News Corp Cyberattack
News Corporation (News Corp) has disclosed more information about the 2022 cyberattack against the major publishing conglomerate. News Corp revealed that the cybercriminals had access to its systems two years ago, starting in Feb. 2020.
News Corp recently sent notification letters to affected employees. These laid out the most recent information on the data breach. The breach affected workers at the company’s publications, The New York Post and The Wall Street Journal, and its UK news operations.
Dish Network Cyberattack
Dish Network confirmed that the network outage it is currently experiencing is due to a
cybersecurity breach. This outage also affected its internal communications systems.
The breach occurred on Feb. 23 and disconnected Dish’s websites and apps. The network’s call centers also went offline. Subscribers cannot access their accounts, stream shows, or avail of Dish’s services.
Ransomware Attack on Dole
Ransomware is a threat businesses cannot afford to ignore. Such a cyberattack often blocks user access to systems until the perpetrator receives ransom. A recent cautionary tale is a ransomware attack on Dole Food Company.
Dole reported on Feb. 22 a cybersecurity incident involving ransomware. Although it is unclear when or how the attack occurred, Dole said it had a limited impact on its operations. However, there are reports saying the disruption may be more serious than the company let on.
Microsoft Exchange Server Antivirus Exclusions
The Microsoft Exchange Server is an e-mail server developed exclusively for Windows OS users. It also offers collaboration functions like scheduling and calendaring.
One of the Exchange Server's biggest draws is its high availability features. These features ensure that outages and server failures won’t disrupt server operations.
But while the Exchange Server sounds like a dream for users, it also has limitations. Microsoft warned against performing antivirus scans on some Exchange Server’s files, folders, and processes.
S1deload Stealer Malware
A new malware campaign on Facebook and YouTube is making headlines. S1deload Stealer hijacks these social media accounts, mines cryptocurrency, and spreads itself. Discover what business owners need to know about this malware.
Stanford University Data Breach
The recent Stanford University data breach is causing businesses to reevaluate their security practices. The way the university handled the breach can serve as a guide for business owners. But it is important to understand the facts of the incident.
LastPass Reveals Details of Attack
LastPass recently revealed more details of the second malware attack targeting its infrastructure. It also disclosed the company’s actions to prevent similar attacks in the future. By learning more about the attack, business owners can strengthen their own security weaknesses.
GoDaddy Finds Multiple-Year Security Breach
GoDaddy is a popular web hosting company with millions of customers worldwide. Users are alarmed to find that attackers stole the company’s source code.
The hosting giant found the security breach in early December 2022 after it received customer reports. From there, it carried out a comprehensive investigation. GoDaddy disclosed that its sites are being redirected to random domains.
Serious Security Flaw in Cisco ClamAV Discovered
It is ironic when software designed to protect is vulnerable to threats. That is the case here. Experts discovered the ClamAV free anti-malware program has a serious security risk.
Investigations revealed the security threat is in its scanning library. It was tracked as CVE- 2023-20032. The risk affects several other products from Cisco.
Everything You Need to Know About the Pepsi Data Breach
Hackers need less than a minute to perform a successful data breach. It will be over before you can even finish your cup of coffee. Unfortunately, it can take companies several weeks to realize they were the victim of a malware attack. That's what happened to Pepsi Bottling Ventures.
Cloudflare Successfully Detects and Mitigates Largest DDoS Attack Recorded
During the weekend of Feb. 11-12, 2023, content delivery network provider Cloudflare detected and mitigated an unusually high number of hyper-volumetric DDoS attacks. It did not disclose the targets but mentioned some of the attacked websites. These included a gaming provider, hosting providers, cloud computing platforms, and cryptocurrency companies.
The attack ranged between 50 to 70 million requests per second (rps) and peaked at 71 million rps. That is the largest reported HTTP DDoS attack, surpassing the 46 rps recorded in June 2022.
Internet Explorer Gets Disabled From Windows 10
Microsoft has intended to replace Internet Explorer with the new Edge browser. On June 15, 2022, the company officially retired the popular browser by ending its update support for the application. However, it was still part of Windows 10 and was available for use.
However, a Microsoft Edge update on Feb. 14, 2023, permanently disabled Internet Explorer 11 on Windows 10 computers. As standard with these updates, the rollout takes a few days to a week.
State of Emergency Declared in Oakland to Combat Ransomware Attack
On Feb. 8, 2023, the City of Oakland suffered a ransomware attack. It forced several city systems to go offline. Fortunately, it did not affect emergency services. 911 and fire rescue
were still online.
Digital security experts investigated the incident. They assume the attack started with an email that contained a malicious ransomware program. When a user clicks on a link or attachment, the ransomware gets into the system and steals valuable data.
Microsoft Announces End Date for Exchange Server 2013
Microsoft Exchange Server 2013 will no longer receive updates starting April 11, 2023. That gives companies using the system to upgrade to a newer one or lose support.
Over 3 Million Patients Affected in California Hospital Ransomware Attack
A ransomware attack exposed the information of more than 3.3 million patients on Dec. 1, 2022. Multiple medical groups are affected under the Heritage Provider Network in California.
AWS Warns Against Malvertising Targeting Users
Cybersecurity company Sentinel Labs has discovered a new malvertising campaign targeting AWS users. Sentinel Labs warns that cybercriminals have established a campaign on Google Ads programs that take users to a fake landing page to steal their credentials and other details.
Why Network Security Is More Important Than Ever
Modern businesses rely on computers and the internet to perform their daily operations. An example is the use of emails, which is essential for client and internal communications.
Companies also collect data from their customers and use that to perform their services. An online shop needs to process personal information and credit card payments. Hospitals use computers to store patient records so doctors can reference them later. The point is that your organization has data and crucial files that could be valuable to someone else.
Microsoft Edge Renders Using Adobe Acrobat
Adobe and Microsoft announced on Feb. 8, 2023, a collaboration to transform the PDF reading experience by bringing Acrobat to Edge. They aim to provide stronger security and improved performance through the new partnership.
Reddit Cybersecurity Incident
Reddit, a popular social news site, disclosed that it was hacked on Sunday night (pacific time). The company announced on February 9th in a posting that they first became aware of the incident that happened on February 5th. It refers to it as “sophisticated phishing” targeting Reddit employees.
Search Engine Yandex Suffers Massive Leak
Russian search engine Yandex offers a slew of online services to replace Google, Netflix, Spotify, Amazon, and Uber. However, a recent Yandex data leak contains nearly 50 gigabytes of data with leaked files, including information ranging from API (application programming interface) keys to search engine behaviors. Information released by the leaker as “Yandex git sources” contains source code for most of Yandex’s online services.