USA - Security Ticks

Exposed: Russian military Unit 29155 does digital sabotage, espionage

CISA, cyber espionage, cyber sabotage, cyber war, cybercriminals, disruption, Don't miss, hacker, Hot stuff, Justice Department, NATO, News, Russian Federation, Ukraine, USA / SecurityTicks

Exposed: Russian military Unit 29155 does digital sabotage, espionage 2024-09-06 at 17:01 By Zeljka Zorz The US Department of Justice has named five Russian computer hackers as members of Unit 29155 – i.e., the 161st Specialist Training Center of the Russian General Staff Main Intelligence Directorate (GRU) – which they deem resposible for the 2022 […]

React to this headline:

Exposed: Russian military Unit 29155 does digital sabotage, espionage Read More »

Microchip Technology confirms theft of employee data

cyberattack, data theft, Don't miss, Hot stuff, Microchip Technology, News, Ransomware, Semiconductors, USA / SecurityTicks

Microchip Technology confirms theft of employee data 2024-09-05 at 12:31 By Zeljka Zorz US-based semiconductor manufacturer Microchip Technology has confirmed that the cyberattack it suffered in August 2024 resulted in the theft of data, including “employee contact information and some encrypted and hashed passwords.” The breach was claimed later that month by the Play ransomware

React to this headline:

Microchip Technology confirms theft of employee data Read More »

Versa Director zero-day exploited to compromise ISPs, MSPs (CVE-2024-39717)

0-day, APT, Don't miss, Hot stuff, ISP, Lumen, Malware, misconfiguration, MSP, News, USA, Versa Networks, web shell / SecurityTicks

Versa Director zero-day exploited to compromise ISPs, MSPs (CVE-2024-39717) 2024-08-27 at 19:01 By Zeljka Zorz Advanced, persistent attackers have exploited a zero-day vulnerability (CVE-2024-39717) in Versa Director to compromise US-based managed service providers with a custom-made web shell dubbed VersaMem by the researchers. The malware harvests credentials enabling the attackers to access the providers’ downstream

React to this headline:

Versa Director zero-day exploited to compromise ISPs, MSPs (CVE-2024-39717) Read More »

Why C-suite leaders are prime cyber targets

CISO, cybersecurity, GetApp, News, report, strategy, survey, USA / SecurityTicks

Why C-suite leaders are prime cyber targets 2024-08-22 at 06:32 By Help Net Security Senior executives are prime targets for cybercriminals, with 72% of surveyed cybersecurity professionals in the US reporting that cyberattacks have targeted this group in the past 18 months. This trend, highlighted in GetApp’s 2024 Executive Cybersecurity Report, underscores the growing sophistication

React to this headline:

Why C-suite leaders are prime cyber targets Read More »

Microchip Technology manufacturing facilities impacted by cyberattack

cyberattack, disruption, Don't miss, Hot stuff, Microchip Technology, News, Semiconductors, USA / SecurityTicks

Microchip Technology manufacturing facilities impacted by cyberattack 2024-08-21 at 12:46 By Zeljka Zorz American semiconductor manufacturer Microchip Technology Incorporated has had some of its business operations disrupted by a cyberattack. “As a result of the incident, certain of the Company’s manufacturing facilities are operating at less than normal levels, and the Company’s ability to fulfill

React to this headline:

Microchip Technology manufacturing facilities impacted by cyberattack Read More »

Food security: Accelerating national protections around critical infrastructure

CISO, critical infrastructure, cybersecurity, Hot stuff, News, strategy, tips, USA, Video / SecurityTicks

Food security: Accelerating national protections around critical infrastructure 2024-08-21 at 06:31 By Help Net Security In this Help Net Security video, Mike Lexa, CISO and Global VP of IT Infrastructure and Operations at CNH, discusses how the federal government is taking food security more seriously and what steps must be taken to prioritize security measures.

React to this headline:

Food security: Accelerating national protections around critical infrastructure Read More »

NIST releases finalized post-quantum encryption standards

DigiCert, Encryption, Government, News, NIST, quantum computing, standards, USA / SecurityTicks

NIST releases finalized post-quantum encryption standards 2024-08-14 at 06:01 By Help Net Security NIST has finalized its principal set of encryption algorithms designed to withstand cyberattacks from a quantum computer. The announced algorithms are specified in the first completed standards from NIST’s post-quantum cryptography (PQC) standardization project and are ready for immediate use. “The transition

React to this headline:

NIST releases finalized post-quantum encryption standards Read More »

Scammers dupe chemical company into wiring $60 million

BEC scams, Don't miss, Europe, fraud, Hot stuff, manufacturing sector, News, USA / SecurityTicks

Scammers dupe chemical company into wiring $60 million 2024-08-13 at 16:46 By Zeljka Zorz Orion S.A., a global chemical company with headquarters in Luxembourg, has become a victim of fraud: it lost approximately $60 million through “multiple fraudulently induced outbound wire transfers to accounts controlled by unknown third parties.” The scammers targeted an employee Orion

React to this headline:

Scammers dupe chemical company into wiring $60 million Read More »

Faulty CrowdStrike update takes out Windows machines worldwide

Australia, CrowdStrike, Don't miss, Endpoint Security, Europe, Hot stuff, News, UK, USA, Windows / SecurityTicks

Faulty CrowdStrike update takes out Windows machines worldwide 2024-07-19 at 11:31 By Zeljka Zorz Thousands and possibly millions of Windows computers and servers worldwide have been made inoperable by a faulty update of Crowdstrike Falcon Sensors, and the outage affected transport, broadcast, financial, retail and other organizations have been affected in Europe, Australia, the US

React to this headline:

Faulty CrowdStrike update takes out Windows machines worldwide Read More »

US offers $10 million for information on indicted WhisperGate malware suspect

Government, government-backed attacks, Justice Department, law enforcement, Malware, News, Russian Federation, Ukraine, USA / SecurityTicks

US offers $10 million for information on indicted WhisperGate malware suspect 2024-06-27 at 10:36 By Help Net Security A federal grand jury in Maryland returned an indictment charging a Russian citizen with conspiracy to hack into and destroy computer systems and data. If convicted, he faces a maximum penalty of five years in prison. The

React to this headline:

US offers $10 million for information on indicted WhisperGate malware suspect Read More »

Ransomware disrupts Indonesia’s national data centre, LockBit gang claims US Federal Reserve breach

Asia, disruption, Don't miss, Hot stuff, News, Ransomware, USA / SecurityTicks

Ransomware disrupts Indonesia’s national data centre, LockBit gang claims US Federal Reserve breach 2024-06-25 at 14:46 By Zeljka Zorz Ransomware attackers wielding a LockBit variant dubbed Brain Cipher have disrupted a temporary national data center facility which supports the operations of 200+ Indonesian government agencies and public services. The attackers are asking for a $8

React to this headline:

Ransomware disrupts Indonesia’s national data centre, LockBit gang claims US Federal Reserve breach Read More »

US bans Kaspersky antivirus software due to national security risks

antivirus, Don't miss, Flashpoint, Government, Hot stuff, Kaspersky, News, USA / SecurityTicks

US bans Kaspersky antivirus software due to national security risks 2024-06-21 at 13:01 By Zeljka Zorz The US Department of Commerce has announced an upcoming US-wide ban of cybersecurity and antivirus software by Kaspersky, as its “ability to gather valuable US business information, including intellectual property, and to gather US persons’ sensitive data for malicious

React to this headline:

US bans Kaspersky antivirus software due to national security risks Read More »

Pressure mounts on CISOs as SEC bares teeth with legal action

CISO, Compliance, cybersecurity, Government, News, Panaseer, report, survey, USA / SecurityTicks

Pressure mounts on CISOs as SEC bares teeth with legal action 2024-06-21 at 06:31 By Help Net Security A Panaseer investigation into organizations’ annual 10-K filings reported to the SEC shows that from January-May 2024, at least 1,327 filings mentioned NIST – a key indicator that cybersecurity posture is present in a filing. This compares

React to this headline:

Pressure mounts on CISOs as SEC bares teeth with legal action Read More »

Crown Equipment cyberattack confirmed, manufacturing disrupted for weeks

cyberattack, Don't miss, Hot stuff, manufacturing sector, News, USA / SecurityTicks

Crown Equipment cyberattack confirmed, manufacturing disrupted for weeks 2024-06-20 at 17:46 By Zeljka Zorz Ohio-based Crown Equipment, which is among the largest industrial and forklift truck manufacturers in the world, has become a victim of a cyberattack “by an international cybercriminal organization,” the company has finally confirmed to its employees on Tuesday. The confirmation came

React to this headline:

Crown Equipment cyberattack confirmed, manufacturing disrupted for weeks Read More »

CDK Global cyberattack cripples 15,000 US auto dealerships

cyberattack, disruption, Don't miss, Hot stuff, News, Retail, SaaS, USA / SecurityTicks

CDK Global cyberattack cripples 15,000 US auto dealerships 2024-06-20 at 13:46 By Zeljka Zorz CDK Global, a software-as-a-service (SaaS) provider for car dealers and auto equipment manufacturers, has suffered a cyberattack that has temporarily disrupted its customers’ operations. About CDK and its platform CDK’s platform is used by 15,000+ car dealerships across North America to

React to this headline:

CDK Global cyberattack cripples 15,000 US auto dealerships Read More »

Major cybersecurity upgrades announced to safeguard American healthcare

cybersecurity, Government, healthcare, News, USA, White House / SecurityTicks

Major cybersecurity upgrades announced to safeguard American healthcare 2024-06-12 at 13:01 By Help Net Security Recent cyberattacks targeting the nation’s healthcare system have demonstrated the vulnerability of hospitals and payment systems. Providers across the health system had to scramble for funding after one attack on a key payment system. And some hospitals had to redirect

React to this headline:

Major cybersecurity upgrades announced to safeguard American healthcare Read More »

Microsoft launches cybersecurity program to tackle attacks, protect rural hospitals

cyberattacks, cybersecurity, Government, healthcare, Microsoft, News, USA / SecurityTicks

Microsoft launches cybersecurity program to tackle attacks, protect rural hospitals 2024-06-12 at 13:01 By Help Net Security Microsoft has unveiled a new cybersecurity program to support hospitals serving more than 60 million people living in rural America. In 2023, the healthcare sector reported more ransomware attacks than any other critical infrastructure sector and attacks involving

React to this headline:

Microsoft launches cybersecurity program to tackle attacks, protect rural hospitals Read More »

How fraudsters stole $37 million from Coinbase Pro users

account hijacking, Coinbase, Don't miss, fraud, Hot stuff, News, phishing, remote access, social engineering, USA / SecurityTicks

How fraudsters stole $37 million from Coinbase Pro users 2024-05-29 at 13:46 By Zeljka Zorz A convincing phishing page and some over-the-phone social engineering allowed a group of crooks to steal over $37 million from unlucky Coinbase Pro users. One of them – Chirag Tomar, a 30-year-old citizen of the Republic of India – has

React to this headline:

How fraudsters stole $37 million from Coinbase Pro users Read More »

SEC requires financial institutions to notify customers of breaches within 30 days

data, financial industry, News, regulation, USA / SecurityTicks

SEC requires financial institutions to notify customers of breaches within 30 days 2024-05-20 at 13:01 By Help Net Security The Securities and Exchange Commission (SEC) announced the adoption of amendments to Regulation S-P to modernize and enhance the rules that govern the treatment of consumers’ nonpublic personal information by certain financial institutions. The amendments update

React to this headline:

SEC requires financial institutions to notify customers of breaches within 30 days Read More »

US exposes scheme enabling North Korean IT workers to bypass sanctions

DOJ, Don't miss, enterprise, Hot stuff, News, North Korea, tips, USA / SecurityTicks

US exposes scheme enabling North Korean IT workers to bypass sanctions 2024-05-17 at 14:46 By Zeljka Zorz The US Justice Department had unsealed charges against a US woman and an Ukranian man who, along with three unidentified foreign nationals, have allegedly helped North Korean IT workers work remotely for US companies under assumed US identities

React to this headline:

US exposes scheme enabling North Korean IT workers to bypass sanctions Read More »