Yazılar

US Warns Firms to Secure Microsoft Tools After Cyberattack

/in /tarafından

U.S. authorities have urged companies to strengthen the security of Microsoft’s endpoint management systems following a cyberattack on medical device manufacturer Stryker.

The attack disrupted Stryker’s operations, affecting order processing, manufacturing and product shipments. The company reported a global issue linked to its Microsoft environment, though it later said the incident had been contained.

The Cybersecurity and Infrastructure Security Agency warned that similar attacks could target other organizations and advised companies to follow best practices for securing Microsoft Intune, a tool used to manage devices, applications and user access.

An Iran-linked hacking group claimed responsibility, highlighting the growing geopolitical dimension of cyber threats. U.S. agencies, including the FBI, are now working to assess risks and coordinate response measures.

The incident underscores the importance of securing enterprise systems as cyberattacks increasingly target critical infrastructure and corporate operations.

US cybersecurity firm F5 breach linked to Chinese state-backed hackers, sources say

/in /tarafından

A breach at U.S.-based cybersecurity company F5 has been attributed to state-backed hackers from China, according to two people familiar with the investigation. The revelation comes a day after U.S. officials warned that federal networks using F5 products were being targeted by a “nation-state cyber threat actor.”

Sources told Reuters that the hackers had been inside F5’s network for over a year, gaining access to sensitive files, including parts of the company’s source code and details about vulnerabilities that could be exploited to attack government and corporate systems.

The Cybersecurity and Infrastructure Security Agency (CISA) said the breach posed an imminent threat to U.S. federal networks and urged immediate patching and updates to F5 devices. Acting Director Madhu Gottumukkala warned that the same vulnerabilities could lead to “a catastrophic compromise of critical information systems” across sectors.

F5, which provides security and networking products to both public and private clients, has not commented on the attribution. The company previously confirmed unauthorized access to some internal systems but said its operations were unaffected.

Responding to the allegation, Chinese Embassy spokesperson Liu Pengyu said Beijing “opposes and combats hacking activities in accordance with the law” and criticized what it called “false information for political purposes.”

U.S. investigators are continuing to assess the full scope of the breach, which highlights the persistent cybersecurity risks facing key technology providers in both government and industry supply chains.

US warns hackers exploiting F5 vulnerabilities pose imminent threat to federal networks

/in /tarafından

U.S. officials have warned that government networks are being targeted by a nation-state cyber threat actor exploiting vulnerabilities in products made by F5, a major cybersecurity and networking firm. The Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive ordering federal agencies to locate and patch affected systems immediately.

According to CISA, hackers compromised F5’s internal systems, stealing files that included portions of its source code and information about undisclosed vulnerabilities. Officials said the stolen data could serve as a blueprint for future intrusions, enabling attackers to breach F5 devices and potentially gain full control over government or corporate networks.

“The cyber threat actor presents an imminent threat to federal networks,” said Nick Andersen, CISA’s Executive Assistant Director for Cybersecurity. He urged all organizations using F5 products to apply updates urgently, warning that the risk extends “to every organization and sector.”

F5 said it discovered unauthorized access on August 9 and quickly took “extensive actions” to contain the breach, engaging outside experts including CrowdStrike, Mandiant, and NCC Group. The company said there was no evidence its software development processes were tampered with, and operations remain unaffected. However, information from a few customers was accessed, and those affected have been contacted.

The U.S. Department of Justice delayed public disclosure of the breach until September 12 for national security reasons. The UK’s National Cyber Security Centre also issued a parallel warning urging users to install security updates.