Daniel Miessler

MAY 19, 2020

TOPIC: In this episode, Daniel takes a look at the 2020 Verizon Data Breach Investigations Report. Verizon’s Breach Report is one of the best infosec reports out there, and I’m always excited when I hear it’s been released. 45% of breaches involved Hacking. Hacking types and vectors.

Data breaches 130

Data breaches Phishing Malware Hacking 130

Troy Hunt

NOVEMBER 2, 2020

His comedy skit nailed it too: my Twitter timeline is literally just me talking about the things I'm interested in and whilst that might be predominantly technology and infosec stuff, turns out I actually have a life beyond that too. I mean, seriously now.

Data breaches 359

Data breaches InfoSec Media Technology 359

Security Affairs

DECEMBER 30, 2023

The INC RANSOM ransomware group claims to have hacked the American multinational corporation Xerox Corp. The INC RANSOM ransomware group claims responsibility for hacking the American multinational corporation Xerox Corp and threatens to disclose the alleged stolen data.

Ransomware 143

Ransomware InfoSec Data breaches Hacking 143

Troy Hunt

JULY 21, 2021

When the Ashley Madison data breach occurred in 2015, it made headline news around the world. Not just infosec headlines or tech headlines, but the headlines of major consumer media the likes my mum and dad would read.

Accountability 363

Accountability Data breaches Government InfoSec 363

eSecurity Planet

OCTOBER 18, 2024

EC-Council : The International Council of E-Commerce Consultants, or EC-Council, offers several certifications for different career paths but is best known for its white-hat hacking program. Meanwhile, they’re also analyzing systems to isolate vulnerabilities, investigating data breaches, and developing best practices and policies.

Cybersecurity 125

Cybersecurity Artificial Intelligence Penetration Testing CISO 125

Troy Hunt

SEPTEMBER 8, 2022

Captivating stuff, apart from infosec, you really feel as though you’ve been taken on a journey with Troy through the years of living in paradise a.k.a. Plenty of tech, data breaches, career hacks, IoT, Cloud, password management, application security, and more, delivered in a fun way. This book has it all.

InfoSec 363

InfoSec Password Management Passwords IoT 363

Security Boulevard

SEPTEMBER 12, 2022

TikTok has denied reports that it was breached by a hacking group, after it claimed they have gained access to over 2 billion user records, the Los Angeles school district, the second-largest in the US, suffered a ransomware attack, and details on how one high school in Sydney Australia installed fingerprint scanners at the entrance […].

Data breaches 98

Data breaches Ransomware Hacking Surveillance 98

Troy Hunt

NOVEMBER 8, 2021

Their CEO later explained it very succinctly: "We did have a reporter, try to contact us multiple times last week, you don't respond to some random person about a data breach. — Michael Kan (@Michael_Kan) February 28, 2017 Problem is, random people are precisely the sorts of people that find data breaches.

Scams 71

Scams Data breaches InfoSec Social Engineering 71

Krebs on Security

FEBRUARY 22, 2024

A new data leak that appears to have come from one of China’s top private cybersecurity firms provides a rare glimpse into the commercial side of China’s many state-sponsored hacking groups. APT stands for Advanced Persistent Threat, a term that generally refers to state-sponsored hacking groups.

Government 325

Government Hacking Cyber threats Mobile 325

Security Affairs

JULY 13, 2020

Records of 45 Million+ travelers to Thailand and Malaysia Leaked on #Darkweb (Blog Link) [link] #infosec #leaks #CyberSecurity pic.twitter.com/zHOujQ8CMm — Cyble (@AuCyble) July 12, 2020. The huge trove of data was discovered by the researchers during their regular Deepweb and Darkweb monitoring activity. Pierluigi Paganini.

Mobile 145

Mobile InfoSec Data breaches Advertising 145

Security Affairs

MARCH 21, 2022

Microsoft is investigating claims that the Lapsus$ hacking group breached its internal Azure DevOps source code repositories. Microsoft announced that is investigating claims that the Lapsus$ cybercrime gang breached their internal Azure DevOps source code repositories and stolen data. Pierluigi Paganini.

Hacking 98

Hacking InfoSec Telecommunications Cybercrime 98

Security Affairs

NOVEMBER 11, 2022

An initial access broker claims to have hacked Deutsche Bank and is offering access to its systems for sale on Telegram. A threat actor ( 0x_dump ) claims to have hacked the multinational investment bank Deutsche Bank and is offering access to its network for sale online. SecurityAffairs – hacking, Deutsche Bank).

Banking 98

Banking Hacking InfoSec Insurance 98

Security Affairs

SEPTEMBER 10, 2023

Get tips and tricks Norway court rules against Facebook owner Meta in privacy case Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter ) The post Security Affairs newsletter Round 436 by Pierluigi Paganini – International edition appeared first on Security Affairs.

DDOS 130

DDOS VPN Data breaches Cybercrime 130

Security Affairs

AUGUST 22, 2022

LockBit ransomware gang claims to have hacked the IT giant Entrust and started leaking the stolen files. The Lockbit ransomware gang claimed to have hacked the company and is threatening to leak the stolen files. SecurityAffairs – hacking, Lockbit). Entrust Corp. Entrust Corp. Tor leak site. No one seen taking credit to date.

DDOS 98

DDOS Hacking Ransomware InfoSec 98

Jane Frankland

FEBRUARY 7, 2025

When data breaches escalate, cyber-attacks grow more sophisticated, nation states ramp up their digital warfare, and regulations tighten the noose, staying ahead isnt just an optionits your only line of defence. Beyond the immediate financial losses caused by data breaches, the damage to a companys reputation can be devastating.

Cyber Risk 130

Cyber Risk CISO Risk Encryption 130

eSecurity Planet

APRIL 23, 2021

Since 2017, host Jack Rhysider has investigated some of the most noteworthy stories related to the darkside of the internet, specifically hacking, data breaches, and cybercrime. It requires some baseline industry knowledge, but it’s a great way to stay on top of InfoSec current events. Hacking Humans.

Cybersecurity 144

Cybersecurity InfoSec Cybercrime Hacking 144

Security Boulevard

NOVEMBER 5, 2023

Finally, we discuss Google Play Protect’s new feature, “Real-time App Analysis,” which […] The post Okta Hacked Again, Quishing Is The New Phishing, Google Play Protect Real-Time Scanning appeared first on Shared Security Podcast.

Phishing 109

Phishing Hacking Data privacy Data breaches 109

Security Affairs

JANUARY 7, 2023

He correctly speculates that the negotiations failed and the ransomware gang opted to leak all data without waiting for the planned deadline. Hive Ransomware just leaked 550gb of Consulate Health Care customer and employee PII data. SecurityAffairs – hacking, Consulate Health Care). Pierluigi Paganini.

Ransomware 98

Ransomware Insurance Data breaches InfoSec 98

Security Boulevard

MAY 11, 2023

In this comprehensive blog, we explore the cybercriminal's mindset, the techniques they employ, and the devastating effects of a data breach. More importantly, we provide strategic insights into how to identify and respond to these breaches, underlining the significance of Managed Detection and Response (MDR) solutions.

Data breaches 52

Data breaches Penetration Testing InfoSec Risk 52

Security Boulevard

MARCH 27, 2022

The LAPSUS$ hacking group has claimed to have hacked both Microsoft and Okta, details about a novel phishing technique called a browser-in-the-browser (BitB) attack, and how a popular software package that has 1.1

Phishing 98

Phishing Software Hacking Social Engineering 98

Krebs on Security

DECEMBER 29, 2022

I seem to be doing most of that activity now on Mastodon , which appears to have absorbed most of the infosec refugees from Twitter, and in any case is proving to be a far more useful, civil and constructive place to post such things. It emerges that email marketing giant Mailchimp got hacked. Uber blames LAPSUS$ for the intrusion.

Cryptocurrency 292

Cryptocurrency Cybercrime Computers and Electronics Scams 292

Security Boulevard

AUGUST 21, 2022

The post Multi-Factor Authentication Fatigue Attack, Signal Account Twilio Hack, Facebook and Instagram In-App Browser appeared first on The Shared Security Show. The post Multi-Factor Authentication Fatigue Attack, Signal Account Twilio Hack, Facebook and Instagram In-App Browser appeared first on Security Boulevard.

Authentication 98

Authentication Accountability Hacking Ransomware 98

Security Affairs

MARCH 13, 2023

More at: [link] #cybersecurity #InfoSec #VulnerabilityManagement pic.twitter.com/hNwDHFaPtt — CISA Cyber (@CISACyber) March 10, 2023 “This issue allowed an attacker with access to the server administrator’s Plex account to upload a malicious file via the Camera Upload feature and have the media server execute it.

Media 98

Media InfoSec Password Management Engineering 98

Security Affairs

DECEMBER 17, 2019

Infosec researchers have uncovered an unsecured Elasticsearch database containing 1.3TB of web server log entries held by Chinese e-commerce website LightInTheBox.com. “This data breach represents a major lapse in LighInTheBox’s data security. Iran, hacking). Pierluigi Paganini. SecurityAffairs –.

Retail 92

Retail InfoSec Data breaches Advertising 92

NopSec

DECEMBER 4, 2015

based provider of next generation threat protection, it takes companies, on average, more than 200 days to detect they are being hacked. Couple that result with the 2015 Verizon Data Breach Investigations Report that found 99.9 According to FireEye, a U.S.

InfoSec 52

InfoSec Technology Encryption Data breaches 52

Security Boulevard

JANUARY 15, 2023

The post Meta’s EU Ad Practices Ruled Illegal, Twitter API Data Breach, Vulnerabilities in Major Car Brands appeared first on The Shared Security Show. The post Meta’s EU Ad Practices Ruled Illegal, Twitter API Data Breach, Vulnerabilities in Major Car Brands appeared first on Security Boulevard.

Data breaches 52

Data breaches Advertising Marketing Data privacy 52

SiteLock

AUGUST 27, 2021

One year ago in February, the major eBay hack was in progress, eventually resulting in over 233 million passwords being stolen. Take a look at the New York Times’ coverage of the data breach here for more insight. The Infosec Institute recently wrote a topic on the subject, which can be read here. Anthem Cyber Attack.

Passwords 95

Passwords Cybersecurity Internet Internet 95

CyberSecurity Insiders

JUNE 16, 2023

The OWASP API Security Project ranks excessive data exposure as the third most important API security risk. And recent data breaches also serve to warn peers of these issues. A single API hack on T-Mobile resulted in the data exposure of 37 million customers.

Risk 131

Risk Firewall Data breaches InfoSec 131

Security Affairs

OCTOBER 9, 2022

Everest ransomware operators claimed to have hacked South Africa state-owned company ESKOM Hld SOC Ltd. At the same time, the Everest Ransom gang posted a claim about the hack of the South African state-owned electricity company. SecurityAffairs – hacking, ESKOM). Is having some server issues. Price 200,000 $.

Energy and Utilities 102

Energy and Utilities Ransomware InfoSec Hacking 102

Security Boulevard

NOVEMBER 4, 2024

In episode 353, we discuss the February 2024 ransomware attack on Change Healthcare, resulting in the largest data breach of protected health information in history. We explore the implications of this significant breach and whether paying ransoms is a viable solution.

Healthcare 105

Healthcare Data breaches Ransomware Data privacy 105

Troy Hunt

MARCH 2, 2020

These were companies spanning all sorts of different industries; big tech, general infosec, antivirus, hosting, finance, e-commerce, cyber insurance - I could go on. Anyone can cobble together a website with some APIs and load in a ton of data breaches, but establishing trust is a whole different story.

Data breaches 354

Data breaches Marketing Cyber Insurance InfoSec 354

Security Affairs

SEPTEMBER 2, 2022

JavaScript #skimmer overlayed onto payment page of an infected #Magento ecommerce store to steal payment card data from visitors exfils to united81[.]com com #magecart #infosec #cybersecurity #malware [link] pic.twitter.com/x8VrkKzXPc — Luke Leal (@rootprivilege) August 26, 2022. SecurityAffairs – hacking, Log4Shell).

Digital transformation 102

Digital transformation eCommerce InfoSec Media 102

CyberSecurity Insiders

JULY 3, 2021

As any infosec manager will tell you, no matter how secure your infrastructure, anyone with the right credentials can walk through the front door. It’s still entirely too easy to steal someone’s credentials, which is why identity theft continues to be a primary cause of data breaches.

Authentication 140

Authentication Identity Theft Technology InfoSec 140

eSecurity Planet

AUGUST 9, 2022

GDPR, the EU’s flagship data privacy and “right to be forgotten” regulation, has made the stakes of a data breach higher than ever. M]uch of InfoSec management falls back on employee training and avoiding employee error – particularly with respect to phishing , spear phishing, and encryption lapses.”. In the U.S.,

Data privacy 145

Data privacy Encryption Data breaches Insurance 145

Security Boulevard

FEBRUARY 19, 2023

The case of former Ubiquiti employee, Nickolas Sharp, who pled guilty to multiple […] The post Reddit Hacked, Preventing Accidental Location Sharing, Developer Hacks His Own Company appeared first on The Shared Security Show.

Hacking 52

Hacking Phishing Data privacy Data breaches 52

SC Magazine

APRIL 14, 2021

Remember the 2014 Sony hack? One example has been the Vastaamo data breach in Finland. The sensitive data of more than 40,000 patients, many of whom were children, had been compromised in 2018. Finnish infosec pros organized to track and protect patients from further abuse.

Government 107

Government Risk Information Security InfoSec 107

ForAllSecure

JULY 14, 2021

As we head to Hacker Summer Camp, how should we rebuild our infosec communities to be more inclusive and diverse? I'm attending in person this year, as are a lot of people in the InfoSec world. Rather, I choose to see this as a fresh start to create a new community within InfoSec. Jack Daniel offers his unique voice.

Hacking 52

Hacking InfoSec Media Technology 52