Home ยป cyberattack
Tag:

cyberattack

Entertainment

Title: Salesforce Data Breach: Gainsight Apps Linked to Customer Data Compromise

by Julia Evans โ€“ Entertainment Editor
written by Julia Evans โ€“ Entertainment Editor

Salesforce Customers Targeted in New Data โฃBreach Followingโ€‹ Gainsight Incident

SAN FRANCISCO,โฃ CA โ€- November โฃ1, 2025 – Salesforce customers are facing โฃpotential data exposure after โ€‹a hacking group claimed to have stolenโฃ data from nearly a thousand companies through a breachโข linked to Gainsight, a customer success โคplatform integrated with Salesforce. The hackersโ€Œ are threatening to โ€Œpublish theโ€Œ stolen data on a new website if ransomsโ€ are not paid – a common tactic employed by financially-motivated cybercriminals.

the breach appears connected to a series of incidents originatingโค with anโ€Œ August compromise โ€of AI marketing chatbot maker Salesloft, which allowed attackers to accessโข connected โ€Salesforce instances. This latest development underscores โคthe โ€Œgrowing risk of supply chain attacks and the vulnerability โ€Œof customer data stored within widely-used platformsโฃ like Salesforce.Gainsight previouslyโข confirmed it was among the victims ofโ€ the Salesloft-linked breaches, though it remains unclear ifโข this new waveโข originated from โคthe earlier compromise.

According to a reportโ€Œ by DataBreaches.net, the hacking group warnedโฃ they “don’t negotiate with them, they will create a new website to advertise the stolen data.” The hackers claim to have stolen โขdata from close to a thousand companies and stated, “The next [data leak site] will contain the data of the Salesloft and GainSight campaigns.”

This incident is part of a largerโ€Œ pattern of attacks targeting Salesforce customers. previous victims of similar breaches include insurance giant Allianz Life, Bugcrowd, Cloudflare, Google, fashion conglomerate Kering, Proofpoint, airline Qantas, carmaker Stellantis,โค credit bureau TransUnion, and employee management platformโค Workday.

The hacking group,identified as Scattered Lapsus$ Hunters -โค which โ€Œreportedly includes the ShinyHuntersโ€Œ gang – claimed dutyโ€ for the Salesloft breaches and previously launched a dedicated website to โ€‹extort victims,threatening to release aโ€‹ billion records. Gainsight has acknowledged โ€the earlier breaches but has not yet commented โฃon this latest claim.

0 comments
0 FacebookTwitterPinterestEmail
World

Title: Interpol Chief Warns of AI-Fueled Cybercrime Surge

by Lucas Fernandez โ€“ World Editor
written by Lucas Fernandez โ€“ World Editor

Interpol‘s โขCybercrime โ€Chief on How AI is Drivingโค Borderless Crime

Dr. Jetton, INTERPOL’s cybercrime chief, highlights notable challenges facing international efforts to combat cybercrime, particularly the accelerating role of Artificial Intelligence (AI). A key obstacle, โ€‹she notes, is the limited resources available to โขmany nations. “A lot of it is theโ€Œ tools and the training, just having insufficientโ€Œ funds toโฃ actually drive up their investigative know-how or expertise,” Dr. Jetton explained.

beyond national โ€Œlimitations,the speed of international โคinformation โคsharing presentsโค a critical hurdle. Whileโ€‹ Mutual Legal Assistance โฃTreaties (MLATs) exist, theโ€ time requiredโ€Œ to โ€Œprocessโข requests for information is often too slowโ€‹ for effective cybercrime response. “We know in cybercrime, we need instantaneousโ€‹ help,” she stated, advocating for countries toโ€ utilize โ€INTERPOL’sโข 24/7 network. While INTERPOL cannot compel action,it facilitatesโ€ connections between nations โ€Œand relevant private sectorโข entities to expedite communication โ€and collaboration.

Current trends in cybercrime, according to Dr. Jetton, are being significantlyโฃ shapedโ€ by โฃAI.โฃ She observes a marked increaseโข in the efficiency โ€‹and scale ofโ€Œ phishing scams due โ€Œto โ€the accessibilityโฃ of AI-powered tools. โข”They’re usingโ€‹ this phishing as a platformโ€ฆtools that youโค didn’t have โขto have a really sophisticated technical level of abilities, and youโ€Œ can have these tools that โคallow you to then go out and โ€‹commit fraud โ€at scale.”

Furthermore, Dr. Jetton points โ€‹toโข a dangerous convergenceโ€‹ of different criminal โ€‹activities, describing โฃcybercrime as “poly-criminal.”โค She cited examples from Southeast Asia, where organized crime groups areโค leveraging cybercrime – through fraudulentโข job postings and recruitment – as a โขcomponent of larger operations โขinvolving human trafficking.โข “you have these โ€‹organized crimeโ€‹ groups that are using cybercrimeโ€ฆand then forcing the people to commit the โฃcybercrimeโค while they’re there,” she explained. This interconnectednessโ€ means โ€Œcyber elements are increasingly present inโฃ crimes ranging from drug โคand gun trafficking to human exploitation.

Recent discussions with industry leaders revealed a divergence inโ€Œ perspectives regardingโ€‹ AI’s impact. Dr. jetton found herself as a dissentingโ€Œ voice, expressing concern thatโค criminals are adopting โคAI technologies at a faster rate than law enforcement can develop countermeasures. “I see it as somewhat โฃof a negative โขknowing that we’re going to have to catch up like with AI-produced malware,” she said. While acknowledging the potential โ€benefits of AI for law enforcement, โขshe anticipates a futureโ€Œ where responding toโ€Œ AI-driven โ€threats โฃwill be a significant challenge. This contrasts โ€Œwith the more optimistic views of her fellow panelists, who focused on the positive applications of AI within the private sector.

0 comments
0 FacebookTwitterPinterestEmail
News

Cyberattack Disrupts Hospital Services in Massachusetts

by David Harrison โ€“ Chief Editor
written by David Harrison โ€“ Chief Editor

Summary of โ€Healthcare Cybersecurity Threats & Recommendations

This article details the escalating โ€Œcybersecurity threats facing healthcare organizations, particularly hospitals, and offers recommendations for โฃimprovement. Here’s a breakdown of the key points:

The Problem:

* Increasing Attacks: Cyberattacks on healthcare are โ€ increasing in frequency and sophistication. โข72% of healthcare organizations reported patient care disruptions โ€due to attacks.
* High Value Target: Hospitals are prime targets because they are more likelyโ€‹ to pay ransom demands to restore operations, creatingโข a “perverseโ€ incentive” for โฃcybercriminals.โข The industry is seen as profit-centric, eroding previous ethical boundaries among threat actors.
* Significantโฃ Impact: Attacks leadโ€Œ to prolonged operationalโฃ disruptions and directโฃ risks to patient care.
* Evolving Tactics: Ransomware remains dominant,โ€‹ but attackersโ€ are using:
* Double/Triple Extortion: Not just encrypting data, but also stealing and threateningโค to release it.
โ€ * Shorter Dwell Times: Fasterโ€‹ attacks, minimizing detection time.
* AI-Poweredโ€ Phishing: Highly realistic phishingโ€ attacks.
โฃ * โ€‹ Supply โ€Chain Attacks: Exploiting vulnerabilities in vendors and third-partyโฃ services.
* โ€Œ Data-for-Extortion: Stealing dataโค for leverage or resale without encryption.
โฃ * Exploiting Security โ€‹Appliances: targeting VPNs,firewalls,and edge devices.
* Supply Chain Vulnerability: Healthcare’s reliance on external vendors creates significantโค risk. Even well-secured hospitals are โ€‹vulnerable if their partners aren’t.

Recommendationsโข for Improvement:

* Mitigate Initial Access Points: Focus on preventing โคattacks โฃat โ€Œthe entry point by addressing:
โ€ * Social Engineering: User training, separating personal and โคwork โคdevices.
* vulnerability Exploits: Urgent patching โ€‹of โ€‹critical systems, especially those facing the internet or vital for patient care.
* Credential Abuse: Strong credential management โฃand โ€Œmulti-factor โ€‹authentication.
*โฃ Complete Risk analysis: โ€Œ Develop โ€‹deeper visibility into the organization’s risk landscape through continuous assessment.
*โข Advanced Securityโ€‹ Measures:

โ€‹ * Zero โ€‹Trust Architecture: Verifyโค everyโค user and device beforeโ€‹ granting access.
* AI-Driven Behavioral Monitoring: Detect anomalous activity.
* Resilience Exercises: โค Regularly test security defenses.
* Network Segmentation: โค strongly segment care-providing devices and systems to limit the impactโค of a breach โคand ensure continued patient care.
* Vendor โขSecurity: Thoroughly vet third-party security practices, limit their access, and monitor for โ€‹data exfiltration.

Overall Message: โข The healthcare sector is facing โ€a growing and โขevolvingโ€ cybersecurity threat. Addressing โ€this โ€‹requires โฃsustained investment, โคmodernization, a cultural shift towards proactive cybersecurity, andโ€‹ a focus onโข both preventative measures and resilience.

0 comments
0 FacebookTwitterPinterestEmail
Technology

Title: Spy Mouse: How Your Computer Mouse Can Listen In

by Rachel Kim โ€“ Technology Editor
written by Rachel Kim โ€“ Technology Editor

your Computer Mouse Could โคBe Spying on Your Conversations, New Research Reveals

Researchers have demonstrated a novel method of eavesdropping using onlyโ€‹ the โขvibrationsโ€‹ captured by a โ€‹computer mouse, raising concerns about potential securityโ€ vulnerabilities. A study published โ€Œon Arxiv.org details how artificial intelligence can decipher speech fromโข these subtleโ€‹ movements, even in a quiet room.

Theโ€ technique relies on exploiting the tiny vibrations transmitted through a desk when someone speaks. these vibrations are picked up by the mouse’s sensor and, when analyzed with specialized software, can be reconstructed into intelligible speech. The success of this “acoustic โฃside-channel attack” hinges on specific hardware โคcapabilities.

Researchers โ€‹found a mouse โ€‹resolution of โ€‹at least 20,000 pixels per inch (dpi) is crucialโ€Œ for capturing the necessary detail. this is significantly higher thanโข the 1,000 to 4,000 dpi common in standard mice, limiting the vulnerability to โขusers of ultra high-end models, particularly those designed for video games. The higher the resolution,the more minute vibrations the mouse detects.

Beyond resolution, a highโข polling frequency – the rate at which the mouse reportsโฃ its โ€Œposition to the computer – is alsoโ€Œ essential. Theโข study โ€Œindicates a frequency of around 8000 Hz is needed for โขaccurate readings, compared to the 125, 500, or โฃ1000 Hz typically found in older or basic โคmice. Some high-end gamingโ€ mice reach 4000โ€Œ or, rarely, โ€8000 Hz. Mice identified as meeting theseโ€Œ criteria include the Razer Viper 8KHz, the ROG Harpeโข Ace Extreme, the Burst II โ€Pro and the MACHENIKE L8 Pro.

The surroundings also plays a critical role.Researchers determinedโ€ that a desk less than 3 cm thick, constructed from wood or metal, provides the optimal surface for vibration transmission. Thicker desks dampen vibrations, โ€hindering the attack. โ€‹Crucially, the โคtarget cannot be using a mouse pad, as it blocks the capture of vibrations.The mouse must also remain stationary during the conversation; โ€movement interferes withโฃ accurate data collection.

This research highlights a previously โ€Œunknown โ€avenue for potential โ€‹surveillance and underscores the need for further investigation into the security implications of seeminglyโข innocuous hardware.

0 comments
0 FacebookTwitterPinterestEmail
World

Red Hat Breach: Cyberattack Exploits US Government Shutdown

by Lucas Fernandez โ€“ World Editor
written by Lucas Fernandez โ€“ World Editor

Red Hat Breach Raisesโ€Œ Concerns of Nation-State Involvement, Exploitation of U.S.Vulnerabilities

WASHINGTON – A recent breach impacting Red Hat, a leading provider of โ€‹enterprise open-source software, is drawing scrutiny from national security experts who believe the incident exhibitsโค hallmarks โคof state-sponsored asymmetric warfareโข rather than typical โ€Œcybercrime. the ransomware group,Crimson Collective,claims to have stolen source code and is threatening toโ€ release โ€‹it โฃifโค a ransom is not paid by October โ€Œ10th.

While the shutdownโข of Red Hatโ€‹ systems did not cause the breach,โฃ analysts at Theโ€‹ Cipher Brief โคreport it created โ€‹optimal โ€conditionsโ€‹ for maximum impact, highlighting โฃa precision in timingโฃ and targeting that suggests potential nation-state involvement – directly or through proxies. Targets include defense contractors, government agencies, and critical infrastructure entities, aligning with strategic intelligence collection priorities of โขcountries like China, Russia, Iran, and north Korea.

Experts โขemphasize this isn’t aโ€‹ novel threat, but a familiar playbook executed with increased sophistication. Adversaries have long sought to exploit U.S. vulnerabilities, but are now demonstrating aโค greater ability โ€toโ€ weaponize both technical weaknesses and โขpolitical distractions, โคstriking when the U.S.is most vulnerable.

The โ€ŒOctober 10th deadline, according to The Cipher Brief, isn’t solely aboutโข ransom payments. It’s a test of America’sโ€ ability โฃto protect critical infrastructure amidst government constraints, with the โคoutcome sendingโฃ a signal to both โ€‹allies and competitors regarding the resilience of the U.S.digital ecosystem.

The incidentโ€‹ underscores the need forโข enhanced cybersecurity measures and a proactive approach to identifying and mitigating vulnerabilities within the defenseโ€ industrial base.

0 comments
0 FacebookTwitterPinterestEmail
World

UK at War? Former MI5 Chief Warns of Russia Conflict

by Lucas Fernandez โ€“ World Editor
written by Lucas Fernandez โ€“ World Editor

Former MI5 Chief Suggests UK May Already Be inโค State of War with Russia

LONDON – A former director-general of MI5, the United Kingdom’s domestic intelligence service, has indicated the โคUK may already be engaged โ€‹in โ€Œa state of war with Russia, though not a conventionally declared one. The assessment comes amid โคescalating โคtensions following recent โคattacks on Ukrainian infrastructure andโ€Œ heightened rhetoric from Moscow.

The potential for โขconflict extends beyond direct military engagement, encompassing cyber warfare, disinformation campaigns, and covert โฃoperations. This assessment carries notable weight as it suggests a shift in theโฃ nature โขof the conflict, impacting national security strategies and potentially necessitating a reevaluation of public preparedness.โ€Œ The implications reach across British โ€‹society, affecting everything from energy security to civil defense planning, and could led to increasedโข scrutiny of Russian assets and influence โ€‹within the UK.

Ukrainian President Volodymyr Zelenskyy condemned recent strikes โ€as “deliberate and purposefulโค terror,” asserting that Russia “wants to continue to fightโค and kill and deserve only the harshest pressure in the world.” Zelenskyy also voiced support โฃfor U.S. President donald Trump’s call to halt purchases ofโข Russian oil,statingโค that “anyone who โคwants peace” should back the U.S.โข President’s efforts. These statementsโ€ underscore the international pressure on Russia and the growing alignment between Ukraine and its allies.

Meanwhile, โ€ŒMI5 is actively seeking recruits for โคundercover operations, prioritizing candidates withโข the ability to “merge withโ€‹ the background.” Applicants face a rigorous six-month training program described by โฃoneโ€‹ recruit as “physical and mentally exhausting.” The agency’s recruitment drive signals an increased focus on internal security and โ€Œcounterintelligence efforts.

Theseโข developments occur as of September 29, 2025, and follow aโ€ pattern of escalating tensions โคbetween โฃRussia โคand the West. The โฃsituation remains fluid, with ongoing monitoring and analysis requiredโฃ to assess the evolving threat landscape.

0 comments
0 FacebookTwitterPinterestEmail
Newer Posts
Older Posts
@2025 - All Right Reserved.

Hosted by Byohosting Most Recommended Web Hosting – for complains, abuse, advertising contact: contact@world-today-news.com