JumpCloud compromised by APT group
Contents
Risky Biz News: JumpCloud compromised by APT group
In other news: Supply chain attack hits Pakistani government; WordPress security plugin logged user passwords in plaintext; UK IT worker sentenced to prison for trying to hijack ransomware payment.
This newsletter is brought to you by asset inventory and network visibility company runZero. You can subscribe to an audio version of this newsletter as a podcast by searching for "Risky Business News" in your podcatcher or subscribing via this RSS feed. On Apple Podcasts:
Cloud hosting provider JumpCloud says that its recent rush to change all customer API keys was made in the aftermath of discovering a major security breach of its internal systems by a state-sponsored APT group.
In a post-mortem of the incident, JumpCloud CISO Robert Phan says the attack was "extremely targeted and limited to specific customers."
A timeline of the intrusion, according to the company's report, is as follows:
June 22: The attacker gains …
In other news: Supply chain attack hits Pakistani government; WordPress security plugin logged user passwords in plaintext; UK IT worker sentenced to prison for trying to hijack ransomware payment.
This newsletter is brought to you by asset inventory and network visibility company runZero. You can subscribe to an audio version of this newsletter as a podcast by searching for "Risky Business News" in your podcatcher or subscribing via this RSS feed. On Apple Podcasts:
Cloud hosting provider JumpCloud says that its recent rush to change all customer API keys was made in the aftermath of discovering a major security breach of its internal systems by a state-sponsored APT group.
In a post-mortem of the incident, JumpCloud CISO Robert Phan says the attack was "extremely targeted and limited to specific customers."
A timeline of the intrusion, according to the company's report, is as follows:
June 22: The attacker gains …