article thumbnail

Cloud computing provider Blackbaud paid a ransom after data breach

Security Affairs

Cloud software provider Blackbaud revealed to have paid crooks to decrypt its data following a ransomware attack that took place in May 2020. Its products focus on fundraising, website management, CRM, analytics, financial management, ticketing, and education administration. Pierluigi Paganini. SecurityAffairs – hacking, ransomware).

article thumbnail

Storm-2372 used the device code phishing technique since August 2024

Security Affairs

Storm-2372s targets during this time have included government, non-governmental organizations (NGOs), information technology (IT) services and technology, defense, telecommunications, health, higher education, and energy/oil and gas in Europe, North America, Africa, and the Middle East.” ” continues the report.

Phishing 287
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Experts disclosed two critical flaws in Alibaba cloud database services

Security Affairs

Researchers disclosed two critical flaws in Alibaba Cloud’s ApsaraDB RDS for PostgreSQL and AnalyticDB for PostgreSQL. Researchers from cloud security firm Wiz discovered two critical flaws, collectively dubbed BrokenSesame, in Alibaba Cloud’s ApsaraDB RDS for PostgreSQL and AnalyticDB for PostgreSQL.

Cloud 245
article thumbnail

China-linked APT Silk Typhoon targets IT Supply Chain

Security Affairs

Microsoft reported that China-linked APT group Silk Typhoon has shifted tactics to target IT solutions like remote management tools and cloud apps for initial access. Though not directly attacking Microsoft cloud services, they exploit unpatched apps to escalate privileges and gain access to customer networks.

article thumbnail

China’s Volt Typhoon botnet has re-emerged

Security Affairs

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The APT group is using almost exclusively living-off-the-land techniques and hands-on-keyboard activity to evade detection.

article thumbnail

News alert: INE Security shares cyber hygiene guidance for small- and medium-sized businesses

The Last Watchdog

INE Security , a leading provider of cybersecurity training and certifications, today shared its cybersecurity training for cyber hygiene practices for small businesses, underscoring the critical role of continuous education in safeguarding digital assets.

Security 162
article thumbnail

Save the Children confirms it was hit by cyber attack

Security Affairs

In July 2020, Save the Children suffered a data breach that was caused by a ransomware attack on cloud computing provider Blackbaud. Its products focus on fundraising, website management, CRM, analytics, financial management, ticketing, and education administration.

IT 336