Mailchimp hit by second cyberattack in 6 months, 133 customers impacted

The social engineering incident is similar to an August cyberattack that targeted customers in the crypto industry.

By David Jones • Jan. 19, 2023

CircleCI probe links malware placed on engineer’s laptop to larger breach

An unauthorized actor, after stealing a valid SSO session, was able to exfiltrate data, including customer environment variables, tokens and keys.

By David Jones • Jan. 13, 2023

Citrix flaw exploited in ransomware attack against small US business

Threat actors linked to ransomware group Royal are actively exploiting a vulnerability in two Citrix products, researchers found.

By David Jones • Jan. 13, 2023

CircleCI working with AWS to identify, revoke keys impacted by security incident

The company assured customers there is no indication that AWS accounts were accessed. CircleCI has scheduled an incident report for Jan. 17.

By David Jones • Jan. 12, 2023

Ransomware attack exposes California transit giant’s sensitive data

Vice Society, a prolific ransomware group, leaked data it claims to have stolen from San Francisco’s Bay Area Rapid Transit.

By Matt Kapko • Jan. 10, 2023

FCC revives push to speed up telecom incident disclosures

Telecom operators are a primary target for threat actors. A change to breach reporting rules is long overdue, one analyst said.

By Matt Kapko • Jan. 10, 2023

Rackspace confirms ransomware attack hit a small percentage of its Hosted Exchange customers

The cloud services firm said an investigation found no evidence the attackers read, misused or disseminated customer data or emails.

By David Jones • Jan. 6, 2023

Slack employee tokens stolen, GitHub repository breached

The firm said the threat actor downloaded private code repositories, but none had customer data or the company’s code base.   

By David Jones • Jan. 5, 2023

Freight company Wabtec discloses June cyberattack impacting US, overseas operations

The Pittsburgh-based company began notifications in late December, months after stolen data posted on a LockBit site.

By David Jones • Jan. 4, 2023

Ransomware hit US schools at steady rate in 2022

The true numbers are likely much greater. Not all incidents are publicly disclosed or claimed as such by threat actors on the dark web.

By Matt Kapko • Jan. 4, 2023

Rackspace recovers old emails as customers await answers from ransomware probe

The cloud-services company previously said an investigation into the ransomware incident was almost complete, but has not yet released key details. 

By David Jones • Dec. 22, 2022

Apple CIO steps down from Rackspace board citing new job duties

Rackspace announced additional management changes while it recovers from a ransomware attack on its Hosted Exchange business. 

By David Jones • Dec. 19, 2022

Little Rock School District approves $250K payment in ransomware settlement

Federal agencies including the FBI discourage paying ransoms in such cyberattacks as there is no guarantee victims will recover their files. 

By Anna Merod • Dec. 19, 2022

Rackspace executives stand by ransomware response

Chief Product Officer Josh Prewitt said the company restored email access to more than three-quarters of its Hosted Exchange customers. But Rackspace officials pushed back on alleged connections to ProxyNotShell.

By David Jones • Dec. 16, 2022

Rackspace blames ransomware attack on financially motivated threat actor

The cloud services firm says an investigation into the Dec. 2 ransomware attack is close to wrapping up.

By David Jones • Dec. 15, 2022

Threat actors abuse legitimate Microsoft drivers to bypass security

Researchers from Mandiant and SentinelOne say attackers have deployed malware that can allow them to get around security controls. 

By David Jones • Dec. 13, 2022

California authorities confirm cyber intrusion, LockBit claims ransomware hit

Multiple state agencies are responding to support California's Department of Finance, though officials say no state funds were compromised.

By Matt Kapko • Dec. 12, 2022

Rackspace says more than two-thirds of customers regained email access

The cloud company continued efforts to transition customers to Microsoft 365 following a Dec. 2 ransomware attack.

By David Jones • Dec. 12, 2022

Rackspace scrambles to assist customers as ransomware probe continues

Microsoft is assisting the multicloud services firm after a ransomware attack left thousands of customers unable to access emails on Exchange.

By David Jones • Dec. 8, 2022

Ransomware attacks shift beyond US borders

U.S.-based organizations remain the top target for ransomware gangs, but the scale of that misfortune is waning, according to Moody’s.

By Matt Kapko • Dec. 6, 2022

Rackspace says ransomware disrupted its Hosted Exchange business

The incident could lead to further interruptions and a loss of revenue at its Hosted Exchange business, the company warned. 

By David Jones • Dec. 6, 2022

Cuba ransomware group hitting US organizations in 5 critical sectors

The group and its affiliates have shifted tactics in 2022. Top targets include organizations in finance, government, healthcare, manufacturing and IT.

By Matt Kapko • Dec. 5, 2022

7 of this year’s biggest cybersecurity stories

From vendor evolution to the long-term effects of high-profile attacks, the cybersecurity industry is rapidly evolving. Take a look at our top stories to understand just how much has changed.

By Naomi Eide • Dec. 5, 2022

Cyber Safety Review Board to probe Lapsus$ ransomware spree

Following an inaugural review of Log4j, the board will investigate the threat actor’s prolific campaign of cyber extortion against major companies, including Uber, T-Mobile and Nvidia.

By David Jones • Dec. 2, 2022

LastPass breach fallout spreads to expose customer data

Details are scant but since the breach is a continuation from an attack on the company’s development system, “the keys to the kingdom” might be in the wrong hands, one expert said.

By Matt Kapko • Dec. 1, 2022