What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-09-20 09:43:58 | Republican Governors Association email server breached by state hackers (lien direct) | The Republican Governors Association (RGA) revealed in data breach notification letters sent last week that its servers were breached during an extensive Microsoft Exchange hacking campaign that hit organizations worldwide in March 2021. [...] | Data Breach | ★★ | |
 |
2021-09-14 20:36:00 | Massachusetts AG Launches Probe into T-Mobile Data Breach (lien direct) | T-Mobile data breach under investigation by Massachusetts attorney general Maura Healey | Data Breach | ||
 |
2021-09-14 20:35:54 | Cyber Insurance: How to Meet Requirements, Save Money and Reduce Risk (lien direct) | As the average cost of a data breach reaches a record high of $4.24 million, one successful zero-day exploit or ransomware attack has the potential to take down a business completely. Having cyber insurance, or... | Ransomware Data Breach | ||
 |
2021-09-14 09:13:00 | Mass health tracker data breach has UK impact (lien direct) | As the average cost of a data breach reaches a record high of $4.24 million, one successful zero-day exploit or ransomware attack has the potential to take down a business completely. Having cyber insurance, or... | Data Breach | ||
 |
2021-09-14 04:04:51 | Grâce à l'objectif de l'analyste: la puissance réelle des services de détection et de réponse gérés Through the Analyst Lens: The Real Power of Managed Detection and Response Services (lien direct) |
La menace constante de la violation de données fait que les organisations examinent leur capacité à protéger l'entreprise de la prochaine grande attaque.Mais la technologie à elle seule n'a pas réduit votre temps moyen à détecter et à répondre.Selon Craig Robinson, directeur de programme au sein de la pratique de recherche sur les services de sécurité d'IDC \\ et auteur de la dernière étude IDC Marketscape dans les services de détection et de réponse gérés aux États-Unis, «Il y aura de plus en plus de besoin de MDRServices à l'avenir.Dans les talons de la publication IDC Marketscape, je me suis assis avec Craig pour découvrir ce que les clients et les vendeurs voient
The constant threat of data breach has organizations scrutinizing their ability to protect the business from the next big attack. But technology alone won\'t reduce your mean-time-to-detect and respond. According to Craig Robinson, Program Director within IDC\'s Security Services research practice and author of the latest IDC MarketScape study in U.S. Managed Detection and Response (MDR) Services, “there is going to be more and more of a need for MDR Services in the future.” On the heels of the IDC MarketScape publication, I sat down with Craig to discover what customers and vendors are seeing |
Data Breach Threat Studies | ★★★ | |
 |
2021-09-12 00:00:00 | Règlements et ransomwares: un aperçu rapide de la vue d'ensemble de ce que les entreprises doivent savoir sur les ransomwares et les réglementations connexes. Regulations & Ransomware: A Quick OverviewAn overview of what enterprises need to know about ransomware and related regulations.Read More (lien direct) |
As cybersecurity threats continue to evolve, ransomware has recently come into focus as one of the more prominent and challenging types of attacks to deal with. Not only do companies need to face the security implications of having their data fall into the hands of cybercriminals, but there can be significant costs around paying ransoms and/or recovering systems and files. Plus, paying ransoms can raise some ethical if not legal issues. There are already several existing regulations that enterprises need to keep in mind if hit with a ransomware attack. And as the risk grows, a number of new regulations are under consideration around the world.In this brief overview, weâll explore what enterprises need to know about ransomware and related regulations.What Is Ransomware?Before diving into what to do about ransomware and what regulations to follow, itâs important to understand what ransomware is.âRansomware is a form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption,â explains the U.S. Cybersecurity & Infrastructure Security Agency (CISA).In other words, ransomware can lock a user out of their own files/systems, which can bring work to a halt. Even if the ransom is paid and everything gets unlocked, itâs possible that the cybercriminals stole data meanwhile. While some of the more headline-grabbing attacks have been at large, well-known companies, ransomware can essentially affect anyone, regardless of size, industry or location.How to Reduce the Risk of RansomwareAlthough ransomware is on the rise, there are still several steps organizations can take to reduce the risk of a ransomware attack or at least mitigate the damage.âAs with all risks posed by external actors, the likelihood that a ransomware attack is successful can be drastically reduced by tightening the security of the data controlling environment,â notes the European Data Protection Board (EDPB).From updating software and systems with appropriate security patches, to using anti-malware software or related monitoring services, there are many cybersecurity best practices that can potentially keep ransomware out, as the EDPB highlights.If ransomware does take hold, having complete backups can help. As the EDPB notes, the impact of ransomware âcould effectively be contained,â by resetting systems to wipe out the ransomware and then âfixing the vulnerabilities and restoring the affected data soon after the attack.âOrganizations can also get a better handle on ransomware risk via cyber risk quantification (CRQ), such as through Kovrrâs insurance-validated risk models. CRQ works by analyzing factors such as past cyber events and the technologies and service providers that a company uses to then quantify what companies might lose if a cyber attack like ransomware occurs. Part of being prepared means knowing how much is at stake financially, and CRQ can help organizations focus on the areas that present the largest financial risk. âWhat Ransomware Regulations Exist?Current ransomware regulations differ around the world, so the specific rules an enterprise needs to follow depends on factors like what markets they operate in and whether they fall under certain jurisdictions.Communicating AttacksOne of the more notable rules that relates to ransomware is the EUâs General Data Protection Regulation (GDPR), which can still apply to companies outside Europe, such as those that have customers in the EU. Under GDPR, explains the EDPB, a personal data breach needs to be reported to relevant authorities and potentially to the people whose data gets exposed. So, for example, if a ransomware incident involves a cybercriminal locking up files that contain personal information, such as financial or medical records, then the affected company may need to report that to those affected.In the U.S. the | Ransomware Data Breach Malware Vulnerability Prediction Medical | ★★★ | |
 |
2021-09-10 20:17:59 | MyRepublic Data Breach Raises Data-Protection Questions (lien direct) | The incident raises considerations for security for critical data housed in third-party infrastructure, researchers say. | Data Breach | ||
|
2021-09-10 14:47:38 | MyRepublic discloses data breach exposing government ID cards (lien direct) | MyRepublic Singapore has disclosed a data breach exposing the personal information of approximately 80,000 mobile subscribers. [...] | Data Breach | ||
 |
2021-09-07 18:50:08 | Data Privacy Day 6 months later: A look at privacy trends and solutions (lien direct) | Does your company need a head of data privacy, a data breach response plan, blockchain technology or something else to keep its data safe? Here are some challenges and recommendations. | Data Breach | ||
|
2021-09-06 08:28:00 | Dallas School District Reveals Major Data Breach (lien direct) | Student, parent and employee info dating back to 2010 was taken | Data Breach | ||
 |
2021-09-05 10:35:43 | Breach Exposed Dallas Student, Parent, Teacher Personal Data (lien direct) | A data breach at the Dallas public school system earlier this month exposed the personal information of students, parents, teachers and staff dating to 2010, system officials revealed Thursday. | Data Breach | ||
|
2021-09-03 15:57:00 | Student Sues Syracuse University Over Data Breach (lien direct) | Class action lawsuit filed against university after exposure of thousands of students' Social Security numbers | Data Breach | ||
|
2021-09-03 02:10:00 | UK Gun Owners\' Data Exposed (lien direct) | Addresses of British firearm owners leaked online after gun e-tailer confirms data breach | Data Breach | ||
|
2021-09-02 12:31:12 | Recruiting Firm Apparently Pays Ransom After Being Targeted by Hackers (lien direct) | Administrative staffing agency Career Group, Inc. this week started sending notification letters to customers who were affected by a data breach that occurred in late June. | Data Breach | ||
|
2021-08-31 17:05:00 | Illinois Physicians Notify 600K Patients of Data Breach (lien direct) | DuPage Medical Group says hack may have exposed patients' information | Data Breach Hack | ||
 |
2021-08-31 16:30:00 | Reduce the Harm of a Data Breach With Data Security Analytics (lien direct) | Over the last year, the average total cost of a data breach increased nearly 10% to $4.24 million. That’s the highest average in the history of IBM Security’s annual Cost of a Data Breach Report. This was due to a number of factors. Increased remote working due to the COVID-19 pandemic and digital transformation both […] | Data Breach | ||
|
2021-08-27 12:51:07 | T-Mobile CEO: Hackers brute-forced their way through our network (lien direct) | Today, T-Mobile's CEO Mike Sievert said that the hackers behind the carrier's latest massive data breach were able to brute force their way through T-Mobile's network after gaining access to testing environments. [...] | Data Breach | ||
 |
2021-08-27 09:30:28 | Beyond the pandemic: Why are data breach costs at an all‑time high? (lien direct) | It might be tempting to blame the record-high costs of data breaches on the COVID-19 pandemic alone. But dig deeper and a more nuanced picture emerges. | Data Breach | ||
 |
2021-08-26 08:16:19 | Personal Data and docs of Swiss town Rolle available on the dark web (lien direct) | Documents and personal details of residents of the small Swiss town Rolle, on the shores of Lake Geneva, were stolen in a ransomware attack. The Swiss town Rolle disclosed the data breach after a ransomware attack, personal details of all its 6,200 inhabitants were stolen by threat actors. The threat actors compromised some administrative servers […] | Ransomware Data Breach Threat | ||
|
2021-08-25 18:55:00 | Revere Health Data Breach Impacts Cardiology Patients (lien direct) | Phishing attack on Utah healthcare provider exposes PII of 12K patients | Data Breach | ||
|
2021-08-25 16:00:00 | How to Quantify the Actual Cost of a Data Breach for Your Own Organization (lien direct) | As business leaders, we need to know what the biggest risks to our organizations are. All organizations face numerous disruptive challenges in today’s business environment that can create significant new business opportunities, but also can increase potential cybersecurity risks to the organizations. To address these issues, we need to focus our scarce resources on those […] | Data Breach Guideline | ||
|
2021-08-24 18:47:41 | Nokia-Owned SAC Wireless Discloses Data Breach (lien direct) | United States-based Nokia-owned SAC Wireless has started sending notification letters to its current and former employees to inform them of a data breach that might have impacted them. | Data Breach | ||
|
2021-08-24 11:08:36 | T-Mobile Sued Over Data Breach Affecting Millions of Customers (lien direct) | Class action lawsuits have been filed against T-Mobile over the recently disclosed data breach that has been confirmed to impact more than 50 million of the company's customers. | Data Breach | ★★★★★ | |
|
2021-08-23 20:49:00 | AT&T Denies Data Breach (lien direct) | Threat actor says AT&T will admit breach when personal data of 70 million customers is leaked | Data Breach Threat | ||
|
2021-08-23 12:16:54 | Nokia subsidiary discloses data breach after Conti ransomware attack (lien direct) | SAC Wireless, a US-based and independently-operating Nokia company subsidiary, has disclosed a data breach following a ransomware attack where Conti operators were able to successfully breach its network, steal data, and encrypt systems. [...] | Ransomware Data Breach | ||
 |
2021-08-23 06:48:23 | Researchers Detail Modus Operandi of ShinyHunters Cyber Crime Group (lien direct) | ShinyHunters, a notorious cybercriminal underground group that's been on a data breach spree since last year, has been observed searching companies' GitHub repository source code for vulnerabilities that can be abused to stage larger scale attacks, an analysis of the hackers' modus operandi has revealed.
"Primarily operating on Raid Forums, the collective's moniker and motivation can partly be |
Data Breach | ||
|
2021-08-22 07:59:02 | T-Mobile data breach could be worse than initially thought, 54 million customers impacted (lien direct) | T-Mobile data breach could be worse than initially thought, an update to the investigation reveals that over 54 million individuals were impacted. T-Mobile data breach could be worse than initially thought, according to an update to the investigation over 54 million customers had their data compromised. Recently T-Mobile has launched an investigation into a possible […] | Data Breach | ||
 |
2021-08-21 11:08:34 | T-Mobile confirms fifth data breach in three years (lien direct) | T-Mobile has confirmed media reports from earlier this week that it had suffered a serious data breach. And it's not just existing T-Mobile users who should be alarmed, but former and prosepective customers as well. | Data Breach | ||
 |
2021-08-20 19:10:32 | T-Mobile\'s data breach exposes the personal data of 40 million (lien direct) | 
T-Mobile, the popular US mobile phone service provider, recently confirmed a data breach affecting 7.8 million current customers and 40 million records from past or prospective customers. The...
|
Data Breach | ||
|
2021-08-20 18:56:00 | NYC Teachers\' Social Security Numbers Exposed (lien direct) | Data breach reported by students was allegedly ignored by school for months | Data Breach | ||
 |
2021-08-20 13:38:31 | T-Mobile data breach impacts over 40 million users – Security Experts Have Their Say (lien direct) | T-Mobile, one of the world’s largest telecommunications providers and mobile networks, admitted this week that over 40 million customers had been impacted by a data breach. With a reported 104 million T-Mobile customers, this latest breach has hit a significant number of the user base. The company released a statement saying “a highly sophisticated cyberattack” […] | Data Breach | ★★ | |
|
2021-08-20 12:30:05 | T-Mobile data breach just got worse - now at 54 million customers (lien direct) | The T-Mobile data breach keeps getting worse as an update to their investigation now reveals that cyberattack exposed over 54 million individuals' data. [...] | Data Breach | ||
|
2021-08-20 11:29:47 | How to protect your T-Mobile account in light of the latest data breach (lien direct) | In response to a breach that compromised the personal data of millions of subscribers, T-Mobile customers should change their password and PIN and set up two-step verification. | Data Breach | ||
|
2021-08-20 09:43:40 | AT&T denies data breach after hacker auctions 70 million user database (lien direct) | AT&T says that they did not suffer a data breach after a well-known threat actor claimed to be selling a database containing the personal information of 70 million customers. [...] | Data Breach Threat | ||
|
2021-08-19 15:05:00 | JPMorgan Chase Notifies Customers of Data Breach (lien direct) | Technical issues may have allowed customers in Montana to view other customers' personal data | Data Breach | ||
 |
2021-08-19 11:53:19 | ROUNDTABLE: Why T-Mobile\'s latest huge data breach could fuel attacks directed at mobile devices (lien direct) | TMobile has now issued a formal apology and offered free identity theft recovery services to nearly 48 million customers for whom the telecom giant failed to protect their sensitive personal information. At the start of this week, word got out … (more…) | Data Breach | ||
 |
2021-08-19 11:17:56 | T-Mobile Data Breach (lien direct) | It’s a big one: As first reported by Motherboard on Sunday, someone on the dark web claims to have obtained the data of 100 million from T-Mobile’s servers and is selling a portion of it on an underground forum for 6 bitcoin, about $280,000. The trove includes not only names, phone numbers, and physical addresses but also more sensitive data like social security numbers, driver’s license information, and IMEI numbers, unique identifiers tied to each mobile device. Motherboard confirmed that samples of the data “contained accurate information on T-Mobile customers.”... | Data Breach | ||
|
2021-08-19 08:34:00 | T-Mobile: 49 Million Customers Hit by Data Breach (lien direct) | US carrier reveals sixth breach in past four years | Data Breach | ||
|
2021-08-18 16:24:33 | T-Mobile: Breach Exposed SSN/DOB of 40M+ People (lien direct) | T-Mobile warned Monday that a data breach has exposed the names, date of birth, Social Security number and driver's license/ID information of more than 40 million current, former or prospective customers. The acknowledgment came less than 48 hours after millions of the stolen T-Mobile customer records went up for sale in the cybercrime underground. | Data Breach | ||
|
2021-08-18 16:10:56 | T-Mobile data breach has impacted 48.6 million customers (lien direct) | T-Mobile has confirmed that hackers have stolen records belonging to 48.6 million of current and former customers. Recently T-Mobile has launched an investigation into a possible security breach after a threat actor started offering for sale 100 million T-Mobile customer records on the dark web. Bleeping Computer reported that the seller was asking for 6 […] | Data Breach Threat | ||
|
2021-08-18 13:00:00 | How AI Prevents Fatigue After Data Breaches (lien direct) | I have data breach fatigue. Every day, my inbox is flooded with dozens of emails about the newest data breaches and what causes them. Five years ago, I took note of every company listed and the mistakes made that led to the breach. Today, I barely skim them. How many times can I read that a […] | Data Breach | ||
|
2021-08-18 12:14:53 | T-Mobile Confirms Data Breach Impacts Millions of Customers (lien direct) | T-Mobile has confirmed that hackers have stolen files storing information on millions of current and former customers. | Data Breach | ||
 |
2021-08-17 17:56:00 | Anomali Cyber Watch: Anomali Cyber Watch: Aggah Using Compromised Websites to Target Businesses Across Asia, eCh0raix Targets Both QNAP and NAS, LockBit 2.0 Targeted Accenture, and More (lien direct) | The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: China, Critical Infrastructure, Data Storage, LockBit, Morse Code, Ransomware, and Vulnerabilities. . The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity.
Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
Colonial Pipeline Reports Data Breach After May Ransomware Attack
(published: August 16, 2021)
Colonial Pipeline, the largest fuel pipeline in the United States, is sending notification letters to 5,810 individuals affected by the data breach resulting from the DarkSide ransomware attack. During the incident, which occurred during May this year, DarkSide also stole roughly 100GB of files in about two hours. Right after the attack Colonial Pipeline took certain systems offline, temporarily halted all pipeline operations, and paid $4.4 million worth of cryptocurrency for a decryptor, most of it later recovered by the FBI. The DarkSide ransomware gang abruptly shut down their operation due to increased level of attention from governments, but later resurfaced under new name BlackMatter. Emsisoft CTO Fabian Wosar confirmed that both BlackMatter RSA and Salsa20 implementation including their usage of a custom matrix comes from DarkSide.
Analyst Comment: BlackMatter (ex DarkSide) group added "Oil and Gas industry (pipelines, oil refineries)" to their non-target list, but ransomware remains a significant threat given profitability and the growing number of ransomware threat actors with various levels of recklessness. Double-extortion schemes are adding data exposure to a company's risks. Stopping ransomware affiliates requires defense in depth including: patch management, enhancing your Endpoint Detection and Response (EDR) tools with ThreatStream, the threat intelligence platform (TIP), and utilizing data loss prevention systems (DLP).
MITRE ATT&CK: [MITRE ATT&CK] Data Encrypted for Impact - T1486
Tags: Darkside, BlackMatter, Colonial Pipeline, Oil and Gas, Ransomware, Salsa20, Data Breach, USA
Indra — Hackers Behind Recent Attacks on Iran
(published: August 14, 2021)
Check Point Research discovered that a July 2021 cyber attack against Iranian railway system was committed by Indra, a non-government group. The attackers had access to the targeted networks for a month and then deployed a previously unseen file wiper called Meteor effectively disrupting train service throughout the country. Previous versions of the Indra wiper named Stardust and Comet were seen in Syria, where Indra was attacking oil, airline, and financial sectors at least since 2019.
Analyst Comment: It is concerning that even non-government threat actors can damage a critical infrastructure in a large country. Similar to ransomware protection, with regards to wiper attacks organizations should improve their intrusion detection methods and have a resilient backup system.
MITRE ATT&CK: [MITRE ATT&CK] Data Destruction - T1485 | [MITRE ATT&CK] File Deletion - T1107 | |
Ransomware Data Breach Malware Hack Tool Vulnerability Threat Guideline | APT 27 APT 27 | |
 |
2021-08-17 17:51:52 | T-Mobile Data Breach Amplifies Larger Cybersecurity Challenge (lien direct) |
Reports came out this week that T-Mobile had suffered a data breach. T-Mobile claims that the leak has been sealed. They deserve credit for responding quickly, but for some the damage may already be done. The data itself may not pose a direct risk to anyone, but the more information cybercriminals can obtain and correlate, the more effective future attacks will be. |
Data Breach | ||
|
2021-08-17 08:45:00 | Colonial Pipeline Reportedly Admits Data Breach (lien direct) | Ransomware actors may have compromised employee information | Ransomware Data Breach | ||
|
2021-08-17 07:04:00 | Colonial Pipeline discloses data breach after May ransomware attack (lien direct) | Colonial Pipeline discloses a data breach of the personal information of thousands of individuals after the ransomware attack that took place in May 2021. Colonial Pipeline has started notifying more than 5000 people that had their personal information compromised after a ransomware attack that took place in May. The Colonial Pipeline facility in Pelham, Alabama […] | Ransomware Data Breach | ||
|
2021-08-17 05:41:00 | Educational publisher Pearson fined for data breach cover-up (lien direct) | Colonial Pipeline discloses a data breach of the personal information of thousands of individuals after the ransomware attack that took place in May 2021. Colonial Pipeline has started notifying more than 5000 people that had their personal information compromised after a ransomware attack that took place in May. The Colonial Pipeline facility in Pelham, Alabama […] | Data Breach | ||
|
2021-08-16 23:53:37 | T-Mobile Investigating Claims of Massive Data Breach (lien direct) | Communications giant T-Mobile said today it is investigating the extent of a data breach that hackers claim has exposed sensitive personal data on 100 million T-Mobile USA customers, in many cases including the name, Social Security number, address, date of birth, phone number, security PINs and details that uniquely identify each customer's mobile device. | Data Breach | ||
|
2021-08-16 21:27:53 | T-Mobile confirms data breach that exposed customer personal info (lien direct) | T-Mobile confirms a breach after threat actors claimed to have obtained records of 100 million of its customers and offered them for sale. T-Mobile has confirmed a data breach that exposed personal information from over 100 million of its US customers. Yesterday the company announced it launched an investigation into a possible data breach after […] | Data Breach Threat | ||
 |
2021-08-16 20:44:22 | The T-Mobile Data Breach Is One You Can\'t Ignore (lien direct) | Hackers claim to have obtained the data of 100 million people-including sensitive personal information. | Data Breach |
To see everything:
Our RSS (filtrered)
