Tag: Suppliers | SpinSafe

Hackers Targeted News Corp’s Tech Suppliers

February 5, 2022/in Computer Security

Hackers with suspected links to China targeted

third-party technology suppliers, according to a company filing.

News Corp, which owns the New York Post and The Wall Street Journal parent Dow Jones, said it was the target of a hack that accessed emails and documents of journalists and other employees.

The company in a securities filing on Friday said it “relies on third-party providers for certain technology and ‘cloud-based’ systems and services that support a variety of business operations,” and that one of these systems “was the target of persistent cyberattack activity.”

The attack came as U.S. officials over the past year have been increasingly warning of criminal and nation-state hackers breaking into the computer systems of organizations through sometimes opaque supply chains for software and other technologies.

A News Corp spokesman on Friday declined to comment on its vendors or which data was stolen, citing a continuing investigation. In its email to staff, News Corp said that computer systems housing consumer and financial data weren’t affected.

“In addition, we have not experienced related interruptions to our business operations,” Chief Technology Officer David Kline and Chief Information Security Officer Billy O’Brien wrote in the email. “Based on our investigation to date, we believe the threat activity is contained.”

Messrs. Kline and O’Brien said their inquiry is in its early stages.

The Wall Street Journal reported Friday that hackers had access to News Corp’s systems since at least February 2020, gaining access to emails and Google Docs, including drafts of articles. Beijing that year expelled U.S. journalists…

Source…

The hacker group that went after one of Apple’s suppliers found a new victim

June 11, 2021/in Computer Security

Sol Oriens, which consults with the federal government on security-related projects including work with the National Nuclear Safety Administration, is REvil’s latest ransomware victim.
Sol Oriens said it became aware of the “cybersecurity incident” in May.
CNBC has learned that documents posted on the dark web include invoices for NNSA contracts and descriptions of research and development projects managed by defense and energy contractors

graphical user interface, text, application

© Provided by CNBC

The hacker group REvil has become a headache for a new victim: a 50-person firm based in Albuquerque, New Mexico, that consults with the federal government on security-related projects.

Load Error

Sol Oriens, which consults for the U.S. Department of Energy’s National Nuclear Safety Administration, confirmed to CNBC that it became aware of the “cybersecurity incident” in May, its investigation is ongoing and law enforcement has been notified.

In a statement, the company said it “recently determined that an unauthorized individual acquired certain documents from our systems. Those documents are currently under review, and we are working with a third-party technological forensic firm to determine the scope of potential data that may have been involved.”

Sol Oriens did not name the attacker or confirm that it was ransomware, but CNBC has learned that the well-known hacker group REvil was responsible for the assault, according to cybersecurity sources.

One cybersecurity firm, which has seen documents posted on the dark web, told CNBC that they include invoices for NNSA contracts, descriptions of research and development projects managed by defense and energy contractors dated as recently as 2021, and wage sheets containing full names and Social Security numbers of Sol Oriens employees.

Video: Apple expert with key highlights from the company’s developer conference (CNBC)