incident response Archives - Page 12 of 15

Cisco Aware of Attacks Exploiting Critical Firewall Flaw

Issued by: Security Week

Cisco informed customers on Wednesday that it has become aware of malicious attacks attempting to exploit a recently patched vulnerability affecting the company’s Adaptive Security Appliance (ASA) software. No other information has been provided by the networking giant, but it’s worth noting that aproof-of-concept (PoC) exploit designed to cause a denial-of-service (DoS) condition on devices running…

Vulnerabilities

AMD, Apple Sued Over CPU Vulnerabilities

Issued by: Security Week

Apple and Advanced Micro Devices (AMD) are also facing class action lawsuits following the disclosure of critical CPU vulnerabilities that affect billions of devices. The Meltdown and Spectre attack methods, which rely on vulnerabilities that have been around for roughly two decades, allow malicious applications to bypass memory isolation mechanisms and access passwords, photos, documents, emails, and…

Network Security

In Case of Emergency, Break Glass: Protecting User Credentials in the Event of a Data Breach

Issued by: Security Intelligence

There have been countless cyberbreaches over the past few years in which personal data, such as user IDs and passwords, have been compromised. These range from attacks against government agencies, such as two recent incidents affecting the national identity systems in Spain and Estonia, to corporate breaches exposing data belonging to millions of customers. In…

Vulnerabilities

Nissan Canada Informs 1.1 Million Customers of Data Breach

Issued by: Security Week

Nissan Canada revealed on Thursday that the personal information of some customers may have been compromised as a result of a data breach discovered by the company on December 11. The incident affects individuals who have financed their vehicles through Nissan Canada Finance (NCF) and INFINITI Financial Services Canada. The exact number of impacted customers…

Software Security

Kaspersky Sues U.S. Government Over Product Ban

Issued by: Security Week

Kaspersky Lab has filed a lawsuit against the U.S. government in response to the decision of the Department of Homeland Security (DHS) to ban the use of the company’s products in federal agencies. The Russia-based cybersecurity firm’s appeal, filed in the U.S. District Court for the District of Columbia, targets the DHS’s Binding Operational Directive…

Malware & Threats

Hackers Target Security Firm Fox-IT

Issued by: Security Week

Fox-IT, the Netherlands-based cybersecurity firm owned by NCC Group, revealed on Thursday that it had been the victim of a man-in-the-middle (MitM) attack made possible by DNS records getting changed at its third-party domain registrar. The incident took place back in September and Fox-IT decided to disclose it now after conducting a detailed analysis. A…

Malware & Threats

New Year, New Threats: Five Security Predictions That Will Take Hold in 2018

Issued by: Security Intelligence

On Dec. 31, we’ll close the books on a year that will go down in history — not due to world events, scientific discoveries or pop culture happenings, but because of the record numbers of personally identifiable information (PII) exposed through major data breaches and cybersecurity events that happened throughout the year.

Malware & Threats

Hackers Target U.K. Shipping Giant Clarkson

Issued by: Security Week

Clarkson, one of the world’s largest providers of shipping services, informed the public on Tuesday that it has suffered a security breach and the hackers may release some data taken from its systems. Clarkson provided only few details citing the ongoing law enforcement investigation, but the information it made public suggests that it was targeted…

Application Security

Uber in Legal Crosshairs Over Hack Cover-up

Issued by: Security Week

Two US states on Wednesday confirmed they are investigating Uber’s cover-up of a hack at the ride-sharing giant that compromised the personal information of 57 million users and drivers. Uber purportedly paid data thieves $100,000 to destroy the swiped information — and remained quiet about the breach for a year. That decision evidently came despite…

Malware & Threats

Kaspersky May Have Found How Russian Hackers Stole NSA Data

Issued by: Security Week

Security firm Kaspersky Lab has shared preliminary results from its investigation following media reports that Russian hackers used its software to steal sensitive NSA data from a contractor’s computer back in 2015. The Wall Street Journal reported earlier this month that a threat group working for the Russian government stole information on how the U.S….