CCleaner Supply Chain Attack Targeted Technology Companies

New evidence shows the hackers who infected the installers for the popular CCleaner system optimization tool were primarily targeting the program’s business users. There are also links between the malware code and a well-known Chinese cyber-espionage group. The malware-infected installers for 32-bit versions of CCleaner and CCleaner Cloud released in August were installed on more
Read more

Insecure Elasticsearch Nodes Host Malware Command-and-Control Servers

More than 4,000 misconfigured Elasticsearch nodes, most of them running on Amazon Web Services’ platform, have been hijacked by attackers to host malware command-and-control servers. The compromised nodes were discovered by researchers from security firm Kromtech Alliance, who were researching Elasticsearch servers that had been configured by their owners to be publicly accessible without authentication.
Read more

Forrester Report Outlines True Cost of Data Breaches

Data breaches hurt. Just ask Equifax, the latest poster child in the ongoing litany of companies where breaches may have exposed customer data. It joins the ranks of Target and Home Depot in offering real-life examples of expensive and painful business-recovery plans. A recent Forrester Research report, “Calculate The Business Impact And Cost Of A
Read more

Dragonfly Cyberspy Group Ramps Up Attacks Against Energy Sector

Symantec warns that a sophisticated cyberespionage group known as Dragonfly is aggressively targeting companies from the energy sector in Europe and the United States. The company’s researchers have seen evidence that in some cases the group obtained access to operational control systems. Dragonfly has been operating since 2011 and has significantly ramped up its attacks
Read more
Page 1 of 212