DataBreaches
Insurance giant CNA reports data breach after ransomware attack
Sergiu Gatlan reports: CNA Financial Corporation, a leading US-based insurance company, is notifying customers of a data breach following a Phoenix...
DataBreaches
Sergiu Gatlan reports: CNA Financial Corporation, a leading US-based insurance company, is notifying customers of a data breach following a Phoenix...
Bleeping Computer
CNA Financial Corporation, a leading US-based insurance company, is notifying customers of a data breach following a Phoenix CryptoLocker ransomware attack that hit its systems in March.
Bleeping Computer
Leading US-based insurance company CNA Financial has fully restored systems following a Phoenix CryptoLocker ransomware attack that disrupted its online services and business operations during late March.
DataBreaches
Kartikay Mehrotra and William Turton report: CNA Financial Corp., among the largest insurance companies in the U.S., paid $40 million in late March to regain...
DataBreaches
CNA reports: Taipei, March 12 (CNA) Shopee and Carousell, two online marketplaces based in Singapore, have been the two C2C platforms on which customers were...
DataBreaches
CNA reports: Starbucks Singapore has been hit by a data breach affecting customers of its rewards membership programme. In an email sent to customers on Friday...
DataBreaches
CNA reports: Data centre operator ST Telemedia Global Data Centres (STT GDC) has noticed no data loss or impact to its customer service portals following a...
DataBreaches
CNA reports: OT Group, the holding company of OrangeTee & Tie and OrangeTee Advisory, has suffered a data security breach, the Singapore real estate group...
DataBreaches
CNA reports: Taiwanese car rental and automobile/motorcycle-sharing services platform iRent received separate fines from the Ministry of Transportation and...
DataBreaches
CNA reports: U.S. cybersecurity firm Fortra said suspicious activity was identified within its GoAnywhere software nearly two months ago, a day after Rio Tinto...
DataBreaches
CNA reports: The National Health Insurance Administration (NHIA) on Thursday said there is no evidence that three current and former employees stole data amid...
Bleeping Computer
Leading US insurance company CNA Financial has provided a glimpse into how Phoenix CryptoLocker operators breached its network, stole data, and deployed ransomware payloads in a ransomware attack that hit its network in March 2021.
DataBreaches
CNA reports a follow-up to an attack by ALTDOS that was previously reported by DataBreaches: Real estate agency OrangeTee & Tie has been fined S$37,000 by...
The Record
The Canadian Nurses Association (CNA) confirmed that it is working with its members to respond to a leak of sensitive data stolen by a group of hackers earlier this year.
DataBreaches
Hacktivists on both sides of the Russia-Ukraine war have been busy. CNA reports that some hackers disrupted a Zoom event to stream obscenities and to post fake...
SecurityWeek
More than 50 organizations have been added as a CVE Numbering Authority (CNA) in 2022, bringing the total to 260.
DataBreaches
Natasha Ganesan reports: Firms and individuals in Singapore faced an increased number of cybercrime, phishing and ransomware threats last year, according to a...
DataBreaches
Matthew Strong reports: The Ministry of Interior (MOI) on Saturday (Oct. 29) denied being the source of a data leak reportedly posting private details of...
DataBreaches
Ransomware attacks continue This week, LockBit added four entities related to South America: Chile, Colombia, and Venezuela: Comision Nacional de Acreditación...
Infosecurity News
An open letter signed by 50 cybersecurity practitioners requires the US Congress to support NIST in restoring operations at the National Vulnerability Database
The Cyber Express
The U.S. National Institute of Standards and Technology (NIST) has taken a big step to address the growing backlog of
CyberNews
British-American multinational falls victim to hackers - in an embarrassing development for a company that also offers cybersecurity services.
The Hacker News
Fortra patches critical flaw in FileCatalyst transfer tool. Vulnerability allows remote code execution via directory traversal.
Security Affairs
Fortra addressed a critical remote code execution vulnerability impacting its FileCatalyst file transfer product.
PCMag
UnitedHealth Group has not confirmed a payment, but an affiliate of the ALPHV/Blackcat gang disclosed the number in a forum while complaining about being swindled out of their cut.
Bleeping Computer
This week's ransomware news has been dominated by the attack on Ireland's Health Service Executive (HSE) that has severely disrupted Ireland's healthcare system.
SecurityWeek
A critical directory traversal vulnerability in Fortra FileCatalyst Workflow could lead to remote code execution.
SecurityWeek
Global insurance broker Aon is investigating a cyber incident impacting some of its systems.
ZDNet
Sophos Firewall is a network protection solution for the enterprise market.
SecurityWeek
A total of more than 28,000 CVE IDs were assigned in 2023 and 84 new CVE Numbering Authorities (CNAs) were named.
Bleeping Computer
This week's news focuses on the aftermath of REvil's ransomware attack on MSPs and customers using zero-day vulnerabilities in Kaseya VSA. The good news is that it has not been as disruptive as we initially feared.
Bleeping Computer
Professional services and insurance giant AON has suffered a cyberattack that impacted a "limited" number of systems.
Infosecurity News
Several software security experts have told Infosecurity that no new vulnerabilities have been added to the US NVD since May 9
Cyber Security News
Cybersecurity researchers at ESET actively monitoring the "Winter Vivern," started exploiting a new zero-day XSS vulnerability in Roundcube.
Bleeping Computer
The new PayloadBIN ransomware has been attributed to the Evil Corp cybercrime gang, rebranding to evade sanctions imposed by the US Treasury Department's Office of Foreign Assets Control (OFAC).
Bleeping Computer
Ransomware took the media spotlight this week after a ransomware gang known as DarkSide targeted critical infrastructure in the USA.
Bleeping Computer
Tokio Marine Holdings, a multinational insurance holding company in Japan, announced this week that its Singapore branch, Tokio Marine Insurance Singapore (TMiS), suffered a ransomware attack.
DataBreaches
In December 2019, Sophos published an analysis of Snatch ransomware. In June 2020, DFIR Report provided a case study, and in July 2020, LIFARS wrote an...
The Record
One of Australia's largest port operators is resuming operations after being hit by a cyberattack late last week.
Cyber Security News
Microsoft Corporation has announced its decision to sell its chat and video app Teams separately from its Office suite on a global scale.
CyberSecurity Dive
Companies would need to report breaches within four days under the proposed rules.
Cyber Security News
Cybersecurity researchers have released a Proof-of-Concept (PoC) exploit for a recently disclosed disclosure Microsoft Edge vulnerability.
The Hacker News
Watch out for WordPress plugin that can create fake administrator users and inject malicious JavaScript code to steal credit card information
Bleeping Computer
This week has quite a bit of news ranging from the USA formally accusing China of the recent ProxyLogon vulnerability and Kaseya mysteriously obtaining the universal decryption key.
CyberSecurity Dive
Ransomware foists a difficult choice on executives and very few leave business operations in limbo to test a best practice.
ZDNet
As COVID-19 continues to cause disruption, cyberattacks haven't let up, either.
Ars Technica
Disagreement over security disclosures and bug-fixing priorities led to split.
CyberScoop
Researchers say Digital Communications Technologies has not addressed a bug impacting its Syrus4 IoT gateway, leaving open the possibility for vehicle fleets to be shut down.
DarkReading
Why cyber teams are now front and center for business enablement within organizations, and the significant challenges they face.
The Cyber Express
March 2024 brings a fresh focus on cybersecurity as Microsoft rolls out its latest set of patches, addressing 61 vulnerabilities
The Cyber Express
Microsoft has released the latest Patch Tuesday update, addressing a large number of vulnerabilities across various products and services. The
Ars Technica
Consumer drones are having a huge impact on the country’s defense against Russia.
Bleeping Computer
The new ALPHV ransomware operation, aka BlackCat, launched last month and could be the most sophisticated ransomware of the year, with a highly-customizable feature set allowing for attacks on a wide range of corporate environments.
Cyber Security News
Implementing a ransomware attack prevention plan can provide businesses with the necessary tools to protect your organisation.
ZDNet
The ransomware business is booming, and really anyone can be the next victim. Here's how to protect yourself and your organization from an attack. Too late for prevention? We'll show you what to do next.
The DFIR Report
IcedID continues to deliver malspam emails to facilitate a compromise. This case covers the activity from a campaign in late September of 2022. Post exploitation activities detail some familiar and … Read More