Security Affairs

OCTOBER 13, 2024

CISA adds Windows and Qualcomm bugs to its Known Exploited Vulnerabilities catalog Three new Ivanti CSA zero-day actively exploited in attacks Ukrainian national pleads guilty in U.S.

Data breaches 116

Data breaches Cryptocurrency Cybercrime Artificial Intelligence 116

Security Affairs

OCTOBER 20, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches 117

Data breaches Cybercrime Cyber Insurance Marketing 117

Security Affairs

MARCH 16, 2020

Aerial Direct’s data breach notification sent to the customers revealed that an unauthorized third party had been able to access customer data on 26 February through an external backup database. ” reads the data breach notification published by the company. Pierluigi Paganini.

Data breaches 138

Data breaches Telecommunications Passwords Advertising 138

Security Affairs

NOVEMBER 20, 2023

The Canadian government discloses a data breach after threat actors hacked two of its contractors. “On October 19 th , 2023, Brookfield Global Relocation Services (BGRS) informed the Government of Canada of a breach involving Government of Canada information held by BGRS and SIRVA Canada systems.”

Data breaches 137

Data breaches Government Hacking Backups 137

Troy Hunt

FEBRUARY 4, 2024

Here goes: Last week, someone reached it to me with what they claimed was a Spoutible data breach obtained by exploiting an enumerable API. But fortunately these days many people make use of 2 factor authentication to protect against account takeover attacks where the adversary knows the password. And the 2FA backup code?

Passwords 363

Passwords Accountability Backups Data breaches 363

Security Affairs

AUGUST 21, 2021

The US Cybersecurity and Infrastructure Security Agency (CISA) released guidance on how to prevent data breaches resulting from ransomware attacks. The fact sheet also recommends organizations to protect sensitive data belonging to customers or employees. ” reads CISA’s guideline. Pierluigi Paganini.

Data breaches 122

Data breaches Ransomware Backups Technology 122

Hot for Security

MARCH 29, 2021

Have you ever wondered why your email address and other information appeared in a data breach impacting a platform you never signed up for? You probably don’t recall creating an account on the Verifications.io and River City Media data breaches. platform or River City Media. That’s because you didn’t.

Data breaches 116

Data breaches Media Marketing Accountability 116

Security Affairs

APRIL 14, 2023

Open-source media player software provider Kodi discloses a data breach after threat actors stole its MyBB forum database. Kodi has disclosed a data breach, threat actors have stolen the company’s MyBB forum database that contained data for over 400K users and private messages.

Data breaches 98

Data breaches Backups Passwords Accountability 98

Troy Hunt

DECEMBER 19, 2017

Yesterday, I wrote the first part of this 5-part series on fixing data breaches and I focused on education. The next few parts of this series all focus on cures - how do we fix data breaches once bad code has already been written or bad server configurations deployed? Who now owns that data? The cat site?

Data breaches 157

Data breaches Data collection B2B Mobile 157

Krebs on Security

APRIL 6, 2021

To my mind, this just reinforces the need to remove mobile phone numbers from all of your online accounts wherever feasible. Meanwhile, if you’re a Facebook product user and want to learn if your data was leaked, there are easy ways to find out. The phone number associated with my late Facebook account (which I deleted in Jan.

Mobile 357

Mobile Accountability Passwords Authentication 357

Security Affairs

AUGUST 20, 2024

Toyota has confirmed a data breach after a threat actor leaked 240GB of data stolen from its infrastructure on a cybercrime forum. Toyota disclosed a data breach after a threat actor leaked an archive of 240GB of data stolen from its systems on a cybercrime forum, BleepingComputer reported.

Data breaches 117

Data breaches Cybercrime Financial Services Hacking 117

Adam Levin

DECEMBER 16, 2020

Don’t re-use passwords: Yes, keeping track of passwords for all of your accounts can be a chore, but using the same password means that one breached account can be used to others that use the same user credentials. Always check your credit for new accounts or unusual activity. It’s not worth the risk.

VPN 245

VPN Antivirus Passwords Backups 245

Troy Hunt

JULY 21, 2020

This comes as no surprise to regular followers, nor should it come as a surprise that I maintain an Untappd account, logging my beer experiences as I (used to ??) Someone had registered a new Netflix account with my email / password associated with my BeerAdvocate account. I love beer. You'll never believe what happened next.

Passwords 344

Passwords Accountability Password Management Backups 344

Webroot

MARCH 3, 2025

The growing risks to your data During the third quarter of 2024, data breaches exposed more than 422 million records worldwide. As of 2024, the average cost of a data breach in the United States amounted to $9.36 In comparison, the global average cost per data breach was $4.88

Consumer Protection 88

Consumer Protection Identity Theft Scams Social Engineering 88

Krebs on Security

MAY 7, 2022

The tech giants are part of an industry-led effort to replace passwords, which are easily forgotten, frequently stolen by malware and phishing schemes, or leaked and sold online in the wake of corporate data breaches. “I worry about forgotten password recovery for cloud accounts.” ” Bellovin wondered.

Passwords 269

Passwords Authentication Accountability Mobile 269

SecureWorld News

NOVEMBER 14, 2024

With ransomware tactics growing more advanced and attackers increasingly targeting high-stakes environments like healthcare, the protection of patient data and continuity of care are more at risk than ever. If this information falls into the wrong hands during a data breach, it can be used to commit identity theft or fraud.

Healthcare 120

Healthcare Ransomware Identity Theft Data breaches 120

Security Affairs

MAY 8, 2023

Western Digital is notifying its customers of a data breach that exposed their sensitive personal information, the incident took place in March. The company is sending customers data breach notification letters to confirm that threat actors have stolen sensitive personal information in the March attack.

Data breaches 98

Data breaches Backups Ransomware Network Security 98

Krebs on Security

JULY 29, 2022

re, a proxy service that since 2015 has sold access to hundreds of thousands of Microsoft Windows computers daily, announced this week that it is shutting down in the wake of a data breach that destroyed key components of its business operations. re servers, data and backups of that data.

Cybercrime 317

Cybercrime Software VPN Backups 317

Krebs on Security

FEBRUARY 12, 2019

Email provider VFEmail has suffered what the company is calling “catastrophic destruction” at the hands of an as-yet unknown intruder who trashed all of the company’s primary and backup data in the United States. “I fear all US based data my be lost.” data back,” Romero said in an online chat.

Hacking 275

Hacking DDOS Backups Accountability 275

Krebs on Security

NOVEMBER 29, 2023

That access allowed the hackers to steal authentication tokens from some Okta customers, which the attackers could then use to make changes to customer accounts, such as adding or modifying authorized users. For this reason, they can’t be locked down with multifactor authentication the way user accounts can.

Authentication 294

Authentication Accountability Passwords Antivirus 294

Security Affairs

JANUARY 10, 2019

The social media platform Reddit has notified users that some of them have been locked out of their accounts after detecting suspicious activity. Reddit locked down a large number of user accounts after due to a security concern after detecting suspicious activity on them. . ” reads a post published by one of the Reddit admins.

Accountability 107

Accountability Data breaches Passwords Advertising 107

The Last Watchdog

SEPTEMBER 25, 2023

The average cost of a cybersecurity breach was $4.45 million in 2023, according to IBM’s Cost of a Data Breach Report, and over 700,000 small businesses were targeted in cybersecurity attacks in 2020, according to the Small Business Association. Nonprofits are equally at risk, and often lack cybersecurity measures.

Small Business 222

Small Business Cybersecurity Technology Accountability 222

Security Affairs

JANUARY 24, 2023

GoTo is notifying customers that its development environment was breached in November 2022, attackers stole customers’ backups and encryption key. ” reads the data breach notification. Now the investigation revaled that threat actors were able to access customers’ data.

Backups 98

Backups Encryption Data breaches Passwords 98

SecureWorld News

APRIL 20, 2023

CommScope, a network infrastructure company based in North Carolina with more than 30,000 global employees, has suffered a data breach and leak following an apparent ransomware attack last month.

Data breaches 98

Data breaches Ransomware Education Backups 98

Security Affairs

AUGUST 1, 2018

Reddit Warns Users of Data Breach. Reddit is warning its users of a security breach, an attacker broke into the systems of the platform and accessed user data. Reddit is warning its users of a security breach, a hacker broke into the systems of the platform and accessed user data.

Data breaches 79

Data breaches Backups Passwords Authentication 79

SecureWorld News

MARCH 22, 2023

Ferrari has disclosed a data breach following a ransom demand received from attackers that gained access to some of the company's IT systems. So far, Ferrari is yet to find evidence that payment details, bank account numbers, or other sensitive payment information was accessed or stolen.

Data breaches 98

Data breaches Ransomware Backups Cybercrime 98

Schneier on Security

DECEMBER 26, 2022

The threat actor was also able to copy a backup of customer vault data from the encrypted storage container which is stored in a proprietary binary format that contains both unencrypted data, such as website URLs, as well as fully-encrypted sensitive fields such as website usernames and passwords, secure notes, and form-filled data.

Passwords 299

Passwords Encryption Backups Password Management 299

The Last Watchdog

MARCH 6, 2021

It is essential to ensure that all accounts are protected with strong passwords. To this day, a significant amount of people still use the password across multiple accounts, which makes it much simpler for a cybercriminal to compromise a password and take over accounts. Set-up 2-factor authentication. Use antivirus software.

VPN 214

VPN Passwords Firewall Risk 214

Responsible Cyber

NOVEMBER 17, 2024

Image Source: AI Generated Recent data breaches have exposed sensitive information from millions of customers across healthcare, financial services, and technology sectors. These data breaches highlight significant vulnerabilities in vendor relationships and supply chain security. million per incident in 2023.

Data breaches 98

Data breaches Healthcare Social Engineering Financial Services 98

Security Affairs

APRIL 5, 2020

The popular hacking forum OGUsers was hacked again, it is the second security breach it has suffered in a year, the news was first reported by ZDNet. OGUsers is a black marketplace known for selling any kind of stolen data, including Instagram, Fortinet, Minecraft, Steam, PSN, Fortinet, Skype, and Snapchat accounts.

Hacking 141

Hacking Data breaches Advertising Backups 141

Krebs on Security

DECEMBER 3, 2021

Cyber intelligence platform Constella Intelligence told KrebsOnSecurity that the operns@gmail.com address was used in 2016 to register an account at filmai.in , which is a movie streaming service catering to Lithuanian speakers. The username associated with that account was “ bo3dom.” com back in 2011, and sanjulianhotels[.]com

Ransomware 346

Ransomware Passwords Accountability Cybercrime 346

Krebs on Security

SEPTEMBER 30, 2023

“Experience in backup, increase privileges, mikicatz, network. According to Constella Intelligence , a data breach and threat actor research platform, a user named Semen7907 registered in 2017 on the Russian-language programming forum pawno[.]ru was also used to register an account at the online game stalker[.]so

Ransomware 274

Ransomware Accountability Cybercrime Backups 274

Krebs on Security

NOVEMBER 11, 2019

Data backup services. Netflow data. Microsoft Active Directory accounts and passwords. Battery backup systems. Battery backup systems. By all accounts, this was a comprehensive goof: The Orvis credentials file even contained the combination to a locked safe in the company’ server room.

Retail 226

Retail Passwords Wireless Backups 226

The Last Watchdog

JUNE 12, 2023

•Social security number •Passport number •Driver’s license •Credit card information •Biometric data (fingerprint, eye scan, facial recognition data) •Health records Bruggeman When demographic information and sensitive information are combined and then inappropriately disclosed, you end up with a data disclosure incident or a data breach.

Information Security 202

Information Security Data breaches CISO Encryption 202

Krebs on Security

OCTOBER 28, 2020

That transaction included credentials to a Remote Desktop Protocol (RDP) account apparently set up by a Gunnebo Group employee who wished to access the company’s internal network remotely. Five months later, Gunnebo disclosed it had suffered a cyber attack targeting its IT systems that forced the shutdown of internal servers. .”

Hacking 357

Hacking Ransomware Banking Accountability 357

Security Affairs

AUGUST 29, 2022

Threat actors behind the Twilio hack also gained access to the accounts of 93 individual users of its Authy two-factor authentication (2FA) service. Early August, the communications company Twilio discloses a data breach , threat actors had access to the data of some of its customers.

Accountability 100

Accountability Authentication Phishing Data breaches 100

IT Security Guru

JUNE 13, 2024

This is an urgent notice to inform you that your data has been compromised, and we have secured a backup.” This note is followed by instructions to contact the attackers via Telegram to negotiate the return of their data. When it comes to protecting GitHub data, it is crucial to understand who is responsible for creating backup.

Backups 134

Backups Authentication Data breaches Social Engineering 134