Data Breach

January 20, 2021

SolarWinds attack opened up 4 separate paths to a Microsoft 365 cloud breach

Tactics expose the need for organizations to develop cohesive playbooks for breaches affecting hybrid environments.

The post SolarWinds attack opened up 4 separate paths to a Microsoft 365 cloud breach appeared first on SC Media.

January 15, 2021

With insured losses estimated at $90 billion, did cyber insurance firms dodge financial calamity?

The number of SolarWinds victims will likely grow in the upcoming months, but direct insured costs should remain close to the current estimate since many of the organizations hit – particularly federal agencies – do not carry insurance against cyber risks.

The post With insured losses estimated at $90 billion, did cyber insurance firms dodge financial calamity? appeared first on SC Media.

January 13, 2021

Ubiquiti urges password reset, 2fa after breach

IoT networking device vendor Ubiquiti experienced a breach of a web portal it uses to manage remote devices and as a support portal. The web servers stored information pertaining to user profiles for the account.ui.com portal that Ubiquiti makes available to customers who bought one of its router or webcam products, a ZDNet report said.…

The post Ubiquiti urges password reset, 2fa after breach appeared first on SC Media.

January 11, 2021

SolarWinds hack is the perfect foreword to new book on history’s biggest breaches

SC Media spoke to author and former CISO Neil Daswani about his upcoming new book "Big Breaches: Cybersecurity Lessons for Everyone."

The post SolarWinds hack is the perfect foreword to new book on history’s biggest breaches appeared first on SC Media.

January 8, 2021

Legal recourse? Nissan balances competitive and security fallout from source code leak

News that source code of Nissan North America tools leaked online because of a misconfigured Git server spurs questions not only about potential cyberattacks by bad actors, but also whether competitors could use the sensitive data against the automobile giant.

The post Legal recourse? Nissan balances competitive and security fallout from source code leak appeared first on SC Media.

January 8, 2021

CISA discovers token abuse around SolarWinds hack, calls for full rebuild of affected networks

The agency has found evidence of authentication token abuse in networks infected with corrupted versions of Orion software and say restoring integrity will require a full network rebuild in certain cases.

The post CISA discovers token abuse around SolarWinds hack, calls for full rebuild of affected networks appeared first on SC Media.

January 7, 2021

The physical breach of the Capitol building opens a cybersecurity pandora’s box

The incident, as well as the response among those on Capitol Hill tasked with securing government technology assets, serves as a dramatic and evolving case study for public and private sector entities on the scope of the cybersecurity risk tied to a physical breach.

The post The physical breach of the Capitol building opens a cybersecurity pandora’s box appeared first on SC Media.

January 5, 2021

Fourth breach at T-Mobile puts focus on security of post mergers

T-Mobile reported a breach that compromised customer data – the company’s fourth in three years – raises questions about whether the mobile carrier’s massive merger with Sprint left the combined company more vulnerable. Indeed, when companies merge, particularly sizable ones, the integration of technology systems and networks can often introduce new security considerations. “The volume…

The post Fourth breach at T-Mobile puts focus on security of post mergers appeared first on SC Media.

January 4, 2021

Microsoft doesn’t treat its source code like a trade secret. Is that smart?

In the course of investigating the impacts of the SolarWinds breach, Microsoft security specialists discovered “unusual activity” within a number of internal accounts, including one that was used to view the company’s internal source code.

The post Microsoft doesn’t treat its source code like a trade secret. Is that smart? appeared first on SC Media.