Tag Archive for: Affected

Russian gang’s hack in Maine affected personal data of 1.3 million people

/in


More than 1 million people who had contact with Maine state agencies have been caught up in a Russian gang’s international cybersecurity breach, potentially exposing their Social Security numbers, dates of birth and other confidential information, state officials said Thursday.

The Department of Administrative and Financial Services is notifying people who may have been affected by what it called a “global cybersecurity incident” that occurred May 28 and May 29 concerning the file transfer tool, MOVEit. The state is among several thousand organizations affected by software vulnerability that allowed cybercriminals to access and download data, the state said in an announcement about the breach. It affected industries such as insurance, finance, education, health and government.

The breach, which affected 1.3 million people, exposed data on more than half of  the state Department of Health and Human Services workers and between 10% and 30% of the employees at the Department of Education. Maine’s population is 1.37 million people.

Other affected agencies are the Office of the Controller, Workers’ Compensation, Bureau of Motor Vehicles, Department of Corrections, Department of Economic and Community Development, Bureau of Human Resources, Department of Professional and Financial Regulation, and the Bureau of Unemployment Compensation.

Once the breach was discovered, the state sought to identify people whose information might have been compromised. The assessment of those affected took months and was recently completed. The state is now notifying individuals using a press release issued nationwide, the U.S. Postal Service and email.

The exploited program, MOVEit, a file-transfer platform made by Progress Software Corp., is widely used by businesses to share files, The Associated Press reported in June. The breach was blamed on a Russian cyber-extortion gang’s hack of a file-transfer program popular with corporations and governments.

The incident in May was specific and limited to Maine’s MOVEit server and did not impact any other state networks or systems, according to information posted on the state’s website.

Maine agencies hold information about…

Source…

Infosys US unit reportedly affected by ransomware

/in


Ransomware attackers have reportedly targeted India-based IT consulting firm Infosys’ U.S.-based subsidiary McCamish Systems, The Times of India reports.

Infosys McCamish Systems, which provides platform-based life insurance, annuity, and retirement services, was confirmed by Infosys in a stock exchange filing to have had some of its applications and systems disrupted by a cybersecurity event, which online publication Cybersecurity Insiders noted to be a ransomware intrusion. Such an attack has been humorously suggested by some individuals over on Reddit to be conducted following former Infosys CEO Narayan Murthy’s statements calling for a 70-hour work week among the Indian youth, according to Cybersecurity Insiders. However, Infosys has yet to provide more details regarding the incident.

“Infosys McCamish Systems, an advocate for robust data protection and security, is actively implementing measures to mitigate the risks stemming from this incident,” said Cybersecurity Insiders. Such an attack comes after ransomware and phishing intrusions against IT firms Cognizant and Wipro in 2020 and 2019, respectively.

Source…

Rise in global cyberattacks, ransomware threats surge, healthcare and APAC most affected

/in


According to a recent comparative study by Check Point Research, the first nine months of 2023 and 2022 have witnessed an increase in global cyberattacks. The report reveals that average weekly global cyberattacks rest 3% higher this year as compared to the prior year.

Among the numerous cybersecurity threats, ransomware remains prominent, affecting 1 in every 34 organisations, a 4% surge from 2022. North America experienced the highest increase of 25% compared to 2022. The healthcare industry, accompanied by the Asian-Pacific (APAC) region, also witnessed significant year-on-year spikes in average weekly cyberattacks.

In the health sector, approximately 1613 weekly attacks have been recorded, amounting to an 11% year-over-year increase. Besides, the APAC area also experienced robust cyber-attack attempts, marking a 15% increase YoY.

Emphasising the severity of ransomware threats, the report illustrates that one out of every 34 organisations worldwide encountered such an attack attempt, indicating a 4% surge compared to the same timeframe last year.

Over the past year in North America alone, there was a significant rise of 25% in ransomware attacks, making it the region with the highest increase. Reports show ransomware threats are growing due to several factors such as the lucrative business model it offers to cybercriminals, increasing use of sophisticated techniques, rise of Ransomware-as-a-Service (RaaS) platforms, and weak cyber hygiene in many organisations.

In an observing note, many of the most impacted industries encompass critical infrastructure and services. The Utilities sector, which experienced a dramatic 26% increase in ransomware impact over the last year, is a prominent example.

Altogether, the figures underline the rapidly evolving and complex landscape of cyber threats on a global scale. Highlighting the importance of robust and proactive security measures, the report encourages organisations to invest further in IT resources, upgrade legacy systems, and most importantly, train their employees to identify and avoid common cyber threats.

Source…

Cisco IOS XE Hack: Researchers Find Another ‘Sharp Increase’ In Affected Devices

/in


Security News


Kyle Alspach


One of the most serious network device attacks in recent memory continues to widen, according to Censys researchers.

ARTICLE TITLE HERE


Compromises of Cisco IOS XE devices jumped by 8,000 on Wednesday, bringing the total number of affected systems to nearly 42,000, according to the latest data from cybersecurity firm Censys.

There’s no patch available for the critical vulnerability that’s being exploited in the attacks, although Cisco has provided mitigations that it’s said are effective at thwarting the compromises. IOS XE is a widely used Cisco networking software platform, with estimates suggesting that more than 140,000 devices in total are potentially vulnerable.

[Related: Why Cisco IOS XE Attacks Are Setting Off Alarm Bells]

Censys researchers had previously found 34,140 Cisco devices compromised, but on Wednesday said they had “found a sharp increase in infections” with the tally climbing to 41,983.

In response to a CRN inquiry Wednesday, Cisco said it did not have any new information to share.

Cisco said in an advisory Monday that the zero-day privilege escalation vulnerability—which is tracked as CVE-2023-20198—warrants the maximum severity rating, 10.0 out of 10.0.

Exploitation of the critical vulnerability can allow a malicious actor to acquire “full control of the compromised device and [allow] possible subsequent unauthorized activity,” Cisco’s Talos threat intelligence team said in a blog post Monday.

The attacks are one of the most serious network device hacks in recent memory, experts have said.

“The last few weeks have seen their fair share of potential sky-crumbling advisories,” Censys researchers said in a post. Those have included a vulnerability in Exim mail servers, “which amounted to much of nothing,” and an HTTP/2 attack that turned out to have a very narrow impact.

“But this time, Apollo, I think we have a problem,” the Censys researchers wrote, referring to the Cisco IOS…

Source…