The attack earlier this year that compromised systems and data at LastPass is more extensive than the password management software provider previously revealed. LastPass says the attacker downloaded from the cloud backups of multiple users' encrypted password vaults, as well as unencrypted URLs.
Identity and access management company Okta revealed that its private GitHub repositories were accessed earlier in the month, resulting in the theft of its source code in its Workforce Identity Cloud code repositories. "No customer data was impacted," Okta says.
Thirteen bot farms transmitting pro-Kremlin messages across more than 1.5 million fake accounts are no longer operating after Ukrainian police raided their locations. Russia's attempted conquest of Ukraine is accompanied by heavy doses of online propaganda aimed at splitting support for Kyiv.
A phishing campaign against users of a Ukrainian battlefield awareness tool masqueraded as an email from a Ministry of Defense employee telling the users to update their digital certificates, says the Ukrainian Computer Emergency Response Team. The tool, dubbed Delta, is a digital map.
A forensic examination of an email hosting service offered by subsidiaries of Australian telecom firm TPG revealed an intrusion affecting up to 15,000 customers, the company disclosed Wednesday. The breach adds to a growing list of cyber incidents experienced by Australia's telecommunication sector.
Australian Home Affairs and Cyber Security Minister Clare O'Neil vowed during a speech to transform the country into the world's most cyber-secure, saying experts will start work on a strategy intended to outdo the rest of the world by 2030. The country has recently experienced a data breach wave.
Microsoft Office's use of Internet Explorer to render HTML is the gift that keeps giving for North Korean hackers. Security researchers at Google say they spotted a Pyongyang threat actor using a now-patched JavaScript engine flaw via a malicious Office document.
A ransomware attack on a New Zealand third-party managed IT service provider affected several government agencies across the country - including the Ministry of Justice and the national health authority. Investigations are ongoing to determine the incident's full impact.
A French hospital in the Parisian suburbs scrambled to respond to a weekend cyber incident by transferring patients, directing emergency cases elsewhere and bringing on additional staffers to observe patients. The incident does not appear to have spread beyond the Hospital Center of Versailles.
New Zealand private health insurer Accuro says an investigation into a cyber incident at a third party IT infrastructure provider so far has not revealed evidence of a data breach affecting its 34,000 customers. Customers should expect delayed service in claims processing.
The Russia-based ransomware gang behind the hack of Australia's largest private health insurer says it posted a full set of stolen data. The Australian Information Commissioner said it will probe the insurer's personal information handling practices.
Staffers reacted with incredulity after a cyber incident at a Greater Toronto school district kept systems offline and forced teachers to take attendance manually. Online learning and student Chromebooks were not working at Durham District School Board, which serves more than 74,000 students.
A cyberattack on a Canadian teachers’ union gave thieves access to sensitive data of more than 60,000 members The union is yet to disclose the exact number of affected individuals, but stated that both former and current members are impacted.
Microsoft says vulnerabilities in outdated web servers are likely responsible for a cyberattack last month against Indian energy giant Tata Power. Attackers targeted Boa servers, which were discontinued in 2005, to potentially compromise Tata and other critical infrastructure organizations around the world.
The nefarious LockBit 3.0 cybercriminal group is claiming responsibility for the ransomware attack that halted municipal services and shut down employee email accounts in Westmount, Quebec, giving the city a deadline of Dec. 4 to make an undisclosed ransom payment.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
