Tag: business
-
‘High-Volume’ Extortion Campaign Claims Oracle E-Business Data Theft: Mandiant
Mandiant and Google threat researchers are tracking an extortion campaign that involves claims of “sensitive” data theft from Oracle E-Business Suite customers, the researchers disclosed. First seen on crn.com Jump to article: www.crn.com/news/security/2025/high-volume-extortion-campaign-claims-oracle-e-business-data-theft-mandiant
-
Japanese brewer Asahi delays product launches, halts deliveries after cyberattack
Japanese beverage giant Asahi is struggling to restore operations following a cyberattack that has disrupted its business for most of the week, raising fears of shortages of the country’s top-selling beer. First seen on therecord.media Jump to article: therecord.media/japan-asahi-delay-cyberattack
-
Extortionists Claim Mass Oracle E-Business Suite Data Theft
Executives Receiving Ransom Demands of Up to $50 Million, Warns Ransomware Expert. Extortionists are shaking down executives at organizations that use Oracle E-Business Suite, claiming to have stolen their sensitive data and demanding ransoms of up to $50 million, multiple cybersecurity firms are warning. The criminals claim to be associated with the Clop ransomware group.…
-
Clop-linked crims shake down Oracle execs with data theft claims
Extortion emails name-drop Big Red’s E-Business Suite, though Google and Mandiant yet to find proof of any breach First seen on theregister.com Jump to article: www.theregister.com/2025/10/02/clop_oracle_extortion/
-
Clop-linked crims shake down Oracle execs with data theft claims
Extortion emails name-drop Big Red’s E-Business Suite, though Google and Mandiant yet to find proof of any breach First seen on theregister.com Jump to article: www.theregister.com/2025/10/02/clop_oracle_extortion/
-
Oracle customers targeted with emails claiming E-Business Suite breach, data theft
Unknown attackers claiming affiliation with the Cl0p extortion gang are hitting business and IT executives at various companies with emails claiming that they have exfiltrated … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/02/oracle-ebs-data-theft-extortion/
-
Oracle customers targeted with emails claiming E-Business Suite breach, data theft
Unknown attackers claiming affiliation with the Cl0p extortion gang are hitting business and IT executives at various companies with emails claiming that they have exfiltrated … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/02/oracle-ebs-data-theft-extortion/
-
Google Mandiant Probes New Oracle Extortion Wave Possibly Linked to Cl0p Ransomware
Google Mandiant and Google Threat Intelligence Group (GTIG) have disclosed that they are tracking a new cluster of activity possibly linked to a financially motivated threat actor known as Cl0p.The malicious activity involves sending extortion emails to executives at various organizations and claiming to have stolen sensitive data from their Oracle E-Business Suite.”This activity began…
-
Google Mandiant Probes New Oracle Extortion Wave Possibly Linked to Cl0p Ransomware
Google Mandiant and Google Threat Intelligence Group (GTIG) have disclosed that they are tracking a new cluster of activity possibly linked to a financially motivated threat actor known as Cl0p.The malicious activity involves sending extortion emails to executives at various organizations and claiming to have stolen sensitive data from their Oracle E-Business Suite.”This activity began…
-
Disaster recovery and business continuity: How to create an effective plan
Tags: access, ai, api, attack, backup, business, cloud, container, control, cyberattack, data, detection, email, gartner, identity, ransomware, risk, saas, security-incident, service, software, strategy, supply-chain, technology, tool, vulnerabilityStep 2: Identify risk, and locate all your data: Identifying risk in a large, distributed enterprise is a complex task. Risks are everywhere, starting with cyberattacks (including insider attacks), and encompass human error, system failures (hardware, software, network), natural disasters, and third-party vulnerabilities associated with supply chains, cloud service providers, and SaaS providers.When Forrester asked…
-
Disaster recovery and business continuity: How to create an effective plan
Tags: access, ai, api, attack, backup, business, cloud, container, control, cyberattack, data, detection, email, gartner, identity, ransomware, risk, saas, security-incident, service, software, strategy, supply-chain, technology, tool, vulnerabilityStep 2: Identify risk, and locate all your data: Identifying risk in a large, distributed enterprise is a complex task. Risks are everywhere, starting with cyberattacks (including insider attacks), and encompass human error, system failures (hardware, software, network), natural disasters, and third-party vulnerabilities associated with supply chains, cloud service providers, and SaaS providers.When Forrester asked…
-
Millions impacted by data breaches at insurance giant, auto dealership software firm
Car dealership software developer Motility said it suffered from a ransomware attack where the hackers encrypted servers that support the company’s business operations. First seen on therecord.media Jump to article: therecord.media/millions-impacted-by-data-breaches-insurance-car-dealership-software
-
Clop extortion emails claim theft of Oracle E-Business Suite data
Mandiant and Google are tracking a new extortion campaign where executives at multiple companies received emails claiming that sensitive data was stolen from their Oracle E-Business Suite systems First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/clop-extortion-emails-claim-theft-of-oracle-e-business-suite-data/
-
Tool Evaluation Skills: A Cure for Shiny Object Syndrome
Evaluating Tools Saves Money But Requires Technical, Compliance and Business Acumen Shiny object syndrome is more than a metaphor in cybersecurity. Organizations that chase every new tool often discover that what looked impressive in a demo fails to meet operational needs. The cure for this common malady is a structured tool evaluation process. First seen…
-
MPs press outsourcer TCS over Jaguar cyber attack
The government’s cross bench Business and Trade Committee has written to Tata Consultancy Services seeking answers over possible links to cyber attacks on Jaguar Land Rover, Marks and Spencer, and Co-op. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366632156/MPs-press-outsourcer-TCS-over-Jaguar-cyber-attack
-
Hiscout und Viccon bündeln Expertise für Informationssicherheit und Business-Continuity-Management
Hiscout, führender Anbieter integrierter GRC-Softwarelösungen, startet eine strategische Zusammenarbeit mit der Viccon. Ziel der Partnerschaft ist es, Unternehmen bei Informationssicherheit, Business-Continuity-Management, Datenschutz und Compliance mit praxisnahen und individuell zugeschnittenen Lösungen zu unterstützen. Die Energiewirtschaft und Industrieunternehmen sind dabei ebenso im Fokus wie der Gesundheitssektor. Gemeinsam wollen Hiscout und Viccon Kunden künftig noch umfassender bei der…
-
Microsoft Flags AI Phishing Attack Hiding in SVG Files
Microsoft Threat Intelligence detected a new AI-powered phishing campaign using LLMs to hide malicious code inside SVG files disguised as business dashboards. First seen on hackread.com Jump to article: hackread.com/microsoft-ai-phishing-attack-hiding-svg-files/
-
Microsoft Flags AI Phishing Attack Hiding in SVG Files
Microsoft Threat Intelligence detected a new AI-powered phishing campaign using LLMs to hide malicious code inside SVG files disguised as business dashboards. First seen on hackread.com Jump to article: hackread.com/microsoft-ai-phishing-attack-hiding-svg-files/
-
As Hardware, API and Network Vulnerabilities Rise, Defenders Rethink Strategies
Bugcrowd’s latest research reveals a surge in hardware, API, and network vulnerabilities, fueled in part by the rapid adoption of AI-assisted development. Critical flaws and broken access control remain top concerns, while experts warn that agentic AI will intensify risks if not governed with strong privilege and monitoring controls. The report also highlights the evolving…
-
How to restructure your security program to modernize defense
Restructuring the security program when technology and skills change: When revamping the security programs, CISOs can have in mind Venables’ four-phase framework, which is flexible enough to fit almost any organization. Companies can start where they are, make the changes they want, and then return to complete the remaining tasks.Restructuring the security program should be…
-
As Hardware, API and Network Vulnerabilities Rise, Defenders Rethink Strategies
Bugcrowd’s latest research reveals a surge in hardware, API, and network vulnerabilities, fueled in part by the rapid adoption of AI-assisted development. Critical flaws and broken access control remain top concerns, while experts warn that agentic AI will intensify risks if not governed with strong privilege and monitoring controls. The report also highlights the evolving…
-
European AI company’s ‘reputation reports’ are inaccurate and illegal, watchdog claims
The digital privacy nonprofit noyb says a Lithuania-based data broker has a “very shady business model” that runs afoul of European data privacy laws. First seen on therecord.media Jump to article: therecord.media/reputation-reports-data-broker-noyb-complaint-lituania
-
Jaguar Land Rover cyber-attack: what’s the latest news?
How is the government helping the carmaker? Will jobs be protected? And when will production restart?<ul><li><a href=”https://www.theguardian.com/business/live/2025/sep/29/moral-hazard-fears-jlr-jaguar-land-rover-government-loan-gsk-ceo-astrazeneca-listing-dollar-shutdown-business-live-news”>Business live latest updates</li></ul>Jaguar Land Rover’s factories have been shut for almost a month after <a href=”https://www.theguardian.com/business/2025/sep/02/jaguar-land-rover-cyber-incident-manufacturing-retail”>a cyber-attack that forced it to turn off computer systems in the UK, Slovakia, India and Brazil.The UK government has stepped in with…
-
Cloud Security Alliance führt neues SaaS-Framework ein
Tags: business, ceo, cloud, compliance, cyberattack, firewall, framework, international, ISO-27001, risk, saas, zero-trustMit dem SaaS Security Capability Framework (SSCF) hat die Cloud Security Alliance (CSA) einen neunen Sicherheitsstandart festgelegt.Das SaaS Security Capability Framework (SSCF) der Cloud Security Alliance (CSA) soll SaaS-Anbietern dabei helfen, Zero-Trust-Prinzipien in ihre Umgebungen zu integrieren und Kunden angesichts steigender Risiken durch Dritte konsistentere Sicherheitskontrollen zu bieten. Die Veröffentlichung der Leitlinien folgt auf die…
-
Chinese hackers breached critical infrastructure globally using enterprise network gear
Tags: access, backdoor, breach, business, china, communications, control, cve, defense, exploit, framework, germany, government, group, hacker, infrastructure, Internet, korea, law, malware, military, monitoring, network, open-source, penetration-testing, programming, service, threat, tool, update, vpn, vulnerability72-hour vulnerability exploitation window: RedNovember demonstrated the ability to weaponize newly disclosed vulnerabilities faster than most organizations could deploy patches, researchers found. When researchers published proof-of-concept code for Check Point VPN vulnerability CVE-2024-24919 on May 30, 2024, RedNovember was attacking vulnerable systems by June 3.That campaign hit at least 60 organizations across Brazil, Germany, Japan,…
-
Microsoft Flags AI-Driven Phishing: LLM-Crafted SVG Files Outsmart Email Security
Microsoft is calling attention to a new phishing campaign primarily aimed at U.S.-based organizations that has likely utilized code generated using large language models (LLMs) to obfuscate payloads and evade security defenses.”Appearing to be aided by a large language model (LLM), the activity obfuscated its behavior within an SVG file, leveraging business terminology and a…
-
SMS Pools and what the US Secret Service Really Found Around New York
Tags: apple, authentication, business, china, conference, control, country, credit-card, crime, crypto, data, email, exploit, finance, fraud, google, group, Hardware, infrastructure, iphone, jobs, korea, law, linux, mfa, mobile, phishing, phone, scam, service, smishing, software, theft, usa, windowsLast week the United Nations General Assembly kicked off in New York City. On the first day, a strange US Secret Service press conference revealed that they had seized 300 SIM Servers with 100,000 SIM cards. Various media outlets jumped on the idea that this was some state-sponsored sleeper cell waiting to destroy telecommunication services…
-
Adapting Your Security Strategy for Hybrid Cloud Environments
How Can Organizations Adapt Their Security Strategies for Hybrid Cloud Environments? Organizations face unique challenges while managing their hybrid clouds. But how can they efficiently adapt their security strategies to maintain robust protection? Hybrid cloud security has become a crucial component of modern business operations, requiring adaptable strategies that address multifaceted security concerns. One of……
-
Adapting Your Security Strategy for Hybrid Cloud Environments
How Can Organizations Adapt Their Security Strategies for Hybrid Cloud Environments? Organizations face unique challenges while managing their hybrid clouds. But how can they efficiently adapt their security strategies to maintain robust protection? Hybrid cloud security has become a crucial component of modern business operations, requiring adaptable strategies that address multifaceted security concerns. One of……

