The Cyber Express
Why Companies Are Now Outsourcing IT and Cybersecurity Services
In an era defined by rapid technological advancements and evolving cyber threats, the outsourcing of IT security services has emerged
The Cyber Express
In an era defined by rapid technological advancements and evolving cyber threats, the outsourcing of IT security services has emerged
Security Affairs
UK outsourcing services provider Capita confirmed that the outage suffered on Friday was caused by a cyberattack. Capita, the UK outsourcing giant, confirmed that its staff was locked out of their accounts on Friday after a cyber incident. Capita is one of the government’s biggest suppliers, with £6.5bn of public sector contracts, reported The Guardian. […]
CyberSecurity Dive
Cyberattack risk still largely comes down to human error, regardless of how much organizations spend to bolster defense.
DarkReading
The emerging cyber-threat group is unusually persistent and nimble, bypassing MFA, stealing data, and using compromised environments for downstream customer attacks.
DataBreaches
Bill Toulas reports: A financially motivated threat actor is hacking telecommunication service providers and business process outsourcing firms, actively...
Security Affairs
UK outsourcing giant Capita is informing customers that their data may have been stolen in the cyberattack that hit the company in early April. In early April, the UK outsourcing giant Capita confirmed that its staff was locked out of their accounts on Friday after a cyber incident. Capita is one of the government’s biggest […]
Bleeping Computer
British outsourcing services provider Capita announced today that a cyberattack on Friday prevented access to its internal Microsoft Office 365 applications.
Security Affairs
Threats actors calling themselves Justice Blade targets Saudi Arabia published leaked data from an outsourcing IT vendor. The group of threat actors calling themselves ‘Justice Blade’ published leaked data from Smart Link BPO Solutions, an outsourcing IT vendor working with major enterprises and government agencies in the Kingdom of Saudi Arabia and other countries in […]
ZDNet
Despite predictions in the early days of the pandemic that firms would rein in outsourcing strategies, the third-party ecosystem continues to grow.
Bleeping Computer
Business process outsourcing firm Capita is warning customers to assume that their data was stolen in a cyberattack that affected its systems in early April.
Bleeping Computer
A financially motivated threat actor is hacking telecommunication service providers and business process outsourcing firms, actively reversing defensive mitigations applied when the breach is detected.
Bleeping Computer
London-based professional outsourcing giant Capita has published an update on the cyber-incident that impacted it at the start of the month, now admitting that hackers exfiltrated data from its systems.
Bleeping Computer
Serco Inc, the Americas division of multinational outsourcing company Serco Group, has disclosed a data breach after attackers stole the personal information of over 10,000 individuals from a third-party vendor's MoveIT managed file transfer (MFT) server.
DataBreaches
Rajesh Sreenivasan, Steve Tan, Benjamin Cheong, Lionel Tan, Tanya Tang, Wong Onn Chee, Simon Goh, and Wang Ying Shuang of Rajah & Tann Asia write: On 22...
The Hacker News
[Webinar] When More Is Not Better: Solving Alert Overload
The Hacker News
Guide: Alert Overload and Handling for Lean IT Security Teams
DataBreaches
Gareth Corfield reports: A British coronavirus contact tracer who has said she was sacked from Serco for blowing the whistle on a data breach had part of her...
DataBreaches
Jessica Lyons Hardcastle reports: Black Basta, the extortionists who claimed they were the ones who lately broke into Capita, have reportedly put up for sale...
Infosecurity News
AWS VP Adolfo Hernandez will replace Jon Lewis as CEO
ZDNet
With war drums sounding, it's time to take a long hard look at your own security stance.
Infosecurity News
Over two-thirds of IT decision-makers increase cybersecurity budgets in 2024, prioritizing cloud security and incident response as cyber threats escalate
Security Affairs
Swiss electrification and automation technology giant ABB suffered a Black Basta ransomware attack that impacted its business operations. Swiss multinational company ABB, a leading electrification and automation technology provider, it the last victim of the notorious Black Basta ransomware group. The company has more than 105,000 employees and has $29.4 billion in revenue for 2022. […]
CSO
Deloitte's new Zero Trust Access service and HCL's collaboration with Palo Alto Networks mark a sustained trend towards offering Zero Trust security services for clients.
DarkReading
Social media data can provide critical clues to help get ahead of the next cyberattack, experts say.
DarkReading
Here are some of the easily avoidable mistakes most companies made last year, gleaned from hundreds of cybersecurity engagements by red and blue teams.
Cyber Security News
Best MSP for CISO, CTO & IT Managers - 1. Perimeter 812. Secureworks 3. IBM 4. Trustwave 5. Wipro 6. Verizon 7. Sophos 8. Symantec.
Cyber Security News
In today's rapidly evolving healthcare landscape, the integration of technology into medical practices is not just a luxury but a necessity
CyberScoop
More than 70 bogus sites in North America, Europe, the Middle East and Asia are part of an information operation pushing pro-Beijing messages.
DarkReading
A global network of inauthentic news sites present themselves as independent news outlets, offering content favoring China's government and articles critical of the US.
CyberSecurity Dive
The firm expects security services, the industry’s largest segment, to account for 42% of all spending and rise 11% to $90 billion next year.
The Cyber Express
Infamous Play ransomware group has extended its list of victims by adding 17 new names of companies based in the
DarkReading
A monitoring exercise identified user details in 716 compromised RIPE NCC accounts, including other valuable credentials belonging to those victims.
CyberSecurity Dive
Researchers from Mandiant and SentinelOne say attackers have deployed malware that can allow them to get around security controls.
Cyber Security News
As per reports, Yellow Pages Group, the Canadian Directory Publisher, has been attacked by the Black Basta Ransomware Group.
SecurityWeek
Early stage cyber deals continue to surge in terms of valuation and round size, and cyber may be more resilient to economic conditions compared to other verticals.
PCMag
The Russian-speaking group has received Bitcoin payments totaling $107 million since 2022, according to a blockchain tracking firm.
Infosecurity News
Firm has billions of pounds worth of government contracts
Infosecurity News
Digital supplier hit by suspected ransomware
Infosecurity News
Affiliates of prolific Black Basta ransomware group have breached over 500 global organizations
Infosecurity News
Atento case highlights the costs that can stem from serious breaches
The Hacker News
Alert: SIM swapping attacks are targeting telecom and BPO companies
The Record
The councils for Canterbury, Dover and Thanet in Kent, on England’s southeastern coast, appear to have been impacted by a single incident.
Bleeping Computer
Atento has published its 2021 financial performance results, which have a massive $42.1 million dent from a ransomware attack the firm suffered in October 2021.
Bleeping Computer
German automotive and arms manufacturer Rheinmetall AG confirms that it suffered a BlackBasta ransomware attack that impacted its civilian business.
CyberNews
India’s economy is already the fastest-growing among major nations, and the AI boom could boost GDP growth by an additional 0.9-1.1% each year.
Bleeping Computer
Swiss multinational company ABB, a leading electrification and automation technology provider, has suffered a Black Basta ransomware attack, reportedly impacting business operations.
Infosecurity News
Resecurity discovered over 1572 compromised customers from RIPE, APNIC, AFRINIC and LACNIC
Infosecurity News
The cybersecurity firm confirms that it has observed AI being used to generate malware
Infosecurity News
IT outsourcer claims customer, employee and supplier info may be at risk
Infosecurity News
Colchester council says multiple local authorities are impacted
The Hacker News
Small banks are facing big threats in the cyber landscape. With limited resources, how can they protect customer data and assets from sophisticated cy
Infosecurity News
USS says 470,000 may be affected
The Hacker News
UNC3944 cyber attackers are leveraging Microsoft Azure Serial Console to gain full administrative access to virtual machines.
The Hacker News
Vice Society ransomware group has switched to a new custom payload called 'PolyVice" that uses robust encryption with NTRUEncrypt and ChaCha20-Poly130
Infosecurity News
HCA Healthcare said personal data of approximately 11 million patients was published on an online forum
CyberSecurity Dive
Multiple threat groups have employed the same criminal tool kit to target vulnerable systems.
Bleeping Computer
The All-in-One Super-Sized Ethical Hacking Bundle is on sale for just $45.99 (reg. $1098) for a limited time only.
Infosecurity News
In some cases, the threat actor's intent was to ultimately provide SIM-swapping services
SecurityWeek
A cybercrime group tracked as Scattered Spider is exploiting an old vulnerability in Intel Ethernet diagnostics driver for Windows to bypass security products.
CSO
A ransomware campaign linked to the ostensibly defunct Conti malware group has targeted mostly US businesses, in a costly series of attacks.
Cyber Security News
The cybersecurity researchers at Symantec have recently warned of the risks related to poor security practices, pointing out that it found hardcoded credentials for AWS in more than 1,800 Android and iOS applications.
SecurityWeek
The Black Basta ransomware group has infected over 300 victims and received more than $100 million in ransom payments.
CyberSecurity Dive
Managed service providers can help fill talent needs and tame costs, but that strategy may require additional risk mitigation.
SecurityWeek
The EPA has issued an enforcement alert, outlining the steps needed to comply with the Safe Drinking Water Act.
Bleeping Computer
Yellow Pages Group, a Canadian directory publisher has confirmed to BleepingComputer that it has been hit by a cyber attack. Black Basta ransomware and extortion gang claims responsibility for the attack and has posted sensitive documents and data over the weekend.
SecurityWeek
UK’s financial watchdog FCA imposes a £11 million (approximately $13.5 million) fine to Equifax over the 2017 data breach.
Bleeping Computer
Regular penetration testing is an important step in developing secure web applications. Outpost24 PTaaS solution is an on-demand, pay-as-you-go service that provides access to specialist external pen testers and tools that work as extensions of your in-house SecOps team.
The Record
Ampersand — co-owned by Comcast Corporation, Charter Communications and Cox Communications — confirmed it had dealt with a ransomware incident but declined to say when the attack occurred or whether a ransom would be paid.
Bleeping Computer
Ascension, a major U.S. healthcare network, is diverting ambulances from several hospitals due to a suspected ransomware attack that has been causing clinical operation disruptions and system outages since Wednesday.
Bleeping Computer
Swiss tech multinational and U.S. government contractor ABB has confirmed that some of its systems were impacted by a ransomware attack, previously described by the company as "an IT security incident."
CyberSecurity Dive
A report released at the WEF said top business leaders and security experts fear heightened geopolitical tensions could result in a major attack in the next two years.
Bleeping Computer
Russia-linked ransomware gang Black Basta has raked in at least $100 million in ransom payments from more than 90 victims since it first surfaced in April 2022, according to joint research from Corvus Insurance and Elliptic.
Bleeping Computer
Ukraine's intelligence service, operating under the Defense Ministry, claims they hacked Russia's Federal Air Transport Agency, 'Rosaviatsia,' to expose a purported collapse of Russia's aviation sector.
The Record
The Serbian government announced on Saturday that the website and IT infrastructure of its Ministry of Internal Affairs had been hit by several “massive” distributed denial-of-service (DDoS) attacks.
CyberSecurity Dive
Rising ransomware attacks and higher payout demands have battered the insurance industry, leaving many organizations exposed and vulnerable.
The Record
A ransomware gang has started posting sensitive personal information connected to a devastating attack on the Raleigh Housing Authority (RHA) that disrupted the organization for weeks in May.
The Hacker News
Remember the hacks on Uber, Revolut, & Rockstar Games? Two UK teenagers, part of the infamous LAPSUS$ gang, convicted for high-profile hacks.
SC Magazine
Analysis reveals 18 of ransomware gang Black Basta’s 300-plus victims were extorted over $1 million each, with one handed over $9 million.
SecurityWeek
Google has to delete search results about people in Europe if they can prove that the information is clearly wrong, the European Union’s top court said Thursday.
Security Affairs
Resecurity identified bad actors offering a significant number of AnyDesk customer credentials for sale on the Dark Web.
Security Affairs
The Vice Society ransomware group has adopted new custom ransomware, with a strong encryption scheme, in recent intrusions. SentinelOne researchers discovered that the Vice Society ransomware gang has started using a custom ransomware that implements a robust encryption scheme, using NTRUEncrypt and ChaCha20-Poly1305 algorithms. Vice Society ransomware has been active since June 2021, it is considered […]
Infosecurity News
The UK FCA held Equifax Ltd responsible for failing to protect UK consumer data held by its US-based parent company
Infosecurity News
The proximity of organizations’ headquarters, like Asda’s and NHS England’s, prompted BlueVoyant to choose Leeds as the location for its first UK SOC
The Hacker News
UNC3944 threat actor now turns to ransomware attacks, targeting critical systems. Understand their tactics, and learn how to protect your organization
The Record
The safety of censorship evasion assistance offered by some hacker groups is unclear.
ZDNet
More businesses are moving to the cloud - and cyber criminals know on-demand IT can be an easy target if it's not secured properly.
The Record
The FBI, CISA and Department of Health and Human Services (HHS) alerted healthcare organizations to the group's activities. A separate report said Black Basta was behind the attack on Ascension healthcare system.
The Hacker News
Beware! Okta warns of social engineering attacks aimed at admin credentials. Threat actors are manipulating multi-factor authentication settings.
Bleeping Computer
Financially motivated cybercriminals abuse the Windows Quick Assist feature in social engineering attacks to deploy Black Basta ransomware payloads on victims' networks.
SecurityWeek
Several cybersecurity firms have warned Microsoft that cybercriminals have been using signed malicious drivers to kill antivirus and EDR processes.
Security Affairs
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. CISA adds Veritas Backup Exec flaws to its Known Exploited Vulnerabilities catalog Apple addressed two actively exploited zero-day flaws MSI confirms security breach after Money Message ransomware attack […]
Ars Technica
Move to appease EU partners bars running MS apps on competitors' infrastructure.
CSO
New enterprise initiatives are driving up the number of human and digital identities, increasing security risks.
Bleeping Computer
CISA and the FBI said today that Black Basta ransomware affiliates breached over 500 organizations between April 2022 and May 2024.
DataBreaches
Margot Patrick reports: Equifax’s (EFX) U.K. arm was fined around $13.6 million Friday for failing to protect the data of millions of British customers in...
Bleeping Computer
The Vice Society ransomware operation has switched to using a custom ransomware encrypt that implements a strong, hybrid encryption scheme based on NTRUEncrypt and ChaCha20-Poly1305.
The Hacker News
New research reveals how the zero-day financial criminal group Scattered Spider leverages sophisticated phishing, SIM swapping, and help desk fraud ta
ZDNet
CVE-2015-2291 is a years-old security vulnerability - but cyber criminals are still able to take advantage of unpatched systems to compromise networks.
Bleeping Computer
The Toronto Public Library (TPL) confirmed that the personal information of employees, customers, volunteers, and donors was stolen from a compromised file server during an October ransomware attack.
Security Affairs
Swiss electrification and automation technology giant ABB confirmed it has suffered a data breach after a ransomware attack. ABB has more than 105,000 employees and has $29.4 billion in revenue for 2022. On May 7, 2023, the Swiss multinational company, leading electrification and automation technology provider, suffered a cyber attack that reportedly impacted its business operations. […]
Loading more articles....