未分类

Entrust Hack 安全漏洞

安全巨头 Entrust 终于确认其内部 IT 系统早在 6 月就遭到入侵.

Entrust 是一家专注于在线信任和身份管理的安全公司, 提供广泛的服务, 包括加密通信, 安全的数字支付, 和身份证发行解决方案.

黑客窃取了“一些文件”安全供应商 Entrust 承认: 上个月确认未经授权的内部系统访问导致数据泄露.

Entrust 不情愿地承认了数据泄露事件, 导致重要公司数据被盗. 违规行为影响 DOJ, 美国能源部, 和 USDT, 在其他主要组织中.

直到 7 月 26 日，安全研究员 Dominic Alvieri 在推特上发布了一份发送给 Entrust 客户的安全通知的屏幕截图，才公开证实了这一漏洞。.

责任集团操作依靠网络访问卖家的可信网络获得对 Entrust 环境的初始访问权限，从而导致随后通过已知的勒索软件集团进行加密和泄露暴露.

是否已支付赎金目前未知.

该漏洞于 6 月被发现 18 该公司从七月开始通知客户 6. 没有给出延迟通知客户的原因. 这种延迟显然会使客户系统面临风险，并可能被视为疏忽.

委托声明 “我们已确定某些文件是从我们的内部系统中获取的. 随着我们继续调查这个问题, 如果我们了解到我们认为会影响我们向您的组织提供的产品和服务的安全性的信息，我们将直接与您联系。” – 委托.

 

 

 

 

Your device is missing important security and quality fixes error

Here are few methods that can be helpful and any of them can be your solution.

1. Use Windows Settings Troubleshoot tool

Open Windows Settings and select Update & Security. Now go to the left pane and select Troubleshoot. Once the Windows Update troubleshooter opens, click “Run the troubleshooter” and wait for the process to complete. After the system restarts, try updating your computer again.

3. Repair corrupted files

第一的, run Command Prompt: In the Windows search box, type cmd, right-click the desired result and select “Run as administrator”.

Next, in the Command Prompt window, enter DISM.exe / Online / Cleanup-image / Restorehealth, press Enter and wait a few minutes for the process to complete. Now type sfc / scannow and press Enter. After the process is complete, close Command Prompt and check if Windows Update is working.

5. Rollback OS updates

Open Computer Settings and open Update & Security and in the right section, click “View update history”. Next, select Uninstall Updates and in the list that appears, click the latest update for Microsoft Windows. Now uninstall it and go back to Windows Update to check for updates. Both new and old updates should be installed as intended. You can also go to the official Microsoft Update Catalog website and search for the updates you are interested in; download and install them manually.

OKTA Security Breach 2022

Many large corporate customers were horrified to learn of the recent Okta security breach.

Okta says 366 corporate customers, or about 2.5% of its customer base, were impacted by a security breach that allowed hackers to access the company’s internal network.

The authentication giant admitted the compromise after the Lapsus$ hacking and extortion group posted screenshots of Okta’s apps and systems on Monday, some two months after the hackers first gained access to its network.

The breach was initially blamed on an unnamed subprocessor that provides customer support services to Okta. In an updated statement on Wednesday, Okta’s chief security officer David Bradbury confirmed the subprocessor is a company called Sykes, which last year was acquired by Miami-based contact center giant Sitel.

Okta has admitted it “made a mistake” by not telling customers sooner about a security breach in January, in which hackers were able to access the laptop of a third-party customer support engineer.

The Lapsus$ hacking group published screenshots of Okta’s systems on March 22, taken from the laptop of a Sitel customer support engineer, which the hackers had remote access to on January 20.

“We want to acknowledge that we made a mistake. Sitel is our service provider for which we are ultimately responsible. In January, we did not know the extent of the Sitel issue – only that we detected and prevented an account takeover attempt and that Sitel had retained a third party forensic firm to investigate. At that time, we didn’t recognize that there was a risk to Okta and our customers

 

This is a sample intro paragraph and can be used to introduce readers to your article.

This is an example of a WordPress post, you could edit this to put information about yourself so readers know where you are coming from. You can create as many posts as you like in order to share with them what is on your mind.

Continue Reading