Displaying items by tag: Hack

Mandiant, Google Cloud Security’s threat intelligence company, has exposed a sophisticated cyber espionage campaign by the China-linked hacking group UNC3886. The group has been found infiltrating outdated Juniper Networks routers with custom malware designed for long-term persistence and stealth.

"While some outlets are calling this a ‘hack’…. —it’s an attack. It underscores how disruptions to availability can be just as damaging as breaches of confidentiality or integrity. Taking platforms offline can be just as damaging as stealing information. But beyond the attack itself, what’s interesting is the chaos of attribution and how multiple threat actors may be involved or simply capitalizing on the moment.

Q: What's worse than your systems being breached? A: Being breached and not even knowing. In fact, every breach starts this way. Vectra shows iTWire how its product can alert you right at this critical moment.

Cybersecurity experts from NordVPN have warned that the risks of being hacked increase drastically for those who share too much information about their vacation online, especially by taking an “airport selfie.”

Cooperative research and education organisation the SANS Institute has officially opened its 21st annual Holiday Hack Challenge.

Cybersecurity is a continual problem for enterprises, governments, small businesses, and home users alike. Yet, not all cyber threats are the same. Research from Trellix finds it is Governments who are behind many of the most dramatic breaches in recent times.

With tensions mounting in Ukraine, the New York Department of Financial Services and the European Central Bank are alerting governments, businesses, and financial institutions to prepare for a possible state-sponsored cyber attack from Russia.

GUEST RESEARCH: KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, hasannounced its 2022 cybersecurity predictions from its team of industry experts.  

GUEST RESEARCH: KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, hasannounced its 2022 cybersecurity predictions from its team of industry experts.  

The SolarWinds attack, and all its ramifications, have made news headlines for months. Tim Brown, the company’s CISO and VP of Security spoke exclusively to iTWire to lay out what really happened - and what did not happen.  It is also a sobering call to how software development practices can never be the same again.

On the 25th of January, ten days after ASIC became aware of a cyber security incident affecting a server used by ASIC, the world was notified of the ASIC hack attack.

Security firm CrowdStrike is touting for more business, beyond its base in the US. That's probably why the company has put out a mid-year threat report which mostly contains details of tactics, techniques and procedures.

The Australian National University has released a report about the attack on its network which was announced in June 2019, providing a detailed timeline but no attribution for the hack or a possible reason as to why it was undertaken.

Australian intelligence officials have concluded that the breach of the Federal Parliament network in February was carried out by China, but has kept it quiet to avoid any problems in the bilateral trade relationship, a report claims.

A recent, sophisticated attack on the popular Binance cryptocurrency trading platform saw users’ accounts compromised and simultaneous withdrawals made to the tune of 7000 Bitcoins (worth $40m at the time).

When news of the breach of the Federal Parliament network broke on Friday, the Australian Signals Directorate was quick to point out that attribution, if it was made, would take time.

Firmware and hardware security firm Eclypsium (recently funded by Andreessen Horowitz and others) has released new findings, demonstrating that BMC (baseboard management controllers) vulnerabilities can actually be exploited to "brick" servers, rendering entire data centres and cloud applications completely useless.

The head of the Australian Cyber Security Centre, Alastair MacGibbon, says it is impossible to say where the breach of systems at the Australian National University originated.

Cloud endpoint protection provider CrowdStrike has released research revealing a threat spends an average of 86 days in a corporate network before it is detected, despite needing under two hours to move laterally to other systems on the network.

The latest round of "Russia hacked the DNC" claims has arrived in the form of a jailed Russian who claims to have left proof on the Democrat National Committee's server that he was behind the hack, which, he claims, was done at the behest of Russia's FSB.