Palo Alto Networks urged companies this week to patch against a newly discovered zero-day vulnerability in one of its widely used security products, after malicious hackers began exploiting the bug to break into corporate networks.
Because the vulnerability allows hackers to gain complete control of an affected firewall over the internet without authentication, Palo Alto gave the bug a maximum severity rating.
The ease with which hackers can remotely exploit the bug puts thousands of companies that rely on the firewalls at risk from intrusions.
Adding another complication, Palo Alto initially suggested disabling telemetry to mitigate the vulnerability, but said this week that disabling telemetry does not prevent exploitation.
Security firm Volexity, which first discovered and reported the vulnerability to Palo Alto, said it found evidence of malicious exploitation going back to March 26, some two weeks before Palo Alto released fixes.
Hotel chain giant Omni Hotels & Resorts has confirmed cybercriminals stole the personal information of its customers in an apparent ransomware attack last month.
In an update on its website posted on Sunday, Omni said the stolen data includes customer names, email addresses, and postal addresses, as well as guest loyalty program information.
The company said the stolen data does not include financial information or Social Security numbers.
Ransomware gangs typically use such dark web sites to publish stolen information to extort a ransom from their victims.
A sample of the stolen data shared with DataBreaches.net matched the types of customers’ personal information that Omni said was taken.
Apple sent threat notifications to iPhone users in 92 countries on Wednesday, warning them that may have been targeted by mercenary spyware attacks.
The company sent the alerts to individuals in 92 nations at 12pm Pacific Time on Wednesday.
“Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID -xxx-,” the company wrote in the warning to customers.
“This attack is likely targeting you specifically because of who you are or what you do.
Although it’s never possible to achieve absolute certainty when detecting such attacks, Apple has high confidence in this warning — please take it seriously.”The iPhone-maker sends these notifications multiple times a year and has notified users in over 150 countries since 2021, it wrote in an updated support page.
The European Data Protection Supervisor (EDPS) has warned key planks of the bloc’s data protection and privacy regime are under attack from industry lobbyists and could face a critical reception from lawmakers in the next parliamentary mandate.
Any shift of approach by incoming lawmakers could have implications for the bloc’s high standard of protection for people’s data.
But he particularly highlighted industry lobbying, especially complaints from businesses targeting the GDPR principle of purpose limitation.
Wiewiórowski did not explicitly blame generative AI for driving the “strong attacks” on the GDPR’s purpose limitation principle.
So any AI-driven weakening of EU data protection laws in the near term is likely to have long term consequences for citizens’ human rights.
Now, Coro — one of the startups building tools specifically for smaller businesses — is announcing a big round of funding after seeing its recurring revenues shoot up 300% in the last year.
Sources close to the deal tell TechCrunch that its valuation is over $750 million post-money.
And among SMBs responding to a survey from Digital Ocean, 74% named data privacy a top concern.
The opportunity in the security market for SMBs that Coro has identified is that these businesses typically lack the teams and internal IT budgets to dedicate to building and managing their defenses.
Its round last year, in April 2023, was $75 million at a $575 million valuation (also post-money).
On Friday, Microsoft said Russian government hackers continue to break into its systems using information obtained during a hack last year.
This time, the Russian hackers dubbed Midnight Blizzard have targeted Microsoft’s source code and other internal systems, the company said.
This has included access to some of the company’s source code repositories and internal systems,” Microsoft wrote in a blog post.
This new intrusion comes after Microsoft revealed in January that Russian government hackers had broken into the company’s systems last November.
Midnight Blizzard is believed to be a hacking group working for Russia’s Foreign Intelligence Service, known by its Russian initials, SVR.
Tesla’s factory outside Berlin, Germany will likely be shut down for days and cost the automaker more than $100 million, after a suspected arson attack on the local power grid.
The fire didn’t spread to Tesla’s factory and nobody was harmed, though employees were evacuated.
A purported activist organization calling itself the “Volcano Group” took credit for the fire in a letter posted online Tuesday.
The same group took credit for a similar fire near the site in 2021.
Last month, Tesla’s plan to expand the factory was also voted down by the public.
A spokesperson for Change Healthcare did not immediately respond to a request for comment.
Change Healthcare is an American healthcare tech giant and one of the country’s largest processors of prescription medications, handling prescriptions and billing for more than 67,000 pharmacies across the U.S. healthcare system.
The healthcare tech giant handles 15 billion healthcare transactions annually — or about one-in-three U.S. patient records.
Change Healthcare merged with healthcare provider Optum in 2022 as part of a $7.8 billion deal under UnitedHealth Group.
The cyberattack at Change Healthcare began on February 21 early on the U.S. East Coast, causing widespread outages at pharmacies and healthcare facilities.
Researchers warn high-risk ConnectWise flaw under attack is ’embarrassingly easy’ to exploit “I can’t sugarcoat it — this shit is bad," said Huntress' CEOSecurity experts are warning that a high-risk vulnerability in a widely used remote access tool is “trivial and embarrassingly easy” to exploit, as the software’s developer confirms malicious hackers are actively exploiting the flaw.
The maximum severity-rated vulnerability affects ConnectWise ScreenConnect (formerly ConnectWise Control), a popular remote access software that allows managed IT providers and technicians to provide real-time remote technical support on customer systems.
Cybersecurity company Huntress on Wednesday published an analysis of the actively exploited ConnectWise vulnerability.
ConnectWise also released a fix for a separate vulnerability affecting its remote desktop software.
The U.S. agencies also observed hackers abusing remote access software from AnyDesk, which was earlier this month forced to reset passwords and revoke certificates after finding evidence of compromised production systems.
A spam attack that impacted the open source X rival Mastodon, Misskey, and other apps highlights how the decentralized social web, also known as the Fediverse, is open to abuse.
Over the past several days, attackers have targeted smaller Mastodon servers, taking advantage of open registrations to automate the creation of spam accounts.
While this is not the first spam attack that has impacted the Fediverse, Rochko notes that only larger servers like Mastodon.social had been targeted previously.
The spam attack highlighted one of the weaknesses that comes with how the Fediverse is structured.
It makes me want to walk away and give up,” wrote one Mastodon server admin sam@urbanists.social.
