took its public DevHub portal offline after a threat actor leaked “non-public” data, but it continues to state that there is no evidence that its systems were breached. “We have determined that the data in question is on a public-facing DevHub environment—a Cisco resource center that enables…
Iranian Cyber Actors’ Brute Force and Credential Access Activity Compromises Critical Infrastructure Organizations
From CISA, Alert Code: AA24-290A Summary The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), the Communications Security Establishment Canada (CSE), the Australian Federal Police (AFP), and Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) are releasing this joint Cybersecurity Advisory to warn network defenders…
Army to defend small businesses against hackers with NCODE secure cloud enclave pilot
Sydney J. Freedberg Jr. reports: AUSA 2024 — Army undersecretary Gabe Camarillo announced here Tuesday that the service would create a secure online enclave where small businesses can work with sensitive information under the Army’s protection — a potential lifeline for smaller firms struggling to meet Pentagon cybersecurity requirements and defend themselves against high-end threats like China. Known as…