United Nations data breach exposed over 100k UNEP staff records

Today, researchers have responsibly disclosed a security vulnerability by exploiting which they could access over 100,000 private employee records of United Nations Environmental Programme (UNEP). The data breach stemmed from exposed Git directories and credentials, which allowed the researchers to clone Git repositories and gather a large amount of personally identifiable information (PII) associated with … Continue reading United Nations data breach exposed over 100k UNEP staff records

U.S. Treasury, Commerce Depts. Hacked Through SolarWinds Compromise

Communications at the U.S. Treasury and Commerce Departments were reportedly compromised by a supply chain attack on SolarWinds, a security vendor that helps the federal government and a range of Fortune 500 companies monitor the health of their IT networks. Given the breadth of the company‚Äôs customer base, experts say the incident may be just … Continue reading U.S. Treasury, Commerce Depts. Hacked Through SolarWinds Compromise

The Coolest Hacks of 2020

Despite a pandemic and possibly the worst cyberattack campaign ever waged against the US, the year still had some bright spots when it came to "good" and creative hacks. 2020 unsurprisingly went out with a bang, and not in a good way. The massive cyberattack campaign by Russian nation state-actors shattered hopes for a quiet … Continue reading The Coolest Hacks of 2020

Home appliance giant Whirlpool hit in Nefilim ransomware attack

Home appliances giant Whirlpool suffered a ransomware attack by the Nefilim ransomware gang who stole data before encrypting devices. Whirlpool is one of the world's largest home application makers with appliances under its name and KitchenAid, Maytag, Brastemp, Consul, Hotpoint, Indesit, and Bauknecht. Whirlpool employs 77,000 people at 59 manufacturing & technology research centers worldwide … Continue reading Home appliance giant Whirlpool hit in Nefilim ransomware attack

US-CERT Reports 17,447 Vulnerabilities Recorded in 2020

This marks the fourth year in a row that a record number of vulnerabilities has been discovered, following 17,306 in 2019. The US-CERT Vulnerability Database has confirmed 17,447 vulnerabilities were recorded in 2020, marking the fourth consecutive year with a record number of security flaws published. On Dec. 15, 2020, officials reported 4,168 high-severity vulnerabilities, … Continue reading US-CERT Reports 17,447 Vulnerabilities Recorded in 2020