Displaying items by tag: Intrusion

An intrusion campaign which targets monitoring software from the French company CENTREON has been reported to have breached several French institutions between late 2017 and 2020. The systems that were hit were running CentOS, a free version of Red Hat's Enterprise Linux distribution.

Microsoft software has once again proved to be the weak link and opened the path for cyber attacks, this time to the US Treasury Department and an entity that deals with Internet and telco policy. The network management software SolarWinds appears to have opened the door for other agencies to be attacked.

The chief executive of a British security firm has criticised the American firm FireEye — which had its Red Team tools stolen by an unknown adversary recently — of using fancy terms in its advisory about the attack in order to hide its own failings.

American cyber security company FireEye, which announced a couple of days ago that it had been compromised by unknown attackers who stole its offensive tools, has been accused of having poor Internet-facing security by a British company that specialises in PKI.

On August 28, 2011, the servers of the Linux kernel project were breached, a fact that was discovered only 17 days later. News of this leaked out in September and it became known that the intrusion had been effected by stealing some user's credentials.

Every year, Verizon builds a major snapshot of all the data breaches they investigated in the previous year.  The latest report details the rise of hacktivism and the continuation of cyber criminal activity around the world.  We also interview one of the report's authors.

Imperva's latest analysis of the hacking landscape shows that the bad guys know as much about your business as you do.

Ruxcon 2011 is over for another year.  The delegates are happy, the organisers are very tired.

Fluke Networks has announced the release of new threat signature updates for its AirMagnet Enterprise 9.0 wireless intrusion detection and prevention system (WIDS/WIPS).

Combining data-centric and system-centric views of an organisation's information systems, Acronis Backup & Recovery 11 may well have saved a few organisations from the recent slew of data loss incidents (if they'd used it).

Yesterday the Internet was a-buzz with tales of a hacker shutting down a US-based wind farm.  Pity it never happened.

Yesterday afternoon, a very large number of Australians received an email from Dell advising them that their name and email address were lost in the same intrusion that has affected a large number of companies world wide.

On April 1st, US-based Epsilon Interactive (a major email marketing firm) revealed that their system had been penetrated and customer data, specifically names and email addresses had been stolen.  Is it a case of so-what? Or what-now?

McAfee has identified a long-term targeted attack on world-wide energy companies and infrastructure.  Since the attacks have primarily originated in China, they've named it "Night Dragon."