Security

Stay informed about the latest security breaches, hacks, and cyberattacks in the field of cybersecurity.

HPE Claims Russian Group Responsible for Microsoft Email Breach Hacker Attack

Hpe
Hewlett Packard Enterprise said on Wednesday that its cloud-based email system was compromised by Midnight Blizzard, a Russia-linked hacking group that recently broke into Microsoft’s corporate network. Midnight Blizzard is a notorious hacking group that is widely believed to be sponsored by the Russian government. HPE said an internal investigation has since determined that the Russia-backed hacking group “accessed and exfiltrated data” from a “small percentage” of HPE mailboxes starting in May 2023. “The accessed data is limited to information contained in the users’ mailboxes,” Bauer told TechCrunch. “We don’t have the details of the incident that Microsoft experienced and disclosed last week, so we’re unable to link the two at this time,” Bauer told TechCrunch.

Torq, the Cybersecurity Automation Company, Secures $42M in Expanded Series B Funding

Gettyimages 1310129244
Torq, a self-described “hyperautomation” cybersecurity startup, today announced that it raised $42 million in an extension to its Series B funding round from investors including Bessemer Venture Partners, GGV Capital, Insight Partners, Greenfield Partners and Evolution Equity Partners. “Torq’s approach to a hyperautomation platform works across multiple pillars of the organizational cybersecurity platform, making the organization more resilient.”Smadari co-founded Portland, Oregon-based Torq alongside Ofer Smadari, Leonid Belkind and Eldad Livni in 2020. To that end, Torq lets IT teams create and deploy security workflows designed to integrate with existing cybersecurity infrastructure. Smadari asserts, however, that Torq gives customers the ability to choose which parts of their data are accessible to the Torq platform and where that data’s stored — e.g. According to Smadari, Torq, which makes money by charging an annual subscription, has grown revenue 300% in 2023 on 500% client base growth.

Russian Cyber Spy Group Linked to Latest Malware Attack According to Google

Cybersecurity Padlocks Getty
Google researchers say they have evidence that a notorious Russian-linked hacking group — tracked as “Cold River” — is evolving its tactics beyond phishing to target victims with data-stealing malware. Cold River, also known as “Callisto Group” and “Star Blizzard,” is known for conducting long-running espionage campaigns against NATO countries, particularly the United States and the United Kingdom. Researchers believe the group’s activities, which typically target high-profile individuals and organizations involved in international affairs and defense, suggest close ties to the Russian state. Google says that on discovery of the Cold River malware campaign, the technology giant added all of the identified websites, domains, and files to its Safe Browsing service to block the campaign from further targeting Google users. Google researchers previously linked the Cold River group to a hack-and-leak operation that saw a trove of emails and documents stolen and leaked from high-level Brexit proponents, including Sir Richard Dearlove, the former head of the U.K. foreign intelligence service MI6.

Government-Sponsored Hackers Exploit Fresh Ivanti VPN Vulnerabilities – No Fixes Available

Gettyimages 548311037
U.S. software giant Ivanti has confirmed that hackers are exploiting two critical-rated vulnerabilities affecting its widely-used corporate VPN appliance, but said that patches won’t be available until the end of the month. Ivanti said the two vulnerabilities — tracked as CVE-2023-46805 and CVE-2024-21887 — were found in its Ivanti Connect Secure software. Formerly known as Pulse Connect Secure, this is a remote access VPN solution that enables remote and mobile users to access corporate resources over the internet. When TechCrunch asked why patches weren’t being made available immediately, Ivanti declined to comment. Ivanti is urging that potentially impacted organizations prioritize following its mitigation guidance, and U.S. cybersecurity agency CISA has also published an advisory urging Ivanti Connect Secure to mitigate the two vulnerabilities immediately.

The Harsh Reality: Cybersecurity Layoffs Uncovered in 2023

Handwriting Checks Spending Spac Money
The cybersecurity sector was once largely untouched by the vast headcount reductions taking place across the wider industry, but 2023 shows no sector is immune. But it’s clear that cybersecurity firms are no longer exempt from layoffs, despite a strong workforce and an ever-increasing number of cyberattacks and breaches. According to data from layoffs tracker Layoffs.fyi, more than 110 cybersecurity companies have made cuts since the beginning of 2023. The layoffs came almost exactly a year after Malwarebytes eliminated 14% of its global workforce. While many cybersecurity firms blamed economic headwinds for reductions in headcount, Malwarebytes CEO Marcin Kleczynski told TechCrunch that the layoffs were an exercise in rationalizing expenditures.

“Finding the Silver Lining: How Cybersecurity Sparked Hope in 2023”

Security Bryce Shadow Looming
Bangladesh thanked a security researcher for citizen data leak discoveryWhen a security researcher found that a Bangladeshi government website was leaking the personal information of its citizens, clearly something was amiss. TechCrunch verified that the Bangladeshi government website was leaking data, but efforts to alert the government department were initially met with silence. The data was so sensitive, TechCrunch could not say which government department was leaking the data, as this might expose the data further. Florida’s Lee County took the heavy-handed (and self-owning) position of threatening the security researcher with Florida’s anti-hacking laws. Several state CISOs and officials responsible for court records systems across the U.S. saw the disclosure as an opportunity to inspect their own court record systems for vulnerabilities.

“Encountering the Cyber-Criminals of the Future: A Look into 2023”

Cyber Criminals Indicted
This year was no different to last: we saw another round of high-profile busts, arrests, sanctions, and prison time for some of the most prolific cybercriminals in recent years. Twitter took drastic measures to rid the hackers from its network by temporarily blocking all of the site’s 200-million-plus users from posting. A New York judge sentenced the 24-year-old hacker to five years in prison, two of which O’Connor already served in pre-trial custody. Federal prosecutors this year accused a former Amazon employee of hacking into a cryptocurrency exchange and stealing millions worth of customers’ crypto. Why did a Russian man accused by U.S. prosecutors of ransomware attacks burn his passport?

“9 Gift Ideas to Avoid Giving Your Loved Ones this Holiday Season: Tech Edition”

Getty Images Banana
But this year, give the gift of good security (and privacy) and eschew tech that can have untoward risks or repercussions. Location data is some of the most sensitive data belonging to a person; location can determine where someone was at a particular time, which can be highly revealing and invasive. Even one of the better-known family tracking apps, Life360, was caught selling the precise location data of its users to data brokers. There’s no reason why you shouldn’t discuss the benefits and pitfalls of tracking your kids with your kids. And this year, another smart sex-toy maker exposed the user and location data of its customers thanks to its leaky servers, which the company has yet to fix.

“Everything You Must Know About the Implementation of the SEC’s Latest Data Breach Disclosure Regulations”

Gettyimages 167959993
As the SEC’s new data breach disclosure rules take effect, here’s what you need to know The controversial regulation represents a major shake-up for U.S. organizationsStarting from today, December 18, publicly-owned companies operating in the U.S. must comply with a new set of rules requiring them to disclose “material” cyber incidents within 96 hours. In an 8-K filing, breached organizations must describe the incident’s nature, scope, timing, and material impact, including financial and operational. In addition to the SEC’s new data breach disclosure rules, the regulator has also added a new line item called Item 106 to the Regulation S-K that will be included on a company’s annual Form 10-K filing. In a recent interview with TechCrunch, Sullivan said he welcomed the SEC’s data breach reporting rules, saying: “We can nitpick the details as much as we want, but this is the right way to do it,” he said. Until now, many organizations have taken months to report a breach and only did so after they had completed their investigation.

Google Takes Action to Eliminate the Use of Geofence Warrants, A Key Surveillance Issue it Helped to Create

Cityscape Location Data
Even the courts cannot agree on whether geofence warrants are legal, likely setting up an eventual challenge at the U.S. Supreme Court. While Google is not the only company subject to geofence warrants, Google has been far the biggest collector of sensitive location data, and the first to be tapped for it. Although the companies have said little about how many geofence warrants they receive, Google, Microsoft and Yahoo last year backed a New York state bill that would have banned the use of geofence warrants across the state. The data showed Google received 982 geofence warrants in 2018, then 8,396 geofence warrants in 2019, and 11,554 geofence warrants in 2020 — or about one-quarter of all the legal demands that Google received. But there is hope that Google shutting the door on geofence warrants — at least going forward — could significantly curtail this surveillance loophole.