••• All important news related to new attacks and see the solutions we can offer you •••
UK firm NOW: Pensions tells 1.7 million customers a 'service partner' leaked their data all over 'public software forum'Read the original article here
Workplace pension provider NOW: Pensions has emailed its near 1.7 million UK customers to warn about a data leakage caused by contractor error.
The email, seen by this publication, claims a service provider "unintentionally" posted user data to an unnamed "public software forum". These records include biographical data (names, email addresses, and dates of birth) as well as National Insurance numbers. According to the pension provider, the data was obtained by "a small number" of third parties.
NOW: Pensions said the records were only visible for "a short time". This apparently means three days, with the company saying the data was exposed between 11 and 14 December.
Supply Chain Cyber Attack on Strategic Logistics Software Company “Amital”Read the original article here
An attack on the servers at the software company Amital led to subsequent infiltration to about 40 other Israeli Logistics companies. The lack of a ransom note or any other indicator of a financial gain motivated attack lead the investigators to believe it might be a strategic attack.
According to an article published this morning in the leading Israeli Finance news site “Calcalist”, the attackers hacked into Amital’s servers, and gained access to its list of customers and credentials to access their networks.
Besides Amital, another 15-20 logistics companies were hacked (which aren’t related to Amital) this again raises the suspicion of a national cyber attack and not cybercrime.
SUNBURST backdoor - SolarWinds supply chain attack
FireEye has uncovered a widespread campaign, that we are tracking as UNC2452.
The actors behind this campaign gained access to numerous public and private organizations around the world.
They gained access to victims via trojanized updates to SolarWind's Orion IT monitoring and management software.
This campaign may have begun as early as Spring 2020 and is currently ongoing.
Post compromise activity following this supply chain compromise has included lateral movement and data theft.
The campaign is the work of a highly skilled actor and the operation was conducted with significant operational security.