Breaking News

•••  All important news related to new attacks and see the solutions we can offer you  •••

22/12/2020

UK firm NOW: Pensions tells 1.7 million customers a 'service partner' leaked their data all over 'public software forum'

Read the original article here
Cyber Defense

Workplace pension provider NOW: Pensions has emailed its near 1.7 million UK customers to warn about a data leakage caused by contractor error.

The email, seen by this publication, claims a service provider "unintentionally" posted user data to an unnamed "public software forum". These records include biographical data (names, email addresses, and dates of birth) as well as National Insurance numbers. According to the pension provider, the data was obtained by "a small number" of third parties.

NOW: Pensions said the records were only visible for "a short time". This apparently means three days, with the company saying the data was exposed between 11 and 14 December.

See our Rescana solution in action, which can help you to keep an eye on your contractors and suppliers. Next to that it will find your data once it hits the web.
16/12/2020

Supply Chain Cyber Attack on Strategic Logistics Software Company “Amital”

Read the original article here
Cyber Defense

An attack on the servers at the software company Amital led to subsequent infiltration to about 40 other Israeli Logistics companies. The lack of a ransom note or any other indicator of a financial gain motivated attack lead the investigators to believe it might be a strategic attack.

According to an article published this morning in the leading Israeli Finance news site “Calcalist”, the attackers hacked into Amital’s servers, and gained access to its list of customers and credentials to access their networks.

Besides Amital, another 15-20 logistics companies were hacked (which aren’t related to Amital) this again raises the suspicion of a national cyber attack and not cybercrime.

Please have a look at the Rescana sollution we offer and see how you make sure it will not happen to your organization
14/12/2020

SUNBURST backdoor - SolarWinds supply chain attack

Cyber Defense

FireEye has uncovered a widespread campaign, that we are tracking as UNC2452.
The actors behind this campaign gained access to numerous public and private organizations around the world.
They gained access to victims via trojanized updates to SolarWind's Orion IT monitoring and management software.
This campaign may have begun as early as Spring 2020 and is currently ongoing.
Post compromise activity following this supply chain compromise has included lateral movement and data theft.
The campaign is the work of a highly skilled actor and the operation was conducted with significant operational security.

Contact us for a test with Cymulate Breach and Attack Simulation
Load more