carlypage

carlypage, 3 months ago to random

some personal news: I’m now on maternity leave, returning to TechCrunch later this year. please don’t email me 😊

carlypage, 3 months ago to random

Should we ban ransom payments? It’s not that simple https://techcrunch.com/2024/03/04/should-we-ban-ransom-payments/

carlypage, 3 months ago to random

NEW: The U.S. National Security Agency has confirmed to TechCrunch that hackers exploiting flaws in Ivanti’s widely used enterprise VPN appliance have targeted organizations across the U.S. defense sector https://techcrunch.com/2024/03/01/nsa-says-its-tracking-ivanti-cyberattacks-as-hackers-hit-us-defense-sector/

carlypage, 3 months ago to random

Researchers say a pair of easy-to-exploit flaws in ConnectWise ScreenConnect, a remote access tool used by more than a million companies, are now being mass-exploited, with hackers abusing the vulnerabilities to deploy ransomware and steal sensitive data https://techcrunch.com/2024/02/26/researchers-say-easy-to-exploit-security-bugs-in-connectwise-remote-access-software-now-under-mass-attack/

carlypage, 3 months ago to random

Security experts say a pair of high-risk ConnectWise flaws are being exploited to deploy LockBit ransomware - days after authorities announced that they had disrupted the notorious Russia-linked cybercrime gang https://techcrunch.com/2024/02/23/hackers-are-exploiting-connectwise-flaws-to-deploy-lockbit-ransomware-security-experts-warn/

carlypage, 3 months ago to random

NEW: A misconfigured BMW bucket exposed sensitive company info, including private keys and login data, a security researcher told TechCrunch. BMW made the bucket private earlier this year - but has not revoked credentials found within the exposed server https://techcrunch.com/2024/02/14/bmw-security-lapse-exposed-sensitive-company-information-researcher-finds/

carlypage, 3 months ago to random

U.K.-based water utility Southern Water says hackers stole the personal data of as many as 470,000 customers during a January cyberattack. Black Basta claimed responsibility for the attack, but no longer has Southern Water listed on its dark web leak site https://techcrunch.com/2024/02/14/uk-utility-giant-southern-water-says-hackers-stole-personal-data-of-hundreds-of-thousands-of-customers/

carlypage, 4 months ago to random

A new Ivanti vulnerability is being mass-exploited. Shadowserver told TechCrunch it has observed 630 unique IPs attempting to exploit the flaw, and Volexity said any unpatched devices “have likely been compromised several times over." Ivanti declined to comment https://techcrunch.com/2024/02/08/researchers-say-attackers-are-mass-exploiting-new-ivanti-vpn-flaw/

carlypage, 4 months ago to random

China-backed Volt Typhoon hackers have maintained access to US critical infrastructure for “at least five years” with the long-term goal of launching “destructive” attacks, a coalition of intelligence agencies warned on Wednesday https://techcrunch.com/2024/02/07/china-backed-volt-typhoon-hackers-have-lurked-inside-us-critical-infrastructure-for-at-least-five-years/

carlypage, 4 months ago to random

HopSkipDrive has confirmed a data breach affecting more than 155,000 drivers. The rideshare startup said it first became aware of the breach after an unknown hacker emailed the company claiming to have accessed certain third-party applications https://techcrunch.com/2024/02/05/hopskipdrive-says-personal-data-of-155000-drivers-stolen-in-data-breach/

carlypage, 4 months ago to random

AnyDesk confirmed late Friday that hackers gained access to its production systems. The company says it has reset passwords and revoked certificates, but hasn’t said how or when it was compromised or whether any customer data was accessed https://techcrunch.com/2024/02/05/remote-access-giant-anydesk-resets-passwords-and-revokes-certificates-after-hack/

carlypage, 4 months ago to random

Okta has announced that it's laying off 400 employees, or 7% of its workforce, in a bid for profitability. The announcement comes almost exactly a year after the company's last round of staff cuts https://techcrunch.com/2024/02/01/okta-layoffs-400-employees/

carlypage, 4 months ago to random

Ivanti has warned that hackers are exploiting another previously undisclosed zero-day vulnerability affecting its widely used corporate VPN appliance https://techcrunch.com/2024/01/31/ivanti-patches-two-zero-days-under-attack-but-finds-another/

carlypage, 4 months ago to random

The ICO has confirmed to TechCrunch that it has a breach report from three UK councils that continue to be downed by a week-long cyberattack https://techcrunch.com/2024/01/26/ico-confirms-data-breach-probe-as-uk-councils-remain-downed-by-cyberattack/

carlypage, 4 months ago to random

scoop: Mercedes-Benz accidentally exposed a trove of internal data, including SSO passwords and API keys, after leaving a private token online that gave “unrestricted access” to the company’s source code https://techcrunch.com/2024/01/26/mercedez-benz-token-exposed-source-code-github/

carlypage, 4 months ago to random

HPE says it was hacked by Midnight Blizzard, the Russia-backed group behind the recent Microsoft email breach. HPE tells TechCrunch the hackers “leveraged a compromised account" to access a "small number" corporate Office 365 inboxes https://techcrunch.com/2024/01/25/hpe-says-it-was-hacked-by-russian-group-behind-microsoft-email-breach/

carlypage, 4 months ago to random

The US has sanctioned Russian national and alleged REvil member Alexander Ermakov for playing a “pivotal role” in the hack of Australian health insurance giant Medibank that exposed the sensitive information of almost 10 million individuals https://techcrunch.com/2024/01/23/us-sanctions-russian-citizen-accused-of-playing-key-role-in-medibank-ransomware-attack/

carlypage, 4 months ago to random

The FTC has continued its crackdown on data brokers with a settlement banning data aggregation company InMarket from selling consumers’ precise location data https://techcrunch.com/2024/01/19/ftc-ban-inmarket-location-sale-sharing/

carlypage, 4 months ago to random

Google TAG researchers say a notorious Russian-linked hacking group — tracked as “Cold River” — is evolving its tactics beyond phishing to target victims with data-stealing malware https://techcrunch.com/2024/01/18/google-cold-river-russia-espionage-malware/

carlypage, 4 months ago to random

Hackers have begun mass-exploiting two critical zero-days in Ivanti’s widely-used corporate VPN appliance. Over 1,700 Ivanti Connect Secure appliances have been exploited so far, impacting organizations in the banking, defense and government industries https://techcrunch.com/2024/01/16/hackers-ivanti-vpn-mass-exploitation/

carlypage, 5 months ago to random

State-backed hackers are exploiting two high-severity Ivanti VPN bugs to access customer networks. Thousands of Connect Secure could be at risk, but Ivanti says patches won't start rolling out until January 22 https://techcrunch.com/2024/01/11/ivanti-connect-vpn-zero-days-china-backed-hackers/

carlypage, 5 months ago to random

my first piece as a TC full-timer (🥺), and it's good news for once: a first of its kind FTC settlement has banned controversial data broker X-Mode from sharing or selling users’ sensitive location data https://techcrunch.com/2024/01/09/ftc-x-mode-ban-delete-location-data/

carlypage, 5 months ago to random

VF Corp, which owns brands including Vans, North Face and Supreme, is unable to fulfill orders after a cyberattack. The company said hackers encrypted some of its systems and stole personal data, implying a ransomware attack https://techcrunch.com/2023/12/18/vans-supreme-vf-corporation-personal-data-stolen-orders-impacted-ransomware/

carlypage, 5 months ago to random

Microsoft has disrupted Storm-1152, a cybercrime operation that sold fraudulent accounts to other groups, including Scattered Spider. It says Storm-1152's services have been used “to injure not just Microsoft" but also "X, Google and their customers" https://techcrunch.com/2023/12/14/microsoft-disrupts-cybercrime-operation-selling-fraudulent-accounts-to-notorious-hacking-gang/

carlypage, 6 months ago to random

Kyivstar, Ukraine's largest telecommunications operator, has been hit by a "powerful" cyberattack that has left millions without mobile and internet service. The company's CEO said Russia was responsible for the outage https://techcrunch.com/2023/12/12/ukraine-largest-mobile-operator-kyivstar-downed-by-powerful-cyberattack/