Security Affairs

AUGUST 28, 2021

vpnMentor’s researchers reported that the Chinese mobile gaming company EskyFun suffered a data breach, over 1 million gamers impacted. . vpnMentor’s researchers discovered that the Chinese mobile gaming company EskyFun suffered a data breach, information of over 1 million gamers were exposed on an unsecured server. .

Data breaches 131

Data breaches Mobile Data collection Hacking 131

The Last Watchdog

NOVEMBER 21, 2018

News of data breaches, data vulnerabilities and compromised private information is released almost daily from businesses both small and large. Legislation has recently been proposed for individual states, addressing data privacy regulations head-on. Related: Europe’s GDPR ushers in new privacy era.

Data privacy 133

Data privacy Data collection Big data Government 133

Security Affairs

JUNE 9, 2024

New York Times source code compromised via exposed GitHub token SolarWinds fixed multiple flaws in Serv-U and SolarWinds Platform Pandabuy was extorted twice by the same threat actor UAC-0020 threat actor used the SPECTR Malware to target Ukraine’s defense forces Chinese threat actor exploits old ThinkPHP flaws since October 2023 A new Linux (..)

Data breaches 125

Data breaches Banking Hacking Malware 125

Hot for Security

MARCH 17, 2021

Fact: Zynga, the California-based social game developer, suffered a major data breach in 2019 when a malicious actor stole 218 million records belonging to “Words With Friends” players. If you were a victim of the Zynga data breach, you’ve probably changed the password for your account already.

Data breaches 105

Data breaches Passwords Accountability Media 105

Security Affairs

MAY 12, 2021

Businesses must ensure that these entities understand and respect the consumers’ data rights and do not use the data in any manner inconsistent with the purpose for which it was originally collected. Data breaches and other threats. The culprit gained access to sensitive data of 11.9 Privacy Violations.

Data collection 108

Data collection Data breaches VPN Risk 108

Security Affairs

MAY 2, 2021

The Threat Report Portugal: Q1 2021 compiles data collected on the malicious campaigns that occurred from January to March, Q1, of 2021. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática.

Threat Reports 106

Threat Reports Phishing Malware Data collection 106

Security Affairs

JULY 22, 2021

The Threat Report Portugal: Q1 2021 compiles data collected on the malicious campaigns that occurred from April to June, Q2, of 2021. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática.

Threat Reports 123

Threat Reports Phishing Malware Banking 123

Security Affairs

JULY 12, 2021

For the third time in the past four months, LinkedIn seems to have experienced another massive data scrape conducted by a malicious actor. Once again, an archive of data collected from hundreds of millions of LinkedIn user profiles surfaced on a hacker forum, where it’s currently being sold for an undisclosed sum.

Social Engineering 144

Social Engineering Data collection Media Passwords 144

Security Affairs

JANUARY 17, 2021

It is time to re-evaluate Cyber-defence solutions New Zealand central bank hit by a cyber attack TeamTNT botnet now steals Docker API and AWS credentials Connecting the dots between SolarWinds and Russia-linked Turla APT Experts found gained access to the Git Repositories of the United Nations Russian hacker Andrei Tyurin sentenced to 12 years in prison (..)

Banking 108

Banking Data collection Malware Data breaches 108

BH Consulting

MARCH 26, 2025

Make digital risk a board-level responsibility Directors should integrate AI governance, cybersecurity, and data protection into corporate strategy. Take a risk-based approach Identify, assess, and mitigate risks related to cybersecurity, AI ethics, and personal data protection.

Government 52

Government Artificial Intelligence Risk Digital transformation 52

eSecurity Planet

SEPTEMBER 21, 2024

Each of these regulations addresses different aspects of cybersecurity and data protection, making it essential for businesses and organizations to stay informed and proactive. HIPAA also requires organizations to conduct regular risk assessments and report data breaches.

Cybersecurity 122

Cybersecurity Computers and Electronics Cyber threats Healthcare 122

Security Affairs

NOVEMBER 14, 2021

The Threat Report Portugal: Q3 2021 compiles data collected on the malicious campaigns that occurred from July to September, Q3, of 2021. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática.

Threat Reports 108

Threat Reports Phishing Malware Banking 108

Security Affairs

FEBRUARY 20, 2022

The Threat Report Portugal: Q4 2021 compiles data collected on the malicious campaigns that occurred from July to September, Q4, of 2021. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática.

Threat Reports 98

Threat Reports Phishing Malware Banking 98

Centraleyes

DECEMBER 11, 2024

Implementation of Security Controls: Controls based on standards such as ISO 27001 or NIST Cybersecurity Framework 2.0 Governance and Accountability: Organizations must establish governance structures, including appointing a Chief Information Security Officer (CISO) or equivalent roles, to oversee cybersecurity initiatives.

Risk 52

Risk Cybersecurity Penetration Testing Digital transformation 52

Security Affairs

MARCH 7, 2021

jailbreaking tool Attackers took over the Perl.com domain in September 2020 Bug bounty hunter awarded $50,000 for a Microsoft account hijack flaw Clop ransomware gang leaks data allegedly stolen from cybersecurity firm Qualys Cyber Defense Magazine – March 2021 has arrived.

Data breaches 77

Data breaches Data collection Ransomware Hacking 77

Security Affairs

NOVEMBER 8, 2021

With copious amounts of data collected by healthcare facilities, cybercriminals often target such entities. Moreover, the healthcare industry collects unique data, known as Protected Health Information (PHI), which is extremely valuable. The healthcare industry might be known for the work it does to treat patients.

Healthcare 118

Healthcare Identity Theft Digital transformation Data collection 118

SecureWorld News

APRIL 30, 2023

One of the most important responsibilities of security professionals is to avoid data breaches. At the same time, the IBM report reveals that it takes an average of 277 days to detect and contain a data breach. Analysts from Gartner introduced a specific concept known as Data-Centric Audit and Protection ( DCAP ).

Technology 98

Technology Unstructured Data Data breaches Information Security 98

Security Affairs

JANUARY 9, 2023

All data collected by the dashboard can be exported in different formats and can be analyzed using useful graphics. . “The strength of this OSINT Italian project , quite unique in its kind, is the chance of following it with a standard, worldwide and easy RSS feed.” ” explained the development team.

Ransomware 98

Ransomware Data collection Hacking Cybersecurity 98

SecureWorld News

JUNE 24, 2024

Regulations galore Against this backdrop, there are myriad global data protection regulations. The EU's General Data Protection Regulation (GDPR) is widely considered the de facto gold standard. This may include but is not limited to sensor data, voice recognition, driver behavior, conversations, locations traversed, and PII.

IoT 107

IoT InfoSec Artificial Intelligence Risk 107

Security Affairs

OCTOBER 27, 2022

Either way, even if all of the data was essential, that doesn’t make it less sensitive if leaked. Information stored on the server is extremely sensitive. Cases like these raise questions about corporate data collection practices. Information stored on the server is extremely sensitive.

IoT 126

IoT Engineering Passwords Media 126

SiteLock

AUGUST 27, 2021

This tricks the database into allowing an attacker unauthorized access to the sensitive data collected on your website. In the “ SiteLock 2019 Website Security Report ,” we found that 6% of the 6 million websites we evaluated had SQLi vulnerabilities. Any company doing business online should keep database security top of mind.

Backups 98

Backups Encryption Firewall Small Business 98

SC Magazine

MARCH 10, 2021

” “It would be possible, on detailed examination of video, to compromise elements of operational security,” agreed Mike Hamilton, co-founder and chief information security officer of CI Security and former Seattle CISO. Odds are more than one was breached here,” said Davisson. “I

Surveillance 129

Surveillance IoT Accountability Passwords 129

Malwarebytes

JANUARY 16, 2024

“The attack vector included the scanning and identification of externally facing Mac services to include the Apple Filing Protocol (AFP, port 548), RDP, VNC, SSH (port 22), and Back to My Mac (BTMM), which would be targeted with weak passwords or passwords derived from 3rd party data breaches.” This can take years, however.

Malware 109

Malware Passwords Identity Theft Data collection 109

Privacy and Cybersecurity Law

MARCH 23, 2018

” A prior IBM Study on the cost of data breaches found, using a sample of 419 companies in 13 countries and regions, that 47% of data breach incidents in 2016 involved a malicious or criminal attack, 25% were due to negligent employees or contractors (i.e.,

Cybersecurity 40

Cybersecurity Data breaches Artificial Intelligence IoT 40

Security Affairs

DECEMBER 29, 2019

.” Song pointed out that several of the things reported by Twelve are not true, for example he denied that Wyze sends data to Alibaba Cloud in China. Song also added that Wyze only collected health data from 140 users who were beta-testing a new smart scale product, the claims of a massive data collection were fake.

IoT 96

IoT Accountability Advertising Wireless 96

Thales Cloud Protection & Licensing

JULY 11, 2019

The GDPR applies to businesses that collect and use personal information from citizens of the EU, regardless of where the business itself is located. Breach notifications. The GDPR mandates that a business must inform EU DPAs very quickly (within 72 hours) and thoroughly of any security data breach involving European citizens.

Risk 97

Risk Encryption Accountability Government 97

Centraleyes

DECEMBER 10, 2023

SOC 2 is the gold standard in Information Security certifications and shows the world just how seriously your company takes Information Security. And keep in mind, the cost of an audit doesn’t compare to the cost of the data breach it’s protecting you from (currently averaging on $4.24 Automation.

Risk 59

Risk Data breaches Software Information Security 59

Security Boulevard

MAY 15, 2024

As such, these apps appear to operate in a legal "gray area," but that doesn't mean their data practices are ethical or even follow proper basic information security principles for safeguarding data.

Advertising 52

Advertising Insurance Accountability Data Analyst 52

SecureList

MARCH 29, 2021

Over the past few years, there has been a notable increase in data breaches related to data stored in the cloud. This simplicity is what ultimately poses a danger to the owners of file repositories in AWS known as “buckets”, which are most often breached due to an incorrect system configuration.

Identity Theft 124

Identity Theft Phishing Accountability Banking 124

eSecurity Planet

AUGUST 15, 2022

Long-term search capabilities for slower threats spanning historical data. Access to 350+ cloud connectors for data collection and API-based cloud integrations. Through the NetWitness Platform, teams can centralize all monitoring data for events, endpoints, and networks, with threat intelligence and detection analytics.

Software 116

Software Small Business Marketing Firewall 116

SecureWorld News

JANUARY 26, 2021

As part of the 2021 State of the State address, Governor Andrew Cuomo announced a comprehensive law that "will provide New Yorkers with transparency and control over their personal data and provide new privacy protections.". New York has already had laws on the books related to data security.

Data privacy 98

Data privacy Data collection Data breaches Cybersecurity 98

Security Affairs

FEBRUARY 2, 2025

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches 65

Data breaches Cybercrime Healthcare Ransomware 65

Security Affairs

JANUARY 4, 2023

The vulnerability was exploited by multiple threat actors to scrape Twitter user profiles containing both private (phone numbers and email addresses) and public data. Then the scraped data were offered on various online cybercrime marketplaces. In November, data from 5.4M

Data breaches 98

Data breaches Accountability Hacking Data collection 98

Security Affairs

MARCH 2, 2025

Ransomware gangs exploit a Paragon Partition Manager BioNTdrv.sys driver zero-day Microsoft disrupted a global cybercrime ring abusing Azure OpenAI Service Attackers could hack smart solar systems and cause serious damages Enhanced capabilities sustain the rapid growth of Vo1d botnet Cisco fixed command injection and DoS flaws in Nexus switches China-linked (..)

Cybercrime 60

Cybercrime Hacking Ransomware Cryptocurrency 60