SecurityWeek

The city of Chicago on Friday said that employee emails were compromised in a Jones Day data breach involving Accellion’s FTA file sharing service.

Texas-based IT management company SolarWinds on Friday shared more information on the impact of the significant breach disclosed late last year, and claimed that less than 100 of its customers were actually hacked.

The cyberextortion attempt that has forced the shutdown of a vital U.S. pipeline was carried out by a criminal gang known as DarkSide that cultivates a Robin Hood image of stealing from corporations and giving a cut to charity, two people close to the investigation said Sunday.

Operators of the Colonial Pipeline are struggling to get fuel flowing at normal capacity after a cyberattack forced a shutdown of distribution system, the largest refined products pipeline in the United States.

Colonial Pipeline halts all fuel pipeline operations in response to ransomware attack

Agencies in the United States and the United Kingdom on Friday published a joint report providing more details on the activities of the Russian cyberspy group that is believed to be behind the attack on IT management company SolarWinds. The report reveals that the hackers started using the open-source adversary simulation framework Sliver after some of their operations were exposed.

A major survey that like all surveys needs to be examined carefully rather than accepted blindly.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published an analysis of the FiveHands ransomware, roughly one week after FireEye’s Mandiant security researchers reported seeing the malware in recent attacks.

Google this week announced that it is introducing a new policy for the Google Play app store, requiring all developers to provide information on their data collection practices.

Some DNS resolvers are affected by a vulnerability that can be exploited to launch distributed denial-of-service (DDoS) attacks against authoritative DNS servers, a group of researchers warned this week.

VMware has patched another critical vulnerability reported by Positive Technologies, a Russian cybersecurity firm that was sanctioned recently by the United States.

In an apparent industry first, the global insurance company AXA said Thursday it will stop writing cyber-insurance policies in France that reimburse customers for extortion payments made to ransomware criminals.

Billions of Android devices are exposed to a vulnerability in Qualcomm’s Mobile Station Modem (MSM) chipA vulnerability in Qualcomm’s Mobile Station Modem (MSM) chip– installed in around 30% of the world’s mobile devices – can be exploited from within Android.

The infamous cybercrime organization known as Evil Corp may be running cyberespionage operations on behalf of a Russian intelligence agency, security consulting company Truesec reports.

Google is marking World Password Day with a blog post summarizing the password management features it offers, and the company announced that it will automatically enroll some accounts in two-step verification (2SV).

Managed detection and response (MDR) solutions provider Huntress on Thursday announced raising $40 million in a Series B funding round, which brings the total raised by the company to $60 million.

Cisco on Wednesday released patches to address tens of vulnerabilities across its product portfolio, including critical flaws in SD-WAN software and the HyperFlex HX data platform.

World Password Day was created by Intel in 2013 to raise awareness of the need for strong passwords, but many experts now use the occasion to urge organizations to replace passwords with other, more secure authentication methods.

US tech giant Microsoft pledged Thursday to process and store all European cloud-based client data in the European Union amid unease in the region over the reach of US legislation on personal data collection.

As threat actors attempt to remain undetected to carry out attacks, they often use a variety of tools to obscure their identities and activity. Organizations meanwhile leave their networks and activity open for inspection by anyone who chooses to perform basic reconnaissance.