🚨 CISA warns of ‘significant’ threat to federal networks after nation-state hackers stole F5 source code, undisclosed bug info

｢ The federal government has issued an emergency directive ordering all civilian agencies to update products from F5 after the security company said a nation-state actor had long-term persistent access to source code and information about undisclosed vulnerabilities during a breach discovered in August ｣

https://therecord.media/cisa-directive-f5-nation-state-incident

#cyberattack #cisa #cybersecurity

🚨 CISA warns of ‘significant’ threat to federal networks after nation-state hackers stole F5 source code, undisclosed bug info

｢ The federal government has issued an emergency directive ordering all civilian agencies to update products from F5 after the security company said a nation-state actor had long-term persistent access to source code and information about undisclosed vulnerabilities during a breach discovered in August ｣

https://therecord.media/cisa-directive-f5-nation-state-incident

#cyberattack #cisa #cybersecurity

Wow, the damage from that Red Hat GitLab breach seems to be getting worse by the day. Jeez.

The Crimson Collective, the cybercriminal gang claiming responsibility for breaching the repo and stealing over 500GB of data, now seems to be collaborating with other cybercriminal gangs to extort Red Hat.

From the article, the cybercrim alliance:

"threatens to publish a "multi terabyte of data haul of your most sensitive intellectual property" and accuses Red Hat of failing to safeguard what it claims are trade secrets and personal data, invoking GDPR and US state privacy laws. It also reckons Red Hat's doors were kicked in on September 13 – weeks before the company came clean about the break-in."

https://www.theregister.com/2025/10/07/red_hat_breach_new_claims/?td=rt-9bp

#redhat #gitlab #news #technews #cyberattack #breach #cybersecurity #security #cybercrime #crime #extortion

Wow, the damage from that Red Hat GitLab breach seems to be getting worse by the day. Jeez.

The Crimson Collective, the cybercriminal gang claiming responsibility for breaching the repo and stealing over 500GB of data, now seems to be collaborating with other cybercriminal gangs to extort Red Hat.

From the article, the cybercrim alliance:

"threatens to publish a "multi terabyte of data haul of your most sensitive intellectual property" and accuses Red Hat of failing to safeguard what it claims are trade secrets and personal data, invoking GDPR and US state privacy laws. It also reckons Red Hat's doors were kicked in on September 13 – weeks before the company came clean about the break-in."

https://www.theregister.com/2025/10/07/red_hat_breach_new_claims/?td=rt-9bp

#redhat #gitlab #news #technews #cyberattack #breach #cybersecurity #security #cybercrime #crime #extortion

Moral hazard ahoy:

Jaguar Land Rover had no insurance cover for cyber attacks & covering the costs of the recent disruption themselves..... so the UK Govt. is looking at how some form of state-aid might helps the firm weather this problem.

Of course, one might argues this will then dissuade other major firms from taking out cyber-attack insurance, if they can make the case to politicians they are a vital industry that needs 'saving'.

More corporate welfare!

#politics #cyberattack
h/t FT

Where The Wild Things Are: Brute-Force SSH Attacks In The Wild And How To Stop Them

This document was shared here by @ricci I've not gotten to study the document in detail. JUst saw it again in my download dir of my now defunct miniPC by gigabyte

Of course I will link you to his page so you can download the paper yourself. THe research covers 4 years and 500+ (512?) servers

Go to his post here read and learn.
You can learn a LOT from this research

#ssh#BFA #brute #force #attack #stop #cyberattack

https://discuss.systems/@ricci/112247553557306560

Where The Wild Things Are: Brute-Force SSH Attacks In The Wild And How To Stop Them

This document was shared here by @ricci I've not gotten to study the document in detail. JUst saw it again in my download dir of my now defunct miniPC by gigabyte

Of course I will link you to his page so you can download the paper yourself. THe research covers 4 years and 500+ (512?) servers

Go to his post here read and learn.
You can learn a LOT from this research

#ssh#BFA #brute #force #attack #stop #cyberattack

https://discuss.systems/@ricci/112247553557306560

Allianz Life says "majority" of customers’ personal data stolen in cyberattack.

@TechCrunch reports: "The insurance giant would not say if it had received any communication from the hackers, such as a ransom note. The company also would not attribute the breach to a hacking group."

https://flip.it/dGSd-m

#Cybersecurity#Hacking#Tech#CyberAttack#Insurance

Allianz Life says "majority" of customers’ personal data stolen in cyberattack.

@TechCrunch reports: "The insurance giant would not say if it had received any communication from the hackers, such as a ransom note. The company also would not attribute the breach to a hacking group."

https://flip.it/dGSd-m

#Cybersecurity#Hacking#Tech#CyberAttack#Insurance

🔓Clorox lawsuit says help-desk contractors handed over passwords in 2023 cyberattack

｢ Clorox said it suffered $380 million in damages from the attack and wants Cognizant to cover that figure as well as punitive damages. According to Clorox, its clearly defined password reset policies were repeatedly ignored by Cognizant help desk workers approached by the hackers ｣

https://therecord.media/clorox-cyberattack-lawsuit-cognizant-it-contractor

#cyberattack#cognizant #cybersecurity

⚠️ IT company Ingram Micro says ransomware targeted internal systems

｢ The company reported $48 billion in sales over the last fiscal year through its position as a connector between organizations and technology manufacturers that provide hardware, software and cloud services. Ingram Micro has more than 50 offices across the Americas, Europe, Asia and the Middle East ｣

#ransomware #cyberattack #cybersecurity
https://therecord.media/ingram-micro-ransomware-attack

🧸 Cyberattack deals blow to Russian firmware used to repurpose civilian drones for Ukraine war

｢ The developers claim around 200,000 drones had been updated with the 1001 firmware as of March. While not widely known, the software removes manufacturer-imposed flight limits, improves resistance to GPS spoofing, and enables the use of high-capacity batteries, all of which makes them more suitable for military missions ｣

https://therecord.media/cyberattack-russia-firmware-blow-hackers

#drones #russia #ukraine #cyberattack

#Apple notifies victims of #government #spyware #cyberattacks across the world

https://techcrunch.com/2025/04/30/apple-notifies-new-victims-of-spyware-attacks-across-the-world/

#Italy #IT #Netherlands #NL #privacy #security #cybersecurity #cyberattack #hacking #surveillance

→ DOGE as a National Cyberattack
https://www.schneier.com/blog/archives/2025/02/doge-as-a-national.html

“This is beyond politics—this is a matter of national security. Foreign national intelligence organizations will be quick to take advantage of both the chaos and the new insecurities to steal US data and install backdoors to allow for future access.”

#DOGE#Cyberattack #politics #security #chaos #insecurities#US #data #backdoors #access