Ivanti EPMM flaw exploited by Chinese hackers to breach govt agencies
Chinese hackers have been exploiting a remote code execution flaw in Ivanti Endpoint Manager Mobile (EPMM) to breach high-profile organizations worldwide. [...]
Stay informed on the latest data breach incidents and security breaches. Protect your information with our up-to-date breach news and analysis.
Search across headline titles and summaries.
Background for this topic.
Breach means unauthorized access to a computer system or network that exposes or steals sensitive data like personal details, passwords, or proprietary information. Attackers often exploit software flaws, weak passwords, or social engineering to gain entry. Breaches can also result from insiders misusing access or accidental data exposure.
Understanding breaches is crucial because they reveal weaknesses in security controls and can lead to data theft or operational disruption. Effective defenses include promptly patching vulnerabilities, enforcing strong authentication, and segmenting networks to limit attacker movement. Detecting breaches quickly through monitoring and logging helps contain damage and guide targeted remediation efforts to secure affected systems and data.
Chinese hackers have been exploiting a remote code execution flaw in Ivanti Endpoint Manager Mobile (EPMM) to breach high-profile organizations worldwide. [...]
Chinese-speaking hackers have exploited a now-patched Trimble Cityworks zero-day to breach multiple local governing bodies across the United States. [...]
A Russian state-sponsored cyberespionage campaign attributed to APT28 (Fancy Bear/Forest Blizzard) hackers has been targeting and compromising international organizations since 2022 to disrupt aid efforts to Ukraine. [...]
A 3AM ransomware affiliate is conducting highly targeted attacks using email bombing and spoofed IT support calls to socially engineer employees into giving credentials for remote access to corporate systems. [...]
Coinbase, a cryptocurrency exchange with over 100 million customers, revealed that a recent data breach in which cybercriminals stole customer and corporate data affected 69,461 individuals [...]
SK Telecom says that a recently disclosed cybersecurity incident in April, first occurred all the way back in 2022, ultimately exposing the USIM data of 27 million subscribers. [...]
Threat actors have been distributing trojanized versions of the KeePass password manager for at least eight months to install Cobalt Strike beacons, steal credentials, and ultimately, deploy ransomware on the breached network. [...]
The United Kingdom's Legal Aid Agency (LAA) has confirmed that a recent cyberattack is more serious than first believed, with hackers stealing a large trove of sensitive applicant data in a data breach. [...]