Cybersecurity companies Mimecast and Qualys have apparently been targeted by the threat actor that breached the systems of IT management solutions provider SolarWinds as part of a sophisticated supply chain attack. Fidelis Cybersecurity has also confirmed being hit, but it’s unclear if it was specifically targeted.
A newly devised variant of the NAT Slipstreaming attack can be leveraged to compromise any device on the local network, according to researchers at enterprise IoT security firm Armis.
Google says it’s making progress on plans to revamp Chrome user tracking technology aimed at improving privacy even as it faces challenges from regulators and officials.
Several companies that provide services for mitigating distributed denial-of-service (DDoS) attacks reported seeing records being broken in 2020.
The Australian Securities and Investments Commission (ASIC) on Monday disclosed a security incident that involved Accellion software.
Austria-based crane manufacturer Palfinger on Monday informed customers that its IT infrastructure suffered serious disruptions as a result of an “ongoing global cyber attack.”
Google late Monday raised the alarm about a “government-backed entity based in North Korea” targeting -- and hacking into -- computer systems belonging to security researchers.
A coastal South Carolina county says hackers broke into its computer network over the weekend.
A statement from Georgetown County’s local government Monday said the county’s computer network “suffered a major infrastructure breach over the weekend.” Most of the county’s electronic systems, including emails, were impacted.
An ongoing phishing campaign delivering fake Office 365 password expiration reports has managed to compromise tens of C-Suite email accounts to date, according to a warning from anti-malware vendor Trend Micro.
Axiad, a provider of a cloud-based passwordless authentication solutions, has raised $20 million in growth funding from private equity firm from Invictus Growth Partners.
Menswear brand Bonobos has started informing customers of a data breach that may have resulted in their personal information getting compromised.
American packaging giant WestRock (NYSE: WRK) on Monday revealed that it was recently targeted in a ransomware attack that impacted both information technology (IT) and operational technology (OT) systems.
One of the vulnerabilities that Microsoft addressed on January 2021 Patch Tuesday could allow an attacker to relay NTLM authentication sessions and then execute code remotely, using a printer spooler MSRPC interface.
The elite Russian hackers who gained access to computer systems of federal agencies last year didn’t bother trying to break one by one into the networks of each department.
Industrial organizations have been informed about the existence of several potentially serious vulnerabilities affecting an OPC UA product made by Honeywell subsidiary Matrikon.
Unsecured Server Exposed Records Containing Sensitive Personal Data and Case Notes From Cook County Court
The computer chipmaker Intel Corp. on Friday blamed an internal error for a data leak that prompted it to release a quarterly earnings report early. It said its corporate network was not compromised.
Cybersecurity firm SonicWall said late on Friday that some of its internal systems were targeted by “highly sophisticated threat actors” exploiting what appear to be zero-day vulnerabilities affecting some of the company’s products.
Microsoft has shipped the stable version of the Microsoft Edge 88 browser, featuring a brand new Password Generator and the ability to alert on compromised credentials. The browser refresh also drops support for the FTP protocol and for the Adobe Flash plugin.