What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-06-07 13:27:56 | Issu de pirates \\ 'ultimatum \\' sur la violation des données de la paie Hackers Issue \\'Ultimatum\\' Over Payroll Data Breach (lien direct) |
Le gang de ransomware CLOP a publié des sociétés "un ultimatum" ciblées dans un récent hack à grande échelle de données de paie
The Clop ransomware gang issued "an ultimatum" companies targeted in a recent large-scale hack of payroll data |
Ransomware Data Breach Hack | ★★ | |
 |
2023-06-07 10:30:07 | Une plongée profonde dans le rapport Verizon 2023 DBIR: Erreur humaine, ransomware et exploits log4j A Deep Dive into the Verizon 2023 DBIR Report: Human Error, Ransomware, and Log4j Exploits (lien direct) |
Le rapport Verizon 2023 Data Breach Investigations (DBIR) présente une analyse complète des violations mondiales de données, offrant des informations précieuses sur l'état contemporain des menaces de cybersécurité.Dans cette analyse, nous plongerons dans les principales conclusions du rapport, y compris le rôle répandu de l'erreur humaine, la menace persistante de ransomware et l'impact du log4j [& # 8230;]
The Verizon 2023 Data Breach Investigations Report (DBIR) presents a comprehensive analysis of global data breaches, offering valuable insights into the contemporary state of cybersecurity threats. In this analysis, we will delve into key findings from the report, including the prevalent role of human error, persistent threat of ransomware, and the impact of the Log4j […] |
Data Breach Threat | ★★★ | |
 |
2023-06-07 10:00:00 | How can small businesses ensure Cybersecurity? (lien direct) | The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Small businesses are more vulnerable to cyber-attacks since hackers view them as easy victims to target. While this may seem unlikely, statistics reveal that more than half of these businesses experienced some form of cyber-attack in 2022. It\'s also reported that state-sponsored threat actors are diversifying their tactics and shifting their focus toward smaller enterprises. Cyber-attacks against small-sized businesses do not always make headlines, but they have potentially catastrophic impacts. These attacks can result in significant financial and data loss, sometimes shutting down the business. Therefore, it’s crucial that small businesses make cybersecurity a top priority. What drives more cybersecurity attacks on small businesses? Small businesses are on the target list of hackers mainly because they focus less on security. On average, SMBs and small businesses allocate 5%-20% of their total budget to security. Additionally, human mistakes are the root cause of 82% of cyber breaches in organizations. Cybercriminals take advantage of their weak security infrastructure and exploit the behavior of careless employees to launch insider threats and other cyber-attacks successfully. A report reveals various cyber-attacks that often target small businesses, such as malware, phishing, data breaches, and ransomware attacks. Also, small businesses are vulnerable to malware, brute-force attacks, ransomware, and social attacks and may not survive one incident. The influx of remote working culture has added new challenges and cybersecurity risks for small businesses. This culture has given rise to a large number of personal devices like mobile phones, laptops, and tablets that can easily access sensitive information. Many employees don\'t undergo regular scans of their phones and laptops for potential vulnerabilities. In addition, few companies can provide access to password management software or VPNs to protect their internet connection and credentials and maintain security on rogue Wi-Fi networks. Statistics also reveal that only 17% of small businesses encrypt their data, which is alarming. Moreover, small businesses are at a higher risk of being attacked because they have limited resources to respond to cyber-attacks. Unlike large organizations, they don\'t have a dedicated IT team with exceptional skills and experience to deal with complex cyber-attacks. They also have a limited budget to spend on effective cyber security measures. Hence they don\'t invest in advanced cybersecurity solutions or hire professionals to manage their cybersecurity. Impacts of a Cybersecurity attack on small businesses Cyber-attacks on small businesses can result in | Ransomware Data Breach Vulnerability Threat Cloud | ★★ | |
 |
2023-06-06 21:40:59 | Verizon 2023 DBIR: les attaques DDOS dominent et préalable à la croissance du BEC Verizon 2023 DBIR: DDoS attacks dominate and pretexting lead to BEC growth (lien direct) |
>In Verizon\'s just-released 2023 Data Breach Investigations Report, money is king, and denial of service and social engineering still hold sway.
>In Verizon\'s just-released 2023 Data Breach Investigations Report, money is king, and denial of service and social engineering still hold sway. |
Data Breach | ★★ | |
 |
2023-06-06 14:03:29 | British Airways Data Breach - Analyse de Forrester (lien direct) | Suite à la violation de données de British Airways hier, Enza Iannopollo, analyste principal chez Forrester, analyse cette attaque. - Malwares | Data Breach | ★★ | |
|
2023-06-06 10:52:48 | Verizon 2023 DBIR: Erreur humaine impliquée dans de nombreuses violations, les surtensions des coûts des ransomwares Verizon 2023 DBIR: Human Error Involved in Many Breaches, Ransomware Cost Surges (lien direct) |
>Verizon\'s 16th annual Data Breach Investigations Report (DBIR) provides data on ransomware costs, the frequency of human error in breaches, and BEC trends.
>Verizon\'s 16th annual Data Breach Investigations Report (DBIR) provides data on ransomware costs, the frequency of human error in breaches, and BEC trends. |
Ransomware Data Breach | ★★ | |
 |
2023-06-06 02:59:40 | Ce que font les API et ne faites pas What APIs Do and Don\\'t Do (lien direct) |
Il est difficile d'être dans le domaine de la technologie et de ne pas entendre parler d'API ces jours-ci.Qu'il s'agisse du lancement de l'API Chatgpt ou des nouvelles d'une violation de données importante sur Twitter, les API ont leur temps sous les projecteurs.Pourtant, malgré leur ubiquité, beaucoup ont encore des questions sur les capacités (et les limitations) des API.À quoi servent les API?Que font-ils?Et que sont-ils incapables de faire à l'ère actuelle?Qu'est-ce qu'une API?Une API est une interface de programmation d'applications - un petit logiciel conçu pour la communication.Une API sert de messager entre un utilisateur final et un site Web ou une application ...
It\'s hard to be in the realm of technology and not hear about APIs these days. Whether it\'s the launch of the ChatGPT API or news of a significant data breach at Twitter, APIs are having their time in the spotlight. Yet, despite their ubiquity, many still have questions about APIs\' capabilities (and limitations). What are APIs for? What do they do? And what are they unable to do in the current era? What is an API? An API is an Application Programming Interface - a small piece of software designed for communication. An API serves as a messenger between an end user and a website or application... |
Data Breach | ChatGPT ChatGPT | ★★ |
 |
2023-06-06 02:30:00 | La mauvaise configuration des nuages provoque une violation massive de données chez Toyota Motor Cloud misconfiguration causes massive data breach at Toyota Motor (lien direct) |
Les données sur les véhicules et les informations sur les clients ont été exposées pendant plus de huit ans en raison d'une erreur de configuration du cloud chez Toyota Motor qui a eu un impact sur 260 000 clients.
Vehicle data and customer information were exposed for over eight years due to a cloud misconfiguration at Toyota Motor that impacted over 260,000 customers. |
Data Breach Cloud | ★★★★ | |
 |
2023-06-05 17:59:29 | Exploit Moveit Zero-Day utilisé par les gangs de violation de données: comment, le pourquoi et ce qu'il faut faire… MOVEit zero-day exploit used by data breach gangs: The how, the why, and what to do… (lien direct) |
Little Bobby Tables est de retour!
Little Bobby Tables is back! |
Data Breach | ★★ | |
 |
2023-06-05 16:59:37 | Moveit Hack: BBC, BA et Boots parmi les victimes de cyberattaques MOVEit hack: BBC, BA and Boots among cyber attack victims (lien direct) |
Le personnel de plusieurs organisations est averti d'une violation de données de paie après le piratage d'un fournisseur informatique.
Staff at multiple organisations are warned of a payroll data breach after an IT supplier is hacked. |
Data Breach | ★ | |
 |
2023-06-05 14:52:00 | BBC et British Airways frappés par Zero-Day sur la société de paie Zellis BBC and British Airways hit by zero-day on payroll company Zellis (lien direct) |
La BBC et British Airways (BA) ont confirmé lundi que les données personnelles de leur personnel avaient été exposées à des pirates à la suite d'un cyber-incident ayant un impact sur leur fournisseur de paie Zellis.Un porte-parole de la BBC, qui emploie plus de 21 000 personnes, a confirmé que la société était «au courant d'une violation de données à notre fournisseur tiers,
The BBC and British Airways (BA) confirmed on Monday that the personal data of their staff has been exposed to hackers following a cyber incident impacting their payroll provider Zellis. A spokesperson for the BBC, which employs over 21,000 people, confirmed that the company was “aware of a data breach at our third party supplier, |
Data Breach | ★★ | |
 |
2023-06-02 12:19:20 | Burton Snowboards révèle la violation des données après l'attaque de février Burton Snowboards discloses data breach after February attack (lien direct) |
Le principal fabricant de snowboard Burton Snowboards a confirmé que les clients informés d'une violation de données après que certaines de leurs informations sensibles ont été "potentiellement" consultées ou volées au cours de ce que la société a décrit en février comme un "cyber-incident".[...]
Leading snowboard maker Burton Snowboards confirmed notified customers of a data breach after some of their sensitive information was "potentially" accessed or stolen during what the company described in February as a "cyber incident." [...] |
Data Breach | ★★ | |
 |
2023-06-02 10:00:00 | Une mauvaise communication lors d'une violation de données peut vous coûter - ici \\ est comment l'éviter Poor Communication During a Data Breach Can Cost You - Here\\'s How to Avoid It (lien direct) |
> Personne n'a besoin de vous dire que les violations de données sont coûteuses.Ces données ont été quantifiées et les nombres sont stupéfiants.En fait, le coût de sécurité IBM d'une violation de données estime que le coût moyen d'une violation de données en 2022 était de 4,35 millions de dollars, 83% des organisations connaissant un ou plusieurs incidents de sécurité.[& # 8230;]
>No one needs to tell you that data breaches are costly. That data has been quantified and the numbers are staggering. In fact, the IBM Security Cost of a Data Breach estimates that the average cost of a data breach in 2022 was $4.35 million, with 83% of organizations experiencing one or more security incidents. […] |
Data Breach | ★★★ | |
 |
2023-06-02 09:30:00 | Insurers Predict $33bn Bill for Catastrophic "Cyber Event" (lien direct) | L'événement d'un sur 200 pourrait provenir du cloud, de la violation de données ou des ransomwares
One-in-200 year event could stem from cloud, data breach or ransomware |
Ransomware Data Breach Prediction | ★★ | |
|
2023-06-01 13:31:54 | Toyota révèle une nouvelle violation de données impliquant un véhicule, des informations sur les clients Toyota Discloses New Data Breach Involving Vehicle, Customer Information (lien direct) |
Toyota affirme que des configurations de nuages incorrectes exposées et des informations sur les clients au Japon et à l'étranger pendant des années.
Toyota says improper cloud configurations exposed vehicle and customer information in Japan and overseas for years. |
Data Breach Cloud | ★★★ | |
 |
2023-05-31 21:08:00 | Encore une autre violation de données de Toyota Cloud metardise des milliers de clients Yet Another Toyota Cloud Data Breach Jeopardizes Thousands of Customers (lien direct) |
Les services de cloud mis à tort nouvellement trouvés sont découverts seulement deux semaines après qu'une violation de données initiale affectant des millions de personnes a été révélée.
The newly found misconfigured cloud services are discovered just two weeks after an initial data breach affecting millions came to light. |
Data Breach Cloud | ★★ | |
|
2023-05-30 16:36:00 | Près de 9 millions de personnes touchées par la violation des données de la cyberattaque sur l'assureur dentaire Nearly 9 million people affected by data breach from cyberattack on dental insurer (lien direct) |
Une attaque de ransomware contre un grand fournisseur d'assurance dentaire a divulgué les informations personnelles de près de neuf millions de personnes aux États-Unis, selon des documents déposés auprès des régulateurs de l'État.Les soins gérés de l'Amérique du Nord (MCNA) sont le plus grand assureur dentaire du pays pour les programmes d'assurance maladie parrainés par le gouvernement et des enfants, fournissant des services à plus
A ransomware attack on a major dental insurance provider leaked the personal information of nearly nine million people across the United States, according to documents filed with state regulators. Managed Care of North America (MCNA) is the largest dental insurer in the nation for government-sponsored Medicaid and Children\'s Health Insurance Programs, providing services to more |
Ransomware Data Breach | ★★ | |
|
2023-05-29 09:49:01 | La violation des données dentaires MCNA a un impact sur 8,9 millions de personnes après une attaque de ransomware MCNA Dental data breach impacts 8.9 million people after ransomware attack (lien direct) |
Managed Care of North America (MCNA) Dental a publié une notification de violation de données sur son site Web, informant près de 9 millions de patients que leurs données personnelles ont été compromises.[...]
Managed Care of North America (MCNA) Dental has published a data breach notification on its website, informing almost 9 million patients that their personal data were compromised. [...] |
Ransomware Data Breach | ★★ | |
|
2023-05-26 19:47:00 | 130k + patients \\ 'numéros de sécurité sociale divulgués dans UHS de la violation de données du Delaware 130K+ Patients\\' Social Security Numbers Leaked in UHS of Delaware Data Breach (lien direct) |
Managed Care of North America (MCNA) Dental a publié une notification de violation de données sur son site Web, informant près de 9 millions de patients que leurs données personnelles ont été compromises.[...]
Managed Care of North America (MCNA) Dental has published a data breach notification on its website, informing almost 9 million patients that their personal data were compromised. [...] |
Data Breach | ★★ | |
|
2023-05-25 16:12:22 | La violation des données chez Apria Healthcare affecte 2 millions de personnes maintenant informés Data Breach At Apria Healthcare Affects 2 Million People Now Notified (lien direct) |
Apria Healthcare, un fabricant d'équipements médicaux pour la maison, envoie des notifications de violation à environ deux millions de personnes dont les informations peuvent avoir été volées dans des violations de données en 2019 et 2021. Près de deux millions de personnes aux États-Unis comptent sur APRIA, ce qui fait de l'APRIA, ce qui fait de l'APRIA, ce qui fait de l'APRIA, ce qui réalise APRIA, ce qui fait de l'APRIA, ce qui a faitC'est l'un des meilleurs fournisseurs de respiratoires à domicile [& # 8230;]
Apria Healthcare, a manufacturer of medical equipment for the home, is sending out breach notifications to roughly two million people whose information may have been stolen in data breaches in 2019 and 2021. Close to two million people in the United States rely on Apria, making it one of the top providers of home respiratory […] |
Data Breach Medical | ★★ | |
|
2023-05-22 15:18:00 | Près de 300 000 personnes touchées par la violation de données dans l'attaque des ransomwares de vaisselle Nearly 300,000 people affected by data breach in DISH ransomware attack (lien direct) |
A attaque de ransomware de février Contre la diffusion géante de la diffusion par satellite a divulgué les informations personnelles de près de 300 000 personnes, selon les documents réglementaires réalisés par la société la semaine dernière.Dish a confirmé qu'il avait été frappé par des ransomwares après avoir subi des pannes répandues .L'attaque a affecté les communications internes de Dish \\, les centres d'appels clients et les sites Web.L'entreprise a déclaré
A February ransomware attack against satellite broadcast giant DISH leaked the personal information of nearly 300,000 people, according to regulatory filings made by the company last week. DISH confirmed that it was hit with ransomware after it suffered widespread outages. The attack affected DISH\'s internal communications, customer call centers, and websites. The company told regulators |
Ransomware Data Breach | ★★ | |
 |
2023-05-22 14:43:40 | 22 mai & # 8211;Rapport de renseignement sur les menaces 22nd May – Threat Intelligence Report (lien direct) |
> Pour les dernières découvertes de cyber-recherche pour la semaine du 22 mai, veuillez télécharger nos principaux attaques et violations de Bulletin Menace_Intelligence, un fournisseur de services de pharmacie aux États-Unis, a révélé une violation de données ayant un impact sur environ 5,8 millions de ses patients.Le gang de ransomware du message monétaire a revendiqué l'attaque en avril et a menacé de fuir [& # 8230;]
>For the latest discoveries in cyber research for the week of 22nd May, please download our Threat_Intelligence Bulletin TOP ATTACKS AND BREACHES PharMerica, a provider of pharmacy services across the U.S., disclosed a data breach impacting approximately 5.8 million of its patients. Money Message ransomware gang claimed the attack during April, and threatened to leak […] |
Ransomware Data Breach Threat | ★★ | |
|
2023-05-20 07:35:32 | Rattrapez les nouvelles et les événements de cette semaine \\ Catch Up On This Week\\'s News and Events (lien direct) |
Toyota: une violation de données tragiques, 2 millions de véhicules touchés pendant dix ans Toyota a révélé une violation de données il y a dix ans qui a eu un impact sur plus de 2 millions de voitures.La brèche a affecté leur service connecté basé sur le cloud, qui est limité aux voitures japonaises entre janvier 2012 et avril 2023. sans aucun problème signalé jusqu'à présent, les numéros d'identification des véhicules (VIN), [& # 8230;]
Toyota: Tragic Data Breach, 2 Million Vehicles Affected For Ten Years Toyota revealed a data breach from ten years ago that impacted over 2 million cars. The breach affected their cloud-based Connected service, which is limited to Japanese cars between January 2012 and April 2023. With no issues reported so far, vehicle identification numbers (VINs), […] |
Data Breach | ★★ | |
 |
2023-05-19 13:25:22 | Toyota Japan confirme une violation de sécurité d'une décennie affectant plus de 2 millions de clients Toyota Japan confirms decade-long security breach affecting more than 2M customers (lien direct) |
Japanese auto firm, Toyota, recently announced that a decade-long data breach in its online service has compromised information on more than 2 million vehicles at risk. Customers affected included those who signed up for the T-Connect network service between the beginning of 2012 until April 17. According to TechCrunch, Toyota said that the exposed data […]
Japanese auto firm, Toyota, recently announced that a decade-long data breach in its online service has compromised information on more than 2 million vehicles at risk. Customers affected included those who signed up for the T-Connect network service between the beginning of 2012 until April 17. According to TechCrunch, Toyota said that the exposed data […] |
Data Breach | ★★ | |
|
2023-05-19 11:34:57 | Le réseau de vaisselle a probablement payé une rançon après une récente attaque de ransomware Dish Network likely paid ransom after recent ransomware attack (lien direct) |
Dish Network, an American television provider, most likely paid a ransom after being hit by a ransomware attack in February based on the wording used in data breach notification letters sent to impacted employees. [...]
Dish Network, an American television provider, most likely paid a ransom after being hit by a ransomware attack in February based on the wording used in data breach notification letters sent to impacted employees. [...] |
Ransomware Data Breach | ★★ | |
|
2023-05-19 09:37:23 | Luxottica confirms 2021 data breach after info of 70M leaks online (lien direct) | Luxottica has confirmed one of its partners suffered a data breach in 2021 that exposed the personal information of 70 million customers after a database was posted this month for free on hacking forums. [...]
Luxottica has confirmed one of its partners suffered a data breach in 2021 that exposed the personal information of 70 million customers after a database was posted this month for free on hacking forums. [...] |
Data Breach | ★★ | |
|
2023-05-18 16:10:00 | La société d'assurance oculaire accepte un règlement de 2,5 millions de dollars avec l'État AGS après une violation de données Eye insurance firm agrees to $2.5 million settlement with state AGs after data breach (lien direct) |
Un important fournisseur d'assurance oculaire paiera une amende de 2,5 millions de dollars après avoir réglé une action en justice de quatre États sur une violation de données de 2020 qui a exposé les informations personnelles d'environ 2,1 millions de personnes.Les procureurs généraux du New Jersey, Oregon, Floride et Pennsylvanie ont annoncé la colonie cette semaine avec des soins visuels yeux.L'entreprise a violé
A major eye insurance provider will pay a fine of $2.5 million after settling a lawsuit from four states about a 2020 data breach that exposed the personal information of about 2.1 million people. Attorneys general from New Jersey, Oregon, Florida and Pennsylvania announced the settlement this week with EyeMed Vision Care. The company violated |
Data Breach | ★★ | |
|
2023-05-17 11:48:00 | Capita accusé de stockage dangereux de données personnelles \\ 'suivant la violation des données Capita accused of \\'unsafe storage of personal data\\' following data breach (lien direct) |
Capita, la société d'externalisation britannique frappée par une attaque de ransomware en mars, fait face à une liste croissante de plaintes de clients après la révélation d'une autre violation de données.Le conseil municipal de Colchester, qui contracte Capita pour les services financiers, a accusé la société de «stockage dangereux des données personnelles» sur un incident historique qui est antérieur au ransomware
Capita, the British outsourcing company hit by a ransomware attack in March, is facing a growing list of complaints from customers following the revelation of another data breach. Colchester City Council, which contracts Capita for financial services, has accused the company of “unsafe storage of personal data” over an historical incident that predates the ransomware |
Ransomware Data Breach | ★★ | |
|
2023-05-16 10:32:14 | Discord subit une violation de données par un tiers compromis Discord Suffers Data Breach Through Compromised Third Party (lien direct) |
La plate-forme de médias sociaux populaire Discord a informé les utilisateurs qu'il a subi une violation de données après que le compte d'un agent de support \\ chez un tiers a été compromis.Une personne malveillante a ensuite acquis un accès non autorisé à la file d'attente d'assistance de l'agent \\, exposant les adresses e-mail des utilisateurs, les messages de prise en charge et les pièces jointes Discord envoyées via le système de billets.Discord & # 8211;qui a [& # 8230;]
Popular social media platform Discord has notified users it has suffered a data breach after a support agent\'s account at a third party became compromised. A malicious individual then gained unauthorised access to the agent\'s support queue, exposing user email addresses, Discord support messages and attachments sent via the ticket system. Discord – which has […] |
Data Breach | ★★★★ | |
|
2023-05-15 14:10:40 | Ransomware gang steals data of 5.8 million PharMerica patients (lien direct) | Pharmacy services provider PharMerica has disclosed a massive data breach impacting over 5.8 million patients, exposing their medical data to hackers. [...]
Pharmacy services provider PharMerica has disclosed a massive data breach impacting over 5.8 million patients, exposing their medical data to hackers. [...] |
Ransomware Data Breach Medical | ★★ | |
|
2023-05-15 13:20:17 | Software Brightly Indiquant 3 millions d'utilisateurs de schoolde de violation de données Brightly Software Notifying 3 Million SchoolDude Users of Data Breach (lien direct) |
> Brightly Software a commencé à information d'environ trois millions d'utilisateurs que leurs informations personnelles ont été compromises dans une violation récente de données.
>Brightly Software has started informing roughly three million users that their personal information was compromised in a recent data breach. |
Data Breach | ★★ | |
|
2023-05-15 13:09:44 | Discord Informs Users of Data Breach Involving Customer Support Provider (lien direct) | > Les communications et la plate-forme sociale Discord informent les utilisateurs d'un cyber-incident impliquant un fournisseur de services tiers.
>Communications and social platform Discord is notifying users of a cyber incident involving a third-party services provider. |
Data Breach | ★★ | |
 |
2023-05-15 12:35:51 | La déconstruction de la sécurité des identités (lien direct) | >Selon le dernier rapport Data Breach Investigations de Verizon , 80 % des attaques d’applications Web de base (BWAA) sont initiées grâce à des identifiants compromis. Or, si la plupart des entreprises connaissent désormais les risques liés aux cybermenaces, beaucoup ne comprennent pas que le nombre d'identités numériques a augmenté de manière exponentielle. La transformation […] The post La déconstruction de la sécurité des identités first appeared on UnderNews. | Data Breach | ★★ | |
|
2023-05-15 10:54:38 | 5,8 millions de personnes touchées par la violation de données à Pharrica 5.8 Million People Affected by Data Breach at PharMerica (lien direct) |
Le 8 avril, l'organisation de ransomware de message monétaire a attaqué le National Pharmacy Network Pharmerica et sa société mère.L'activité de santé à domicile et communautaire BrightSpring Health.Les acteurs de la menace ont exposé des données de preuves, une déclaration a été obtenue auprès de BrightSpring, et des preuves et des allégations supplémentaires ont été obtenues par message monétaire.Message de l'argent a informé Databreaches le 14 avril [& # 8230;]
On April 8 that the Money Message ransomware organization attacked the national pharmacy network PharMerica and its parent company. The home and community healthcare business BrightSpring Health. Threat actors exposed evidence data, a statement was obtained from BrightSpring, and additional evidence and allegations were gained via Money Message. Money Message informed DataBreaches on April 14 […] |
Ransomware Data Breach Threat | ★★ | |
|
2023-05-15 10:40:51 | Pharrica révèle la violation des données ayant un impact sur 5,8 millions de personnes PharMerica Discloses Data Breach Impacting 5.8 Million Individuals (lien direct) |
> Les informations personnelles de plus de 5,8 millions ont été compromises dans une violation de données au National Pharmacy Network Pharmerica.
>The personal information of more than 5.8 million was compromised in a data breach at national pharmacy network PharMerica. |
Data Breach | ★★ | |
|
2023-05-15 10:00:00 | CISOS: Comment améliorer la cybersécurité dans un paysage de menaces en constante évolution CISOs: How to improve cybersecurity in an ever-changing threat landscape (lien direct) |
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. The digital landscape is always changing to keep up with a constantly evolving world, and bad actors are also adapting. For every new development in the digital world, cybercriminals are looking to take advantage of weaknesses, so it is important that those concerned with the security of their organization’s network, data, and other assets stay vigilant and on top of trends. Everybody within an organization should work to establish and maintain good cybersecurity habits and measures, but much of the security burden falls on the chief information security officer (CISO). Below are some key insights for any CISO to take into consideration. Concerns and challenges Since the beginning of the COVID-19 pandemic three years ago, hybrid and remote working solutions have been rising in popularity. This should be a priority area: according to a report from Malwarebytes, 20% of companies reported that a remote worker had caused a security breach. In comparison, 55% cited training employees in security protocols as a major challenge in transitioning to work-from-home infrastructure. Because the shift to hybrid and remote work happened quickly and with an eye for ease of access over security, employees working offsite can pose a great risk to an organization if not provided with adequate cybersecurity training and policies. AI and machine learning are also on the rise, increasingly being utilized by businesses and cybercriminals alike. It is important to recognize that while AI enhancements can provide aid, there is no replacement for the human element in developing a cybersecurity strategy. Understanding and deploying AI and machine learning tools can not only help with fraud detection, spam filtering, and data leak prevention, but it can allow a security officer insight into cybercriminals’ use of the tools. Increasing awareness of the criminal toolkit and operations provides an opportunity to get ahead of threat trends and potentially prevent attacks and breaches. Another major issue is the shortage of qualified cybersecurity professionals leading to a significant struggle with recruitment and retention. In a Fortinet report, 60% of respondents said they were struggling to recruit cybersecurity talent, and 52% said they were struggling to retain qualified people. In the same survey, around two-thirds of organization leaders agreed that the shortage “creates additional risk.” Many factors work in tandem to perpetuate the problem, but the solution doesn’t have to be complicated. Ensuring your employees have a healthy work environment goes a long way, as well as tweaking hiring practices to select “adaptable, highly communicative and curious” people, as these traits make for an employee who will grow and learn with your company. Tips for improving cybersecurity One of the top priorities for CISOs should always be to ensure that all employees are properly trained in cyber hygiene and cybersecurity best practices. Insider threats are a serious issue with no easy solution, and a good number of those (more than half, according to one report) are mistakes due to negligence or ignorance. Traditional threat prevention solutions are often concerned with | Data Breach Spam Threat | ★★ | |
|
2023-05-12 16:01:53 | Toyota: les données sur plus de 2 millions de véhicules au Japon étaient en danger en une violation d'une décennie Toyota: Data on More Than 2 million Vehicles in Japan Were at Risk in Decade-Long Breach (lien direct) |
Une violation de données d'une décennie dans le service en ligne de Toyota \\ a mis des informations sur plus de 2 millions de véhicules à risque.
A decade-long data breach in Toyota\'s online service put some information on more than 2 million vehicles at risk. |
Data Breach | ★★ | |
|
2023-05-12 15:05:20 | Discord divulgue la violation des données après que l'agent d'assistance a été piraté Discord discloses data breach after support agent got hacked (lien direct) |
Discord informe les utilisateurs d'une violation de données qui s'est produite après que le compte d'un agent d'assistance tiers a été compromis.[...]
Discord is notifying users of a data breach that occurred after the account of a third-party support agent was compromised. [...] |
Data Breach | ★★ | |
|
2023-05-12 10:50:33 | Toyota: Données de localisation des voitures de 2 millions de clients exposés pendant dix ans Toyota: Car location data of 2 million customers exposed for ten years (lien direct) |
Toyota Motor Corporation a divulgué une violation de données sur son environnement cloud qui a exposé les informations sur l'auto de 2 150 000 clients pendant dix ans, entre le 6 novembre 2013 et le 17 avril 2023. [...]
Toyota Motor Corporation disclosed a data breach on its cloud environment that exposed the car-location information of 2,150,000 customers for ten years, between November 6, 2013, and April 17, 2023. [...] |
Data Breach Cloud | ★★ | |
|
2023-05-11 18:20:00 | Des pirates nord-coréens derrière la violation des données de l'hôpital à Séoul North Korean Hackers Behind Hospital Data Breach in Seoul (lien direct) |
Data on more than 830K people exposed in the 2021 cyberattack.
Data on more than 830K people exposed in the 2021 cyberattack. |
Data Breach | ★★ | |
|
2023-05-11 16:25:25 | Avertit brillant de la violation de données Schooldude exposant les informations d'identification Brightly warns of SchoolDude data breach exposing credentials (lien direct) |
U.S. Tech Company et Siemens filiale Brightly Software informe les clients que leurs informations personnelles et leurs informations d'identification ont été volées par des attaquants qui ont eu accès à la base de données de sa plate-forme en ligne Schoolde.[...]
U.S. tech company and Siemens subsidiary Brightly Software is notifying customers that their personal information and credentials were stolen by attackers who gained access to the database of its SchoolDude online platform. [...] |
Data Breach | ★★ | |
|
2023-05-10 18:00:00 | La violation de données SYSCO expose les données du client et des employés Sysco Data Breach Exposes Customer, Employee Data (lien direct) |
La société de distribution des aliments a d'abord appris la cyberattaque en mars 2023.
Food distribution company first learned of the cyberattack in March 2023. |
Data Breach | ★★ | |
|
2023-05-09 15:47:42 | Le géant de la distribution des aliments, Sysco, met en garde contre la violation des données après la cyberattaque Food distribution giant Sysco warns of data breach after cyberattack (lien direct) |
Sysco, une principale société mondiale de distribution alimentaire, a confirmé que son réseau avait été violé plus tôt cette année par des attaquants qui ont volé des informations sensibles, y compris les données commerciales, clients et employés.[...]
Sysco, a leading global food distribution company, has confirmed that its network was breached earlier this year by attackers who stole sensitive information, including business, customer, and employee data. [...] |
Data Breach | ★★ | |
 |
2023-05-09 13:00:00 | Cyberheistnews Vol 13 # 19 [Watch Your Back] Nouvelle fausse erreur de mise à jour Chrome Attaque cible vos utilisateurs CyberheistNews Vol 13 #19 [Watch Your Back] New Fake Chrome Update Error Attack Targets Your Users (lien direct) |
CyberheistNews Vol 13 #19 | May 9th, 2023
[Watch Your Back] New Fake Chrome Update Error Attack Targets Your Users
Compromised websites (legitimate sites that have been successfully compromised to support social engineering) are serving visitors fake Google Chrome update error messages.
"Google Chrome users who use the browser regularly should be wary of a new attack campaign that distributes malware by posing as a Google Chrome update error message," Trend Micro warns. "The attack campaign has been operational since February 2023 and has a large impact area."
The message displayed reads, "UPDATE EXCEPTION. An error occurred in Chrome automatic update. Please install the update package manually later, or wait for the next automatic update." A link is provided at the bottom of the bogus error message that takes the user to what\'s misrepresented as a link that will support a Chrome manual update. In fact the link will download a ZIP file that contains an EXE file. The payload is a cryptojacking Monero miner.
A cryptojacker is bad enough since it will drain power and degrade device performance. This one also carries the potential for compromising sensitive information, particularly credentials, and serving as staging for further attacks.
This campaign may be more effective for its routine, innocent look. There are no spectacular threats, no promises of instant wealth, just a notice about a failed update. Users can become desensitized to the potential risks bogus messages concerning IT issues carry with them.
Informed users are the last line of defense against attacks like these. New school security awareness training can help any organization sustain that line of defense and create a strong security culture.
Blog post with links:https://blog.knowbe4.com/fake-chrome-update-error-messages
A Master Class on IT Security: Roger A. Grimes Teaches You Phishing Mitigation
Phishing attacks have come a long way from the spray-and-pray emails of just a few decades ago. Now they\'re more targeted, more cunning and more dangerous. And this enormous security gap leaves you open to business email compromise, session hijacking, ransomware and more.
Join Roger A. Grimes, KnowBe4\'s Data-Driven Defense Evangelist, |
Ransomware Data Breach Spam Malware Tool Threat Prediction | NotPetya NotPetya APT 28 ChatGPT ChatGPT | ★★ |
|
2023-05-08 20:00:00 | 1M NextGen Patient Records compromis en violation de données 1M NextGen Patient Records Compromised in Data Breach (lien direct) |
Les opérateurs de ransomware BlackCat auraient volé les données sensibles.
BlackCat ransomware operators reportedly stole the sensitive data. |
Ransomware Data Breach | ★★ | |
|
2023-05-08 16:29:00 | Pourquoi le \\ 'pourquoi \\' d'une violation de données est important Why the \\'Why\\' of a Data Breach Matters (lien direct) |
Les motivations d'un attaquant aident à établir les protections à mettre en place pour protéger les actifs.
The motivations of an attacker help establish what protections to put into place to protect assets. |
Data Breach | ★★ | |
|
2023-05-08 10:52:53 | 1 Million Impacted by Data Breach at NextGen Healthcare (lien direct) | >NextGen Healthcare is informing roughly 1 million individuals that their personal information was compromised in a data breach.
>NextGen Healthcare is informing roughly 1 million individuals that their personal information was compromised in a data breach. |
Data Breach | ★★ | |
|
2023-05-07 12:10:45 | Western Digital dit que les pirates ont volé les données clients en mars cyberattaque Western Digital says hackers stole customer data in March cyberattack (lien direct) |
Western Digital a pris son magasin hors ligne et a envoyé des notifications de violation de données aux clients après avoir confirmé que les pirates ont volé des informations personnelles sensibles dans une cyberattaque de mars.[...]
Western Digital has taken its store offline and sent customers data breach notifications after confirming that hackers stole sensitive personal information in a March cyberattack. [...] |
Data Breach | ★★ | |
|
2023-05-05 18:53:00 | Le juge épargne l'ancienne peine d'emprisonnement de l'Uber Ciso au cours des accusations de violation de données 2016 Judge Spares Former Uber CISO Jail Time Over 2016 Data Breach Charges (lien direct) |
Dites à d'autres «vous avez une pause» de Ciso \\ », dit le juge en exerçant une peine de probation de trois ans à Joseph Sullivan.
Tell other CISO\'s "you got a break," judge says in handing down a three-year probation sentence to Joseph Sullivan. |
Data Breach | Uber Uber | ★★ |
|
2023-05-05 00:35:45 | L'ancien Uber CSO Joe Sullivan évite la peine de prison sur la dissimulation de la violation des données Former Uber CSO Joe Sullivan Avoids Prison Time Over Data Breach Cover-Up (lien direct) |
> L'ancien chef de la sécurité d'Uber, Joe Sullivan, a été condamné à la probation et au service communautaire pour couvrir la violation des données subie par le géant du covoiturage en 2016.
>Former Uber security chief Joe Sullivan was sentenced to probation and community service for covering up the data breach suffered by the ride-sharing giant in 2016. |
Data Breach | Uber Uber | ★★ |
To see everything:
Our RSS (filtrered)
