Update 5/8/24: Out original article was updated to include new information about a breached “test” environment. Zscaler says that they discovered an exposed “test environment” that was taken offline for analysis after rumors circulated that a threat actor was selling access to the company’s systems. In a Wednesday afternoon post, Zscaler initially stated that its ongoing…

Read More

Zscaler says that today’s rumors it was breached are false after a threat actor claimed to be selling access to one of the “largest cyber security companies.” In a Wednesday afternoon post, Zscaler said its ongoing investigation has shown no evidence that they were breached. “Zscaler is aware of a public X (formerly known as Twitter) post by a threat actor…

Read More

Vendors including Palo Alto Networks, Trellix and Proofpoint debuted new AI-powered security tools and capabilities this week during the conference. Without a doubt, this year’s RSA Conference in San Francisco has lived up to expectations when it comes to the focus on generative AI. RSAC 2024 has seen countless vendors unveil new security tools and…

Read More

The nonprofit and Catholic health system said that on May 8 it ‘detected unusual activity on select technology network systems.’ Ascension, a health system with 140 hospitals and operations in 19 states and Washington, D.C., said that its clinical operations were disrupted after it discovered “unusual activity” on some of its network systems Wednesday. The…

Read More

The kingpin of the LockBit ransomware is named and sanctioned, a cybersecurity consultant is charged with a $1.5 million extortion, and a romance fraudster defrauded women he met on Tinder of £80,000. All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and…

Read More

​Ascension, one of the largest private healthcare systems in the United States, has taken some of its systems offline to investigate what it describes as a “cyber security event.” As a major U.S. nonprofit health system, Ascension operates 140 hospitals and 40 senior care facilities across 19 states and the District of Columbia. It also…

Read More

Image: Georgia Institute of Technology Tech Tower (RobRainer) The University System of Georgia (USG) is sending data breach notifications to 800,000 individuals whose data was exposed in the 2023 Clop MOVEit attacks. USG is a state government agency that operates 26 public colleges and universities in Georgia with over 340,000 students. The Clop ransomware gang leveraged a zero-day vulnerability in Progress…

Read More

‘Our goal is to essentially get in front of every single one of those customers and convert them all, make them all love of us over time,’ says Kaseya CMO Mike Sanders. Mike Sanders believes that Kaseya’s new Kaseya 365 offering is “disruptively priced and gives MSPs that utilize it a competitive advantage is important.”…

Read More

“The initial vector is a SQL Injection in the login form,” Vlad Babkin, the Eclypsium security researcher who found the flaw, told CSO. “Theoretically it should be possible to bypass the login, but we felt our proof of exploitability was sufficient to diagnose the vulnerability.” Weak hashes contributed to vulnerability In theory cryptographic hashes should…

Read More

That has upset a noisy element among the government’s own MPs, many of whom see China as a major threat to UK security and would prefer it if the government were more explicit about this. In March, China was blamed for a cyber-campaign targeting MPs. Not long after, two Parliamentary aides were charged with spying…

Read More