The VA has found itself in the cybersecurity hot seat again after a data breach at a records contractor exposed more than 200,000 records for veterans. The contractor, United Valor Solutions, appears to have been the victim of a ransomware attack. Researchers found a trove of their data online, including this sensitive VA data. The…
Colonial closed pipeline operations on May 7, when a ransomware infection was found on its computer systems. The shutdown affected the supply of gas in parts of the East Coast, with some people waiting an hour or more at filling stations or not finding gas at all. State and federal officials had warned against hoarding…
Bad actors have dropped notice that they’ve obtained an archive containing data purportedly scraped from 500 million LinkedIn profiles. A sample of data was posted on a popular hacker forum, with another 2 million records leaked as proof of the haul. More than 780,000 email addresses are associated with this leak. The initial listing contained…
Security researchers discovered a non-password-protected Elasticsearch database belonging to Office Depot that contained just under a million records. The exposed records were labeled as “Production” and contained customer information, file logs and other internal records for European customers, primarily in Germany. The company has addressed the issue. Here’s the full story
The DopplePaymer ransomware gang has leaked a large collection of files from the Illinois Office of the Attorney General after the agency declined to pay the ransom that the gang demanded. The cybercriminals released information from court cases orchestrated by the Illinois OAG, including some private documents that do not appear in public records. the…
The COVID-19 pandemic made companies realize that how important it is to protect their data. Moreover, they have realized that how crucial the role of MSPs and other IT service providers is in protecting the data. As vaccines continue to roll out, businesses are now moving from remote work to hybrid work environment. With this…
Top 5 Application Vulnerabilities / IPS Distribution Rank – Name – % 1. ThinkPHP.Controller.Parameter.Remote.Code.Execution – 25% 2. PHPUnit.Eval-stdin.PHP.Remote.Code.Execution – 21% 3. NETGEAR.DGN1000.CGI.Unauthenticated.Remote.Code.Execution – 19% 4. Telerik.Web.UI.RadAsyncUpload.Handling.Arbitrary.File.Upload – 19% 5. Dasan.GPON.Remote.Code.Execution – 16% Top 5 Malware Activity Distribution Rank – Name – % 1. MSOffice/CVE_2017_11882.C!exploit – 24% 2. W32/Generic_PUA_KL!tr – 23% 3. JS/RefC.G!tr – 19% 4. W32/Agent.HTL!tr.rkit – 18% 5. MSIL/GenKryptik.EKLE!tr – 16%
The CRA has locked down 800,000 online taxpayer accounts following an internal investigation that found user logins and other sensitive information may have been hacked. The agency noted that it could take until March 22 for the issues to be resolved. Here’s the full story
The first dominos to fall in the massive Microsoft breach (see above) will be government entities in the US and Europe. Starting that trend, the European Banking Authority has announced that it’s been impacted. EBA officials say that personal data may have been accessed from its servers. The agency has taken its email system offline…
