Colonial Pipeline likely paid a $5M ransom to DarkSide

DarkSide demanded a $5 million ransom to Colonial Pipeline, which has quickly recovered operations, did it pay? The Colonial Pipeline facility in Pelham, Alabama, was hit by a cybersecurity attack on Friday and its operators were forced to shut down its systems. The pipeline allows carrying 2.5 million barrels of refined gasoline and jet fuel...

38m

Rapid7 says source code, credentials accessed as a result of Codecov supply-chain attack

Rapid7 disclosed that unauthorized third-party had access to source code and customer data as result of Codecov supply chain attack. Cyber security vendor Rapid7 reveals it was impacted by the Codecov software supply chain attack, attackers had access to data for part of its customers and a small subset of its source code repositories for...

4h

Security at Bay: Critical Infrastructure Under Attack

The recent Colonial Pipeline attack highlights the dangers that are facing Critical Infrastructure worldwide. The attack perpetrated by hackers on oil company Colonial Pipeline highlights the dangers that are facing Industrial Control Systems (ICS) and the need for change in the information security landscape, The attack took place...

14h

Please vote Security Affairs – 1 day left

Hi GuysI need your support. I became aware only not that we can nominate SecurityAffairs as Best Personal Blog. I need your support. Please vote Security Affairs as Best Personal cybersecurity Blog at the following link https://docs.google.com/forms/d/e/1FAIpQLSer_6yOZrL8OO6XjJ9yj3Mlq9LvuOakdTZN9ZmhkFCy1aQLdw/viewform...

16h

Organizations in aerospace and travel sectors under attack, Microsoft warns

Microsoft warns of a malware-based campaign that targeted organizations in the aerospace and travel sectors in the past months. Microsoft researchers revealed that organizations in the aerospace and travel sectors have been targeted in the past months in a malware-based campaign. Threat actors conducted a spear-phishing campaign...

17h

Cisco fixes AnyConnect Client VPN zero-day disclosed in November

Cisco has addressed a zero-day in the Cisco AnyConnect Secure Mobility Client VPN software, with publicly available proof-of-concept exploit code. Cisco has addressed a zero-day vulnerability in Cisco AnyConnect Secure Mobility Client, tracked as CVE-2020-3556, that was disclosed in November. The availability of a proof-of-concept exploit...

18h

Biden signed executive order to improve the Nation’s Cybersecurity

President Joe Biden signed an ambitious executive order to dramatically improve the security of the US government networks. President Biden signed an executive order this week to improve the country’s defenses against cyberattacks, it is an important move that comes shortly after the recent wave of attacks, such as the SolarWinds supply chain...

22h

US CISA and FBI publish joint alert on DarkSide ransomware

FBI and DHS’s CISA have published a joint alert on DarkSide ransomware activity after the disruptive attack on Colonial Pipeline. FBI and DHS’s CISA have published a joint alert to warn of ransomware attacks conducted by the DarkSide group. The alert comes after the disruptive attack that hit Colonial Pipeline that caused chaos and disruption....

1d

How Companies Need to Treat User Data and Manage Their Partners

After the introduction of CCPA and GDPR, much more attention is given to third-party risks, and the privacy terms and conditions users agree to.  Global privacy regulations, such as the CCPA and GDPR, were enacted to ensure stricter standards when handling the personal data of consumers. As per these regulations, organizations...

1d

Microsoft Patch Tuesday for May 2021 fix 4 critical flaws

Microsoft Patch Tuesday for May 2021 security updates addressed 55 vulnerabilities, four are rated as Critical. Microsoft Patch Tuesday for May 2021 security updates address 55 vulnerabilities in Microsoft Windows, .NET Core and Visual Studio, Internet Explorer (IE), Microsoft Office, SharePoint Server, Open-Source Software, Hyper-V, Skype...

1d