Le 3 janvier 2024, une partie du trafic IP à destination de la filiale espagnole d'Orange n'a pas été transmis, en raison d'un problème BGP, le système dont dépend tout l'Internet. Une nouveauté, par rapport aux nombreux autres cas BGP du passé, est qu'il semble que le problème vienne du piratage d'un compte utilisé par Orange. Quelles leçons tirer de cette apparente nouveauté ?
Ubisoft is investigating whether it suffered a breach after images of the company's internal software and developer tools were leaked online.
Ubisoft is a French video game publisher known for well-known titles, including Assassin's Creed, FarCry, Tom Clancy's Rainbow Six Siege, and the new Avatar: Frontiers of Pandora.
Ubisoft told BleepingComputer that they are investigating an alleged data security incident after security research collective VX-Underground shared screenshots of what appears to be the company's internal services.
Message to current and former public service employees and members of the Canadian Armed Forces and Royal Canadian Mounted Police
According to ecrime.ch data, confirmed ransomware incidents occurred in 105 countries, originating from 58 ransomware groups. This number is relatively consistent with last year’s data, in which we calculated that incidents impacted organizations in 109 countries and documented at least 60 distinct ransomware families. Though the overall statistics remain relatively consistent from last year to this year, there is more to the story: new trends in the ecosystem include the shifting dynamics of ransomware groups, the rise of the education sector as a key target, and the trends in geographic distribution of attacks.
Okta Security has identified adversarial activity that leveraged access to a stolen credential to access Okta's support case management system.
The threat actor was able to view files uploaded by certain Okta customers as part of recent support cases. It should be noted that the Okta support case management system is separate from the production Okta service, which is fully operational and has not been impacted. In addition, the Auth0/CIC case management system is not impacted by this incident.
We detected suspicious activity on our Okta instance that we use to manage our employee-facing apps. We immediately terminated the activity, investigated, and found no compromise of user data or other sensitive systems, either employee-facing or user-facing.
Due to a recent Google change, MFA isn't truly MFA.
As a result, today we are publishing details of activity by a sophisticated nation-state sponsored threat actor that gained unauthorized access to our systems to target a small and specific set of our customers. Prior to sharing this information, we notified and worked with the impacted customers. We have also been working with our incident response (IR) partners and law enforcement on both our investigation and steps designed to make our systems and our customers’ operations even more secure. The attack vector used by the threat actor has been mitigated.
Learn more about a failed extortion scheme against Dragos in May 2023. No Dragos systems were breached, including anything related to the Dragos Platform.
Charlotte, NC – February 22, 2023– Dole plc (DOLE:NYSE) announced today that the company recently experienced a cybersecurity incident that has been identified as ransomware.
Because we take security, privacy, and transparency very seriously, we are sharing the details of a recent incident.
We are working diligently to understand the scope of the incident and identify what specific information has been accessed.
Incident has hit parts of media company’s technology infrastructure, with staff told to work from home
We were recently the target of a phishing campaign that successfully accessed some of the code we store in GitHub. No one’s content, passwords, or payment information was accessed, and the issue was quickly resolved. Our core apps and infrastructure were also unaffected, as access to this code is even more limited and strictly controlled. We believe the risk to customers is minimal. Because we take our commitment to security, privacy, and transparency seriously, we have notified those affected and are sharing more here.
We have no evidence that this incident involved any access to customer data or encrypted password vaults. Our products and services are operating normally.
The security of DigitalOcean customers and their data is a responsibility we approach with utmost dedication. When our customers' security is threatened we respond swiftly, communicate with transpa...
