What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-08-30 16:15:18 | Russian streaming platform confirms data breach affecting 7.5M users (lien direct) | Russian media streaming platform 'START' (start.ru) has confirmed rumors of a data breach impacting millions of users. [...] | Data Breach | ||
 |
2022-08-30 13:22:35 | 2.5 Million Impacted by Data Breach at Nelnet Servicing (lien direct) | The data of more than 2.5 million individuals was compromised in a recent data breach at technology services provider Nelnet Servicing. The impacted individuals have taken student loans from Edfinancial and OSLA, which have contracted Nelnet for various services, including an online portal that student loan borrowers can use to access their accounts. | Data Breach | ||
 |
2022-08-30 12:30:30 | NATO Investigates Security Breach (lien direct) | It has been announced that Nato is assessing the impact of a data breach of classified military documents being sold by a hacker group online. | Data Breach | ||
|
2022-08-29 20:38:02 | What Can We Learn From The OpenSea Data Breach? (lien direct) | Access has always been a conundrum for security professionals. The level of access privileges you give to your employees exposes you to insider threats. The recent data breach faced by OpenSea exposes another layer of risk: third-party vendors, after the web3.0 marketplace's supplier, customer.io, was found to be responsible for a breach that saw the […] | Data Breach | ||
 |
2022-08-29 16:27:31 | GUEST ESSAY: Stolen logons, brute force hacking get used the most to breach web, email servers (lien direct) | Web application attacks directed at organizations’ web and mail servers continue to take the lead in cybersecurity incidents. Related: Damage caused by ‘business logic’ hacking This is according to Verizon’s latest 2022 Data Breach Investigations Report (DBIR). In … (more…) | Data Breach Guideline | ||
 |
2022-08-29 11:00:00 | Twilio data breach turns out to be more elaborate than suspected (lien direct) | >Categories: NewsTags: twilio Tags: okta Tags: Authy Tags: Signal Tags: Cloudflare Tags: MailChimp Tags: Klaviyo Tags: scatter swine Tags: oktapus Tags: 2fa Tags: otp Even if you don't know a thing about Twilio, you may have been affected by their data breach. (Read more...) | Data Breach | ||
 |
2022-08-29 04:19:00 | Facebook agrees to settle class action lawsuit related to Cambridge Analytica data breach (lien direct) | Facebook parent Meta Platforms agreed Friday to settle a class action lawsuit seeking damages for allowing British political consulting firm Cambridge Analytica access to the private data of tens of millions of Facebook users. The settlement will spare CEO Marc Zuckerberg an embarrassing court appearance to defend his company.Lawyers acting for the plaintiffs and for Facebook filed a joint request with the US District Court for the Northern District of California on Friday, asking the judge to put the class action on hold for sixty days while the two parties finalized a written settlement for an as-yet undisclosed amount. The high profile lawsuit has been running for over four years and claims that Facebook shared data of millions of US voters with Cambridge Analytica.To read this article in full, please click here | Data Breach | ||
 |
2022-08-28 23:15:00 | Key Points from the IBM Cost of a Data Breach Report 2022 (lien direct) | >The volume and impact of data breaches have accelerated largely in 2022, which has contributed to many adverse effects for businesses. Tc highlights several updated factors that have generated great costs across 17 countries and regions, and 17 industries. The report has included new related areas of analysis such as: Extended Detection and Response (XDR). […]… Read More | Data Breach | ||
|
2022-08-26 15:30:34 | (Déjà vu) DoorDash discloses new data breach tied to Twilio hackers (lien direct) | Food delivery firm DoorDash has disclosed a data breach exposing customer and employee data that is linked to the recent cyberattack on Twilio. [...] | Data Breach | ★★★★ | |
|
2022-08-26 15:30:34 | DoorDash discloses new data breach tied to Twilio hack (lien direct) | Food delivery firm DoorDash has disclosed a data breach exposing customer and employee data that is linked to the recent cyberattack on Twilio. [...] | Data Breach Hack | ||
|
2022-08-25 20:05:19 | LastPass Says Source Code Stolen in Data Breach (lien direct) | Password management software firm LastPass has suffered a data breach that led to the theft of source code and proprietary technical information. | Data Breach | LastPass | |
|
2022-08-25 13:11:36 | Expert Commentary On The Plex Data Breach (lien direct) | A Plex data breach has exposed usernames, email addresses, and encrypted passwords. As Troy Hunt, Microsoft Regional Director, said on Twitter “Aw crap, I'm pwned in a @plex data breach. Again. I can't do anything to *not* be in a breach like this (short of not using the service)” The scale of the security failure […] | Data Breach | ||
 |
2022-08-25 11:00:40 | Liberty Counsel\'s Donor Records and Pro-Trump Election Messaging Exposed in Data Breach (lien direct) | >Thanks to its tax status, the Southern Poverty Law Center-designated hate group has largely avoided public scrutiny. | Data Breach | ||
 |
2022-08-24 23:12:45 | Plex discloses data breach and urges password reset (lien direct) | >The streaming media platform Plex is urging its users to reset passwords after threat actors gained access to its database. Plex is an American streaming media service and a client–server media player platform. The company disclosed a data breach after threat actors have access to a limited subset of data stored in a compromised database. Exposed data includes emails, usernames, and […] | Data Breach Threat | ||
|
2022-08-24 10:30:00 | Reset your password now! Plex suffers data breach (lien direct) | >Categories: NewsTags: Plex Tags: breach Tags: sign out Tags: change password Tags: Troy Hunt Tags: HaveIBeenPwnd In an email sent to its users, Plex revealed that a cybercriminal accessed a limited subset of customer data, including emails and encrypted passwords. (Read more...) | Data Breach | ||
|
2022-08-24 07:49:00 | (Déjà vu) Plex warns users to reset passwords after a data breach (lien direct) | The Plex media streaming platform is sending password reset notices to many of its users in response to discovering unauthorized access to one of its databases. [...] | Data Breach | ||
|
2022-08-22 14:16:51 | Misconfigured Meta Pixel exposed healthcare data of 1.3M patients (lien direct) | U.S. healthcare provider Novant Health has disclosed a data breach impacting 1,362,296 individuals who have had their sensitive information mistakenly collected by the Meta Pixel ad tracking script. [...] | Data Breach | ||
|
2022-08-22 13:46:29 | Textile Company Sferra Discloses Data Breach (lien direct) | Textile company Sferra Fine Linens on Friday announced that it has started notifying individuals of a cybersecurity incident involving their personal information. Founded in 1891, Sferra designs and sells Italian-made luxury linen products, including luxury sheets, table linens, and bedding collections, as well as decorative home accessories. | Data Breach | ||
|
2022-08-22 11:35:43 | Greek natural gas operator suffers ransomware-related data breach (lien direct) | Greece's largest natural gas distributor DESFA confirmed on Saturday that they suffered a limited scope data breach and IT system outage following a cyberattack. [...] | Data Breach | ||
 |
2022-08-19 13:00:00 | How EDR Security Supports Defenders in a Data Breach (lien direct) | >The cost of a data breach has reached an all-time high. It averaged $4.35 million in 2022, according to the newly published IBM Cost of a Data Breach Report. What’s more, 83% of organizations have faced more than one data breach, with just 17% saying this was their first data breach. What can organizations do […] | Data Breach | ||
|
2022-08-17 16:02:00 | Healthcare Breaches Costliest for 12 Years Running, Hit New $10.1M Record High (lien direct) | >IBM Security and the Ponemon institute release an annual report known as one the most significant industry benchmarks. The Cost of a Data Breach analysis examines real-world breaches in great detail, producing insights into the factors that impact the cost of cyber-attacks. In the 2022 report just released, the healthcare sector stands out for extremely […] | Data Breach | ||
 |
2022-08-17 10:00:00 | A pragmatic approach to risk management & resilience (lien direct) | Cybersecurity starts with the ability to recognize your cyber risk. We will explore several topics related to taking a practical approach to managing risk and achieving cyber resilience. This is a blog series with collective thoughts from Bindu Sundaresan, Director AT&T Cybersecurity, and Nick Simmons, AVP, Cybersecurity. Cybercrime has become increasingly frequent, complex, and costly, posing a risk to all businesses regardless of size. How do you plan to respond when falling victim to a breach? Would you know who to call, how to react, or what to tell your employees, customers, and media? Could your organization absorb the potential financial and reputational impact of a lawsuit? The answer cannot be, "we store everything in the cloud, so we are good." Who owns the risk? Could your brand's image survive? What is acceptable, and how do you know your current plan will suffice? What more could your company do to understand better and manage the risk? These questions are all top of mind and need to be addressed from an overall business perspective. This blog summarizes the fundamental steps and offers suggestions to understand, manage, and respond to risk. Beyond technology, focus on risk and resilience It can be easy to deploy security technology and think you've mitigated risk to your business. Unfortunately, technology investment is no guarantee of protection against the latest threats. It is critical to take a risk-based approach to security, meaning leaders must identify and focus on specific elements of cyber risk to decrease enterprise risk. Specifically, the many components of cyber risk must be understood and prioritized for enterprise cybersecurity efforts. Organizations are increasingly aiming to shift from cybersecurity to cyber resilience, and the following recommendations can help forge this path: Understand the threats Measure the potential financial impact of cyber exposures compared to the company's risk appetite level; and Proactively manage cyber risks with clear action plans based on their capabilities and capacities to protect against cybercrime Risk-based approach Cyber resiliency requires a risk-based approach, accomplishing two critical things at once. First, it designates risk reduction as the primary goal, enabling the organization to prioritize investment, including implementation-related problem solving based squarely on a cyber program's effectiveness at reducing risk. Second, the program distills top management's risk-reduction targets into pragmatic implementation programs with precise alignment from senior executives to the front line. Following the risk-based approach, a company will no longer "build the control everywhere"; rather, the focus will be on building the appropriate controls for the worst vulnerabilities to defeat the most significant threats that target the business' most critical areas. The risk-based approach to cybersecurity is thus ultimately interactive and a dynamic tool to support strategic decision-making. Focused on business value, utilizing a common language among the interested parties, and directly linking enterprise risks to controls, the approach helps translate executive decisions about risk reduction into control implementation. The power of the risk-based approach to optimize risk reduction at any level of investment is enhanced by its flexibility, adjusting to an evolving risk-appetite strategy as needed. A risk-based approach recognizes that there are no perfect security solutions. Still, those that strategically balance security, scalability, access, usability, and cost can ultimately provide the best long-term protection against an evolving adversary. Fundamentally, risk transformation changes security strategy from an outside-in perspective, where external threats and regulations drive strategy, to an | Ransomware Data Breach Tool Vulnerability Threat Patching Guideline | ||
 |
2022-08-16 17:06:00 | When Efforts to Contain a Data Breach Backfire (lien direct) | Earlier this month, the administrator of the cybercrime forum Breached received a cease-and-desist letter from a cybersecurity firm. The missive alleged that an auction on the site for data stolen from 10 million customers of Mexico's second-largest bank was fake news and harming the bank's reputation. The administrator responded to this empty threat by purchasing the stolen banking data and leaking it on the forum for everyone to download. | Data Breach Threat | ||
|
2022-08-16 02:00:00 | The 12 biggest data breach fines, penalties, and settlements so far (lien direct) | Sizable fines assessed for data breaches since 2019 suggest that regulators are getting more serious about organizations that don't properly protect consumer data. Marriott was hit with a $124 million fine, later reduced, while Equifax agreed to pay a minimum of $575 million for its 2017 breach. Now, the Equifax fine has been eclipsed by the $1.19 billion fine levied against the Chinese firm Didi Global for violating that nation's data protection laws, and by the $877 million fine against Amazon last year for running afoul of the General Data Protection Regulation (GDPR) in Europe.To read this article in full, please click here | Data Breach | Equifax Equifax | |
|
2022-08-15 17:46:24 | Twilio hack exposed Signal phone numbers of 1,900 users (lien direct) | Phone numbers of close to 1,900 Signal users were exposed in the data breach Twilio cloud communications company suffered at the beginning of the month. [...] | Data Breach Hack | ||
 |
2022-08-12 16:25:57 | The potential consequences of data breach, and romance scams – Week in security with Tony Anscombe (lien direct) | The NHS was victim of a potential cyberattack, which raises the question of the impact of those data breach for the public. | Data Breach | ||
 |
2022-08-11 16:15:09 | Video | Sontiq BreachIQ™ (lien direct) | >
Every data breach differs in terms of the type, amount and sensitivity of the information stolen. BreachIQ™ takes identity protection to the next level by providing hyper-personalized data breach insights and customized action plans based on an individual's unique breach history and risk exposure - providing their own dynamic Identity Safety Score.
|
Data Breach | ||
|
2022-08-11 11:59:50 | 120K Priority Health Members Impacted By Third-Party Data Breach (lien direct) | Following news that priority Health issued a notice about a third-party data breach that originated at the law firm Warner Norcross & Judd (WNJ) in October 2021 (https://healthitsecurity.com/news/120k-priority-health-members-impacted-by-third-party-data-breach), cyber security experts explain the risk of third party companies. | Data Breach | ||
|
2022-08-10 13:48:54 | Hackers behind Twilio data breach also targeted Cloudflare employees (lien direct) | >Cloudflare revealed that at least 76 employees and their family members were targeted by smishing attacks similar to the one that hit Twilio. The content delivery network and DDoS mitigation company Cloudflare revealed this week that at least 76 employees and their family members received text messages on their personal and work phones. According to […] | Data Breach | ||
|
2022-08-10 10:00:00 | Security Automation Can Save You $3.05M in a Data Breach (lien direct) | >When it comes to reducing security breach costs, companies with security artificial intelligence (AI) and automation can save millions, per a new report. According to the most recent IBM Cost of a Data Breach Report, organizations with fully deployed security AI and automation save $3.05 million per data breach compared to those without. That’s a 65.2% […] | Data Breach | ||
|
2022-08-10 02:00:00 | U.S. Federal Court breach reveals IT and security maturation issues (lien direct) | In late July 2022, Politico ran a story detailing how the U.S. Department of Justice was investigating a recent data breach of the federal court system, which dated back to early 2020. The chair of the House Judiciary Committee, Jerrold Nadler (D-NY), described the breach as a “system security failure of the U.S. Courts' document management system.”On the same day, July 28, 2022, the U.S. Government Accountability Office (GAO) published the report GAO-22-105068 “U.S. Courts: Action Needed to Improve IT Management and Establish a Chief Information Officer.” The GAO report described systemic shortcomings in the administration of the U.S. court system, including the lack of a CIO, to oversee the substantive infrastructure.To read this article in full, please click here | Data Breach | ||
 |
2022-08-09 10:08:23 | Twilio Suffers Phishing Based Data Breach (lien direct) | Twilio, the communications giant, has confirmed that hackers accessed customer data after successfully tricking employees into handing over their corporate login credentials. The company, based in San Francisco, allows users to build voice and SMS capabilities, such as two-factor authentication (2FA), into applications, said that it became aware that someone gained “unauthorised access” to information […] | Data Breach | ||
|
2022-08-09 09:25:56 | How to stay safe from cybercriminals and avoid data breaches (lien direct) | A data breach is any person's nightmare. It can affect you mentally and financially, and an 100% unhackable device or account necessitates taking precautionary measures. Hackers target small and medium businesses as they don't have the resources to pay for cybersecurity tools and network upgrades to protect their data against the latest cybercriminals' tricks as […] | Data Breach | ||
 |
2022-08-09 07:24:25 | Twilio Suffers Data Breach After Employees Fall Victim to SMS Phishing Attack (lien direct) | Customer engagement platform Twilio on Monday disclosed that a "sophisticated" threat actor gained "unauthorized access" using an SMS-based phishing campaign aimed at its staff to gain information on a "limited number" of accounts. The social-engineering attack was bent on stealing employee credentials, the company said, calling the as-yet-unidentified adversary "well-organized" and "methodical | Data Breach Threat | ||
|
2022-08-09 00:00:00 | Twitter data breach affects 5.4M users (lien direct) | >Categories: PrivacyTwitter has confirmed a data breach on July 2. (Read more...) | Data Breach | ||
 |
2022-08-08 21:29:35 | How to find out if you are involved in a data breach -- and what to do next (lien direct) | Here's a guide highlighting the tools you can use to determine if your account is at risk. | Data Breach | ||
|
2022-08-08 18:16:46 | (Déjà vu) Twilio discloses data breach that impacted customers and employees (lien direct) | >Communications company Twilio discloses a data breach after threat actors have stolen employee credentials in an SMS phishing attack. Communications company Twilio discloses a data breach, threat actors had access to the data of some of its customers. The attackers accessed company systems using employee credentials obtained through a sophisticated SMS phishing attack. Twilio is […] | Data Breach Threat | ||
|
2022-08-08 14:17:51 | Email marketing firm hacked to steal crypto-focused mailing lists (lien direct) | Email marketing firm Klaviyo disclosed a data breach after threat actors gained access to internal systems and downloaded marketing lists for cryptocurrency-related customers. [...] | Data Breach Threat | ||
|
2022-08-08 10:37:06 | Twilio discloses data breach after SMS phishing attack on employees (lien direct) | Cloud communications company Twilio says some of its customers' data was accessed by attackers who breached internal systems after stealing employee credentials in an SMS phishing attack. [...] | Data Breach | ||
|
2022-08-05 22:08:30 | Twitter confirms zero-day used to access data of 5.4 million accounts (lien direct) | >Twitter confirmed that the recent data breach that exposed data of 5.4 million accounts was caused by the exploitation of a zero-day flaw. At the end of July, a threat actor leaked data of 5.4 million Twitter accounts that were obtained by exploiting a now-fixed vulnerability in the popular social media platform. The threat actor offered […] | Data Breach Vulnerability Threat | ||
|
2022-08-05 12:00:00 | Twitter confirms zero-day used to expose data of 5.4 million accounts (lien direct) | Twitter has confirmed a recent data breach was caused by a now-patched zero-day vulnerability used to link email addresses and phone numbers to users' accounts, allowing a threat actor to compile a list of 5.4 million user account profiles. [...] | Data Breach Vulnerability Threat | ||
|
2022-08-03 15:22:35 | APIs attacked in 94% of companies in past year (lien direct) | Salt Security, the API security company, today released the Salt Labs State of API Security Report, Q3 2022. In its latest edition, the bi-annual report found that 94% of survey respondents experienced security problems in production APIs in the past year, with 20% stating their organisations suffered a data breach as a result of security […] | Data Breach | ||
 |
2022-08-03 12:50:01 | New Data Breach Extortion Attack Begins with a Fake Duolingo or MasterClass Subscription Scam (lien direct) |
|
Data Breach | ||
 |
2022-08-02 22:30:39 | Black Kite: Cost of data breach averages $15 million (lien direct) | >With the median cost per incident coming in at $130,000, most data breaches do not cross the $1 million threshold. | Data Breach | ||
|
2022-08-01 13:00:00 | How to Prepare for and Respond to a Data Privacy Breach (lien direct) | >Before I started covering cybersecurity, I thought the term ‘breach’ had a single meaning — that an attacker stole data from a computer system. I also thought all the different versions of the word meant the same thing. However, I’ve since learned the nuances and differences between a breach, a data breach and a data […] | Data Breach | ||
|
2022-08-01 10:39:47 | (Déjà vu) Congress Warns of US Court Records Data Breach (lien direct) | Lawmakers on the Hill revealed last week that a cyber-attack on the US justice system had compromised a public document management system. Jerrold Nadler (D-NY), chairman of the House Judiciary Committee, revealed the discovery at a hearing on oversight in the Justice Department. Nadler disclosed that three hostile actors had breached the Public Access to Court […] | Data Breach | ||
|
2022-08-01 07:44:00 | Global cost of data breach reaches record high of $4.35 million: IBM (lien direct) | The global average cost of data breaches reached an all-time high of $4.35 million in 2022 compared with $4.24 million in 2021, according to a new IBM Security report. About 60% of the breached organizations raised product and services prices due to the breaches.The annual report, conducted by Ponemon Institute and analyzed and sponsored by IBM Security, is based on the analysis of real-world data breaches experienced by 550 organizations globally between March 2021 and March 2022. According to the report, about 83% of the organizations have experienced more than one breach in their lifetime, with nearly half of the costs reported to be incurred more than a year after the breach.To read this article in full, please click here | Data Breach | ||
|
2022-08-01 05:07:00 | BrandPost: Solving the Challenges of Remediating Configuration Settings (lien direct) | A data breach can result in catastrophic consequences for any organization. Ensuring that your IT environment is safe from cyber threats can be a real challenge.To keep intruders out of your networks and data, you need more than up-to-date guidance. You also need to continually assess system configurations for conformance to security best practices and harden thousands of individual settings in your environment.But where do you start?Begin with recognized security best Practices The CIS Critical Security Controls (CIS Controls) are a prioritized set of actions that mitigate the most common cyber attacks. They translate cyber threat information into action. The CIS Benchmarks are secure configuration recommendations designed to safeguard systems against today's evolving cyber threats. Both CIS best practices provide organizations of all sizes with specific and actionable recommendations to enhance cyber defenses. Both are also mapped to or referenced by a number of industry standards and frameworks like NIST, HIPAA, PCI DSS, and more.To read this article in full, please click here | Data Breach Threat | ||
|
2022-07-29 19:34:45 | 911 Proxy Service Implodes After Disclosing Breach (lien direct) | 911[.]re, a proxy service that since 2015 has sold access to hundreds of thousands of Microsoft Windows computers daily, announced this week that it is shutting down in the wake of a data breach that destroyed key components of its business operations. The abrupt closure comes ten days after KrebsOnSecurity published an in-depth look at 911 and its connections to shady pay-per-install affiliate programs that secretly bundled 911's proxy software with other titles, including “free” utilities and pirated software. | Data Breach | ||
|
2022-07-29 16:44:16 | To settle with the DoJ, Uber must confess to a cover-up. And it did. (lien direct) | The 2016 Uber data breach affected the personal information of 57 million people. And then the company covered it all up. | Data Breach | Uber Uber |
To see everything:
Our RSS (filtrered)
