Found 20 bookmarks
Custom sorting
Resecurity | Cl0p Ups the Ante with Massive MOVEit Transfer Supply-Chain Exploit
Resecurity | Cl0p Ups the Ante with Massive MOVEit Transfer Supply-Chain Exploit
The supply-chain cyberattack that targeted Progress Software’s MOVEit Transfer application has compromised over 963 private and public-sector organizations worldwide. The ransomware group, Cl0p, launched this attack campaign over Memorial Day weekend. Some higher-profile victims of the hack include Maximus, Deloitte, TIAA, Ernst & Young, Shell, Deutsche Bank, PricewaterhouseCoopers, Sony, Siemens, BBC, British Airways, the U.S. Department of Energy, the U.S. Department of Agriculture, the Louisiana Office of Motor Vehicles, the Colorado Department of Health Care Policy and Financing, and other U.S. government agencies. Thus far, the personal data of over 58 million people is believed to have been exposed in this exploit campaign.
#resecurity#EN#2023#MOVEit#Supply-Chain#Exploit#cyberattack
·resecurity.com·
Resecurity | Cl0p Ups the Ante with Massive MOVEit Transfer Supply-Chain Exploit
SolarWinds: The Untold Story of the Boldest Supply-Chain Hack
SolarWinds: The Untold Story of the Boldest Supply-Chain Hack
It was late 2019, and Adair, the president of the security firm Volexity, was investigating a digital security breach at an American think tank. The intrusion was nothing special. Adair figured he and his team would rout the attackers quickly and be done with the case—until they noticed something strange. A second group of hackers was active in the think tank’s network. They were going after email, making copies and sending them to an outside server. These intruders were much more skilled, and they were returning to the network several times a week to siphon correspondence from specific executives, policy wonks, and IT staff.
#wired#2023#EN#Supply-Chain#Hack#SolarWinds#2019#Story
·wired.com·
SolarWinds: The Untold Story of the Boldest Supply-Chain Hack
Supply Chain Vulnerabilities Put Server Ecosystem At Risk
Supply Chain Vulnerabilities Put Server Ecosystem At Risk
BMC&C Eclypsium Research has discovered and reported 3 vulnerabilities in American Megatrends, Inc. (AMI) MegaRAC Baseboard Management Controller (BMC) software. We are referring to these vulnerabilities collectively as BMC&C. MegaRAC BMC is widely used by many leading server manufacturers to provide “lights-out” management capabilities for their server products. Server manufacturers…
#eclypsium#EN#2022#CVE-2022-40259#CVE-2022-40242#CVE-2022-2827#Research#AMI#BMC#MegaRAC#supply-chain#vulnerabilities#server
·eclypsium.com·
Supply Chain Vulnerabilities Put Server Ecosystem At Risk
Supply Chain Vulnerabilities Put Server Ecosystem At Risk
Supply Chain Vulnerabilities Put Server Ecosystem At Risk
BMC&C Eclypsium Research has discovered and reported 3 vulnerabilities in American Megatrends, Inc. (AMI) MegaRAC Baseboard Management Controller (BMC) software. We are referring to these vulnerabilities collectively as BMC&C. MegaRAC BMC is widely used by many leading server manufacturers to provide “lights-out” management capabilities for their server products. Server manufacturers…
#eclypsium#EN#2022#CVE-2022-40259#CVE-2022-40242#CVE-2022-2827#Research#AMI#BMC#MegaRAC#supply-chain#vulnerabilities#server
·eclypsium.com·
Supply Chain Vulnerabilities Put Server Ecosystem At Risk