Following the news that a new zero-day vulnerability in the Spring Core Java framework called ‘Spring4Shell’ has been publicly disclosed, please see below comments from security experts.
ISBuzz Team
Following the news that – The PCI Council has released the latest update to the PCI Data Security Standard today (March 31). https://www.pcisecuritystandards.org/about_us/press_releases/pr_03312022
It’s reported that Apple and Meta handed over user data to hackers who faked emergency data request orders typically sent by law enforcement, according to Bloomberg. Fake emergency data requests are becoming increasingly common, as explained in a recent report from Krebs on Security.
A new study finds that only one third of businesses require MFA access, have separate staff /guest WI-FI or use VPNs for remote workers. The UK government released their Cyber Security Breaches Survey 2022 this week reporting that only around third of organizations follow any of these practices, with the percentage being only slightly higher for businesses vs charity organizations. The report goes on: “Two-factor authentication was covered for the first time in this year’s survey. Just over a third of businesses (37%) and just under a third of charities (31%), have a requirement for their people to use two-factor…
More than $600 million in cryptocurrency has been stolen from the gaming-focused Ronin Network in what may be the largest crypto hack ever. It’s been reported that 173,600 in Ethereum cryptocurrency (worth $594.6 million) and $25.5 million in U.S. dollars were taken, resulting in a total loss of $625 million.
Online retail and photography manufacturing platform Shutterfly has disclosed a data breach that exposed employee information after threat actors stole data during a Conti ransomware attack. Shutterfly offers photography-related services to consumers, the enterprise, and education through various brands, including Shutterfly.com, BorrowLenses, GrooveBook, Snapfish, and Lifetouch. Today, Shutterfly disclosed that its network was breached on December 3rd, 2021, due to a ransomware attack.
This morning we saw that there was an attack on popular video game Axie Infinity where hackers swiped $625 million in cryptocurrency, marking one of the largest crypto thefts to date amid rising rates of such crime.
According to official statement from Okta, the authentication services company is investigating a breach to their systems, after the ransomware group, Lapsus$ published a message in their official Telegram group, claiming they have breached the company but “didn’t steal/access any Okta database”. The target of the attack, according to the group, wasn’t Okta but its customers.
In light of new data revealing UK ransomware attacks have doubled in the past year, Industry leaders reacted below.
In response to reports that the personal data of around 820,000 current and former New York City public school students was compromised in the hack of a widely-used online grading and attendance system earlier this year according to the US Dept. of Education, cyber security experts reacted below.