What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-08-18 13:00:00 | How AI Prevents Fatigue After Data Breaches (lien direct) | I have data breach fatigue. Every day, my inbox is flooded with dozens of emails about the newest data breaches and what causes them. Five years ago, I took note of every company listed and the mistakes made that led to the breach. Today, I barely skim them. How many times can I read that a […] | Data Breach | ||
 |
2021-08-18 12:14:53 | T-Mobile Confirms Data Breach Impacts Millions of Customers (lien direct) | T-Mobile has confirmed that hackers have stolen files storing information on millions of current and former customers. | Data Breach | ||
 |
2021-08-17 17:56:00 | Anomali Cyber Watch: Anomali Cyber Watch: Aggah Using Compromised Websites to Target Businesses Across Asia, eCh0raix Targets Both QNAP and NAS, LockBit 2.0 Targeted Accenture, and More (lien direct) | The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: China, Critical Infrastructure, Data Storage, LockBit, Morse Code, Ransomware, and Vulnerabilities. . The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity.
Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
Colonial Pipeline Reports Data Breach After May Ransomware Attack
(published: August 16, 2021)
Colonial Pipeline, the largest fuel pipeline in the United States, is sending notification letters to 5,810 individuals affected by the data breach resulting from the DarkSide ransomware attack. During the incident, which occurred during May this year, DarkSide also stole roughly 100GB of files in about two hours. Right after the attack Colonial Pipeline took certain systems offline, temporarily halted all pipeline operations, and paid $4.4 million worth of cryptocurrency for a decryptor, most of it later recovered by the FBI. The DarkSide ransomware gang abruptly shut down their operation due to increased level of attention from governments, but later resurfaced under new name BlackMatter. Emsisoft CTO Fabian Wosar confirmed that both BlackMatter RSA and Salsa20 implementation including their usage of a custom matrix comes from DarkSide.
Analyst Comment: BlackMatter (ex DarkSide) group added "Oil and Gas industry (pipelines, oil refineries)" to their non-target list, but ransomware remains a significant threat given profitability and the growing number of ransomware threat actors with various levels of recklessness. Double-extortion schemes are adding data exposure to a company's risks. Stopping ransomware affiliates requires defense in depth including: patch management, enhancing your Endpoint Detection and Response (EDR) tools with ThreatStream, the threat intelligence platform (TIP), and utilizing data loss prevention systems (DLP).
MITRE ATT&CK: [MITRE ATT&CK] Data Encrypted for Impact - T1486
Tags: Darkside, BlackMatter, Colonial Pipeline, Oil and Gas, Ransomware, Salsa20, Data Breach, USA
Indra — Hackers Behind Recent Attacks on Iran
(published: August 14, 2021)
Check Point Research discovered that a July 2021 cyber attack against Iranian railway system was committed by Indra, a non-government group. The attackers had access to the targeted networks for a month and then deployed a previously unseen file wiper called Meteor effectively disrupting train service throughout the country. Previous versions of the Indra wiper named Stardust and Comet were seen in Syria, where Indra was attacking oil, airline, and financial sectors at least since 2019.
Analyst Comment: It is concerning that even non-government threat actors can damage a critical infrastructure in a large country. Similar to ransomware protection, with regards to wiper attacks organizations should improve their intrusion detection methods and have a resilient backup system.
MITRE ATT&CK: [MITRE ATT&CK] Data Destruction - T1485 | [MITRE ATT&CK] File Deletion - T1107 | |
Ransomware Data Breach Malware Hack Tool Vulnerability Threat Guideline | APT 27 APT 27 | |
 |
2021-08-17 17:51:52 | T-Mobile Data Breach Amplifies Larger Cybersecurity Challenge (lien direct) |
Reports came out this week that T-Mobile had suffered a data breach. T-Mobile claims that the leak has been sealed. They deserve credit for responding quickly, but for some the damage may already be done. The data itself may not pose a direct risk to anyone, but the more information cybercriminals can obtain and correlate, the more effective future attacks will be. |
Data Breach | ||
 |
2021-08-17 08:45:00 | Colonial Pipeline Reportedly Admits Data Breach (lien direct) | Ransomware actors may have compromised employee information | Ransomware Data Breach | ||
 |
2021-08-17 07:04:00 | Colonial Pipeline discloses data breach after May ransomware attack (lien direct) | Colonial Pipeline discloses a data breach of the personal information of thousands of individuals after the ransomware attack that took place in May 2021. Colonial Pipeline has started notifying more than 5000 people that had their personal information compromised after a ransomware attack that took place in May. The Colonial Pipeline facility in Pelham, Alabama […] | Ransomware Data Breach | ||
 |
2021-08-17 05:41:00 | Educational publisher Pearson fined for data breach cover-up (lien direct) | Colonial Pipeline discloses a data breach of the personal information of thousands of individuals after the ransomware attack that took place in May 2021. Colonial Pipeline has started notifying more than 5000 people that had their personal information compromised after a ransomware attack that took place in May. The Colonial Pipeline facility in Pelham, Alabama […] | Data Breach | ||
 |
2021-08-16 23:53:37 | T-Mobile Investigating Claims of Massive Data Breach (lien direct) | Communications giant T-Mobile said today it is investigating the extent of a data breach that hackers claim has exposed sensitive personal data on 100 million T-Mobile USA customers, in many cases including the name, Social Security number, address, date of birth, phone number, security PINs and details that uniquely identify each customer's mobile device. | Data Breach | ||
|
2021-08-16 21:27:53 | T-Mobile confirms data breach that exposed customer personal info (lien direct) | T-Mobile confirms a breach after threat actors claimed to have obtained records of 100 million of its customers and offered them for sale. T-Mobile has confirmed a data breach that exposed personal information from over 100 million of its US customers. Yesterday the company announced it launched an investigation into a possible data breach after […] | Data Breach Threat | ||
 |
2021-08-16 20:44:22 | The T-Mobile Data Breach Is One You Can\'t Ignore (lien direct) | Hackers claim to have obtained the data of 100 million people-including sensitive personal information. | Data Breach | ||
|
2021-08-16 19:45:00 | T-Mobile Investigates Possible Data Breach (lien direct) | Communications company looking into claims that personal data of 100 million users has been compromised | Data Breach | ||
 |
2021-08-16 15:52:44 | T-Mobile confirms servers were hacked, investigates data breach (lien direct) | T-Mobile has confirmed that threat actors hacked their servers in a recent cyber attack but still investigate whether customer data was stolen. [...] | Data Breach Threat | ||
|
2021-08-16 15:23:21 | Education giant Pearson fined $1M for downplaying data breach (lien direct) | The US Securities and Exchange Commission (SEC) announced today that Pearson, a British multinational educational publishing and services company, has settled charges of mishandling the disclosure process for a 2018 data breach discovered in March 2019. [...] | Data Breach | ||
|
2021-08-16 07:23:27 | Colonial Pipeline reports data breach after May ransomware attack (lien direct) | Colonial Pipeline, the largest fuel pipeline in the United States, is sending notification letters to individuals affected by the data breach resulting from the DarkSide ransomware attack that hit its network in May. [...] | Ransomware Data Breach | ||
|
2021-08-16 06:47:07 | Threat actor claims to be selling data of more than 100 million T-Mobile customers (lien direct) | T-Mobile is investigating a possible data breach after a threat actor published a post on a forum claiming to be selling the personal data of its customers. New problems for T-Mobile, the company is investigating a possible data breach after that a threat actor has published a post on a hacking forum claiming to be […] | Data Breach Threat | ||
|
2021-08-12 19:29:00 | Chanel Apologizes for Data Breach (lien direct) | Cyber-attack blamed for data breach at Korean arm of French luxury brand | Data Breach | ||
|
2021-08-10 18:11:00 | UPMC to Pay $2.65M to Settle Data Breach Case (lien direct) | Settlement reached over 2014 data breach at the University of Pittsburgh Medical Center | Data Breach | ||
|
2021-08-04 21:39:51 | (Déjà vu) Advanced Technology Ventures discloses ransomware attack and data breach (lien direct) | The American venture capital firm Advanced Technology Ventures (ATV) disclosed a ransomware attack, crooks also stole data of some private investors. Advanced Technology Ventures (ATV) is an American venture capital firm with more than $1.8 billion in capital under management. The venture capital firm this week disclosed a ransomware attack, threat actors have also stolen the personal information of some […] | Ransomware Data Breach Threat | ||
|
2021-08-04 14:22:00 | Personal Data Breach Reports Fall Despite Rising Attacks (lien direct) | There was a surprising decline in personal data breach reports to the ICO in FY 20/21 despite rising attacks and breaches. | Data Breach | ||
|
2021-08-03 15:00:00 | Anomali Cyber Watch: LockBit ransomware, Phony Call Centers Lead to Exfiltration and Ransomware, VBA RAT using Double Attack Vectors, and More (lien direct) | The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: Android malware, APT, Data leak, macOS malware, Phishing, Ransomware and Vulnerabilities. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity. 
Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
BazaCall: Phony Call Centers Lead to Exfiltration and Ransomware
(published: July 29, 2021)
BazaCall campaigns have forgone malicious links or attachments in email messages in favor of phone numbers that recipients are misled into calling. Actual humans then provide the callers with step-by-step instructions for installing malware. The BazaLoader payload from these campaigns also gives a remote attacker hands-on-keyboard control on an affected user's device, which allows for a fast network compromise. The lack of obvious malicious elements in the delivery methods could render typical ways of detecting spam and phishing emails ineffective.
Analyst Comment: All users should be informed of the risk phishing poses, and how to safely make use of email. They should take notice that a phone number sent to them can be fraudulent too. In the case of infection, the affected system should be wiped and reformatted, and if at all possible the ransom should not be paid. Implement a backup solution for your users to ease the pain of losing sensitive and important data.
MITRE ATT&CK: [MITRE ATT&CK] User Execution - T1204 | [MITRE ATT&CK] Credential Dumping - T1003 | [MITRE ATT&CK] Data Encrypted for Impact - T1486
Tags: BazaCall, Bazaar, Ransomware
Crimea “Manifesto” Deploys VBA Rat Using Double Attack Vectors
(published: July 29, 2021)
Hossein Jazi has identified a suspicious document named "Манифест". It downloads and executes two templates: one is macro-enabled and the other is an Internet Explorer exploit. While both techniques rely on template injection to drop a full-featured Remote Access Trojan, the IE exploit is an unusual discovery.
Analyst Comment: Files that request content be enabled to properly view the document are often signs of a phishing attack. If such a file is sent to you via a known and trusted sender, that individual should be contacted to verify the authenticity of the attachment prior to opening. Thus, any such file attachment sent by unknown senders should be viewed with the utmost scrutiny, and the attachments should be avoided and properly reported to appropriate personnel.
MITRE ATT&CK: [MITRE ATT&CK] User Execution - T1204 | [MITRE ATT&CK] Template Injection - T1221 | [MITRE ATT&CK] Scheduled Task - T1053 | [MITRE ATT&CK] Modify Registry - T1112
Tags: VBA, Russia, RAT, CVE- |
Ransomware Data Breach Spam Malware Threat Guideline | ||
|
2021-08-02 12:07:17 | (Déjà vu) What the Growing Costs of a Data Breach Means for the Business (lien direct) |
A recent global research report conducted by Cybereason, titled Ransomware: The True Cost to Business, revealed that the vast majority of organizations that have suffered a ransomware attack have experienced significant impact to the business, including loss of revenue, damage to the organization's brand, unplanned workforce reductions, and little in the way of relief from cyber insurance policies.
An esteemed panel of subject matter experts will examine the research findings and discuss how organizations can better prepare to defend against and respond to a ransomware attack, and the full on-demand webinar can be found here.
Recently, IBM came out with its Cost of a Data Breach Report 2021. This publication synthesizes the Ponemon Institute's research of 537 breaches that affected 17 different industries and that occurred across 17 countries and regions. It also draws on nearly 3,500 interviews to understand how much those breaches cost organizations and what decision makers are doing to better defend against security incidents going forward. |
Ransomware Data Breach | ||
|
2021-07-30 12:25:45 | Building Effective Business Cases to Cover Cybersecurity Costs (lien direct) | With the global average cost of a data breach totaling $3.86 million in 2020, the topic of security continues to be a major pressure point and a board-level agenda item. So why do security programs still seem to lack adequate funding, urgency and support until a breach or lawsuit occurs or auditors demand change? Verizon’s […] | Data Breach | ||
 |
2021-07-28 17:28:21 | Data breach costs hit record high due to pandemic (lien direct) | The average cost of a data breach among companies surveyed for IBM Security reached $4.24 million per incident, the highest in 17 years. | Data Breach | ||
|
2021-07-28 14:26:36 | IBM Cost of a Data Breach study: average Cost of Data Breach exceeds $4.2M (lien direct) | The ‘Cost of a Data Breach’ report commissioned by IBM Security states that the cost of a data breach exceeded $4.2 million during the COVID19 pandemic. IBM Security presented today the annual study “Cost of Data Breach,” conducted by Ponemon Institute and sponsored and analyzed by IBM, which is based on data related to data […] | Data Breach | ||
|
2021-07-28 12:31:39 | University of San Diego Health Says Personal Information Stolen in Data Breach (lien direct) | University of San Diego Health this week revealed that personal information was accessed in a data breach involving unauthorized access to some employee email accounts. | Data Breach | ||
|
2021-07-28 11:13:44 | IBM: Average Cost of Data Breach Exceeds $4.2 Million (lien direct) | A global study commissioned by IBM Security shows that the average cost of a data breach exceeded $4.2 million during the coronavirus pandemic, which the company pointed out is the highest in the 17-year history of its “Cost of a Data Breach” report. | Data Breach | ||
|
2021-07-28 10:00:00 | Data Breach Costs at Record High, Zero Trust, AI and Automation Help Reduce Costs (lien direct) | Data breaches have been growing in numbers and scale, taking longer to detect and contain. The average total cost of a data breach is at its highest of 17 years, at $4.24 million. The year over year increase of 10% is the largest single year cost increase recorded in the last 7 years. IBM and […] | Data Breach | ||
 |
2021-07-28 08:16:04 | (Déjà vu) Cost of a data breach hits record high during the pandemic (lien direct) | IBM research indicates that the cost of an enterprise data breach reached a record high during the COVID-19 pandemic. IBM has estimated in its new “Cost of a Data Breach” report that the average data breach now runs upward of $4 million. In fact, in 2021, a typical data breach experienced by companies now costs […] | Data Breach | ||
|
2021-07-28 06:39:34 | What\'s New in the 2021 Cost of a Data Breach Report (lien direct) | Has cybersecurity ever been more important than it is right now? Even in these extraordinary times, with its focus on manufacturing vaccines and getting shots into arms, new research in the Cost of a Data Breach Report shows that the increasing cost of security breaches makes preventing and responding to these threats a critical concern. […] | Data Breach | ||
 |
2021-07-28 04:01:02 | Enterprise data breach cost reached record high during COVID-19 pandemic (lien direct) | IBM research estimates that the average data breach now costs upward of $4 million. | Data Breach | ||
|
2021-07-27 16:06:32 | UC San Diego Health discloses data breach after phishing attack (lien direct) | UC San Diego Health, the academic health system of the University of California, San Diego, has disclosed a data breach after the compromise of some employees' email accounts. [...] | Data Breach | ||
|
2021-07-27 12:56:20 | The XDR Advantage: Eliminate Dwell Time and Gain Visibility (lien direct) |
The average cost of a data breach in 2020 was $3.86 million, according to IBM. It was even more expensive for certain entities. Indeed, that cost rose to $8.64 million when attackers succeeded in breaching an organization located in the United States. It was the same story in the healthcare industry, with the cost of data breaches climbing to $7.13 million for affected entities.
|
Data Breach | ||
 |
2021-07-26 09:56:06 | Announcing the Veracode Security Labs FREE Trial (lien direct) | We're excited to announce a new free trial option of Veracode Security Labs that allows new users to try the full Enterprise Edition for 14 days. Why is this hands-on training solution so critical? Developers are the backbone of the software that powers our world today, but when they lack security skills, it's harder for them to keep up with the rapid pace of modern software development while still producing secure code. Veracode Security Labs helps close these skill gaps by giving developers that inimitable hands-on experience, and now with this two-week trial, you'll have plenty of time to try out these hands-on-keyboard labs with your developers and see just how effective it is in real-time. “Veracode Security Labs engages and actively teaches developers by giving them a containerized space to work with real code and demonstrates how to avoid flaws that have led to some of the headline-making vulnerabilities of the last few years,” says Ian McLeod, Chief Product Officer at Veracode. “With this approach, in as little as five to 10 minutes, developers can learn new skills and deliver secure code on time.” Developer training with tools like Security Labs is critical as vulnerabilities in code are easily weaponized-and they're not going away anytime soon. Verizon's 2021 Data Breach Investigations Report (DBIR) showed that web applications make up 39 percent of all breaches today. And with the recent cybersecurity executive order from the United States government, it's more important than ever that organizations pay attention to the security of their code. Data from a survey by the Enterprise Strategy Group (ESG) shows that a sizeable 53 percent of organizations provide security training to their developers less than once a year. With the responsibility falling on the shoulders of software engineers to keep up with the latest threats and secure coding skills on their own time, Veracode Security Labs can help check those critical training boxes. Training for teams large and small Veracode Security labs Enterprise Edition is great for engineering teams that need hundreds of short labs on a wider range of topics, with included features like a leaderboard and reporting. The Veracode Security Labs Community Edition is a complimentary version with select topics for individual developers who want to start learning on their own. The most inexpensive bug to fix is the one that never gets created. Veracode Security Labs helps developers shift critical security knowledge “left,” or sooner in the software development lifecycle (SDLC) so that their code is checked early and often. In doing so, they're able to leverage those critical nuggets of security knowledge into each step of the development process. Over time, the code developers produce is more secure with fewer flaws and potential exploits, with DevSecOps principles sticking with developers from project to project. That means your team can: Grow essential skills that will help them patch real-world vulnerabilities while coding Maintain an understanding of what cyber attackers like to exploit, and how they go about doing so Quickly apply remediation guidance to the popular programming languages they use most Improve their security knowledge overall while gaining more confidence in their coding skills With features like assignments, progress reports, LinkedIn certification badges, and a leaderboard, the platform fosters healthy competition that encourages developers to level-up alongside their peers. Veracode Security Labs helps satisfy compliance requirements, too, enabling development and security teams to meet ongoing security training requirements and adjust course as industry needs change. If you're ready to get started, sign up for your free two-week trial of Veracode Security Labs here. | Data Breach Guideline | ||
|
2021-07-23 15:50:53 | What Will Cybersecurity Look Like Over the Next Five Years? (lien direct) | As a result of the Covid-19 pandemic, organizations in all industries ramped up their digital transformation efforts to make online operations easier for their employees and customers. But with more and more organizations online, the digital attack surface is growing at a record pace. The more applications with vulnerable code, the more opportunities for a cyberattack. In fact, our research found that 76 percent of applications have at least one security vulnerability. So how will this shape the future of cybersecurity, and software security? There are three key technology trends that we believe will impact cybersecurity, and software security, the most over the next several years. The first trend is ubiquitous connectivity. Think about how quickly the world – and everyone and everything in it – is becoming interconnected. Did you ever think you'd see a day where you can search the Internet from your refrigerator or turn on your television with a simple voice command? By the end of 2019, there were already 7.6 billion active IoT devices – and this number is expected to climb to 24.1 billion by 2030. And on top of the growing number of IoT devices, businesses are increasingly shifting their applications to the cloud. But IoT devices and cloud-connected software bring increased risk. According to the Verizon 2021 Data Breach Investigations Report (DBIR), web applications were the source of over 39 percent of breaches, which is double the amount in 2019. Executive vice president and CEO of Verizon Business, Tami Erwin, cites the pandemic and the sudden shift to the cloud as the cause of increased web application risk. Additionally, wireless and 5G add to the connectivity. Think of the number of people with smartphones checking their emails or shopping online without a firewall. These interfaces rely on APIs. But without the right security, APIs are a prime target for cybercriminals. These trends point to an increased focus on API security, zero-trust models, and a shared responsibility model where organizations focus on application security, while the cloud provider focuses on infrastructure and physical security. The second trend to keep an eye on is abstraction and componentization. Think about how fast companies release new software or technology. It feels like every time you turn around Apple has a new software update. But the speed of software deployments is no longer shocking … it's expected. Companies need to release software rapidly in order to be competitive. To move faster, many development teams are turning not only to the cloud but to microservices. With microservices, development teams can break down comprehensive applications into the smallest possible reusable blocks of logic in order to stitch them together into business processes or workflows. APIs are used to integrate the components, which drives an API-first development approach. In fact, in SmartBear's 2019 State of API Survey, 75 percent of respondents answered that adoption of microservice architecture will drive the biggest growth in API adoption in the next two years. Open source libraries are also used as a way to speed up development. In fact, our State of Software Security report found that 97 percent of the typical Java application is made up of open source libraries. And 46.6 percent of insecure open source libraries in applications are transitive, meaning the library is pulled in indirectly by another library in use. This means that the attack surface doesn't just include the open source libraries that your developer added, it also includes indirect libraries that your open source code is pulling. Going forward, we envision a trusted third-party review authority that manages all public APIs and third-party code in order to make software publishers accountable for independent audits. There's an awareness component here as well. Developers need to be aware of the risk in both the libraries they are pulling in directly and the transitive dependencies of those libraries. Finally, automation will play a big role. For inst | Data Breach Threat | ||
|
2021-07-23 13:59:38 | Over 80 US Municipalities\' Sensitive Information, Including Resident\'s Personal Data, Left Vulnerable in Massive Data Breach (lien direct) | WizCase's team of ethical hackers, led by Ata Hakçıl, has found a major breach exposing a number of US cities, all of them using the same web service provider aimed at municipalities. Original post at https://www.wizcase.com/blog/us-municipality-breach-report/ This breach compromised citizens' physical addresses, phone numbers, IDs, tax documents, and more. Due to the large number and various types […] | Data Breach | ||
 |
2021-07-21 19:36:08 | Your Work Email Address is Your Work\'s Email Address (lien direct) | When the Ashley Madison data breach occurred in 2015, it made headline news around the world. Not just infosec headlines or tech headlines, but the headlines of major consumer media the likes my mum and dad would read. What was deemed especially newsworthy was the presence of email addresses in | Data Breach | ||
|
2021-07-20 14:30:00 | How Data Discovery and Zero Trust Can Help Defend Against a Data Breach (lien direct) | As more companies start to use the cloud, the threat of a data breach and the rules and fines that go with it has only grown. Therefore, companies and agencies need to anticipate and adapt to their changing data and IT landscape. For that, a zero trust approach to data security and privacy might be […] | Data Breach Threat | ||
|
2021-07-19 08:02:33 | Saudi Aramco data breach sees 1 TB stolen data for sale (lien direct) | Attackers have stolen 1 TB of proprietary data belonging to Saudi Aramco and are offering it for sale on the darknet. The Saudi Arabian Oil Company, better known as Saudi Aramco, is one of the largest public petroleum and natural gas companies in the world. The sales price, albeit negotiable, is set at $5 million. [...] | Data Breach | ||
|
2021-07-18 11:22:44 | Ransomware hits law firm counseling Fortune 500, Global 500 companies (lien direct) | Campbell Conroy & O'Neil, P.C. (Campbell), a US law firm counseling dozens of Fortune 500 and Global 500 companies, has disclosed a data breach following a February 2021 ransomware attack. [...] | Ransomware Data Breach | ||
|
2021-07-18 10:16:32 | Comparis customers targeted by scammers after ransomware attack (lien direct) | Leading Swiss price comparison platform Comparis has notified customers of a data breach following a ransomware attack that hit and took down its entire network last week. [...] | Ransomware Data Breach Guideline | ||
|
2021-07-13 07:04:18 | (Déjà vu) American retailer Guess discloses data breach after ransomware attack (lien direct) | American clothing brand and retailer Guess discloses a data breach after the February ransomware attack and is notifying the affected customers. In February, American fashion brand Guess was hit by a ransomware attack, now the company is disclosing a data breach and is notifying affected customers. The attack was likely carried out by the DarkSide ransomware gang […] | Ransomware Data Breach | ||
|
2021-07-13 04:03:27 | Fashion Retailer Guess Notifies Users of Data Breach (lien direct) | Fashion retailer Guess last week confirmed that the personal data of some customers was compromised in a ransomware attack it suffered in February 2021. | Ransomware Data Breach | ||
|
2021-07-12 12:33:40 | Fashion retailer Guess discloses data breach after ransomware attack (lien direct) | American fashion brand and retailer Guess is notifying affected customers of a data breach following a February ransomware attack that led to data theft. [...] | Ransomware Data Breach | ||
 |
2021-07-12 10:20:27 | Spreadshop hacked. T-shirt lovers warned of “considerably vicious” data breach (lien direct) | Clients of Spreadshirt, Spreadshop, and TeamShirts have been warned of a data breach which has seen the details of customers, partners, and employees fall into the lap of cybercriminals. | Data Breach | ||
|
2021-07-11 05:21:09 | (Déjà vu) Hackers accessed Mint Mobile subscribers\' data and ported some numbers (lien direct) | Mint Mobile discloses a data breach, an unauthorized attacker gained access to subscribers’ account information and ported phone numbers. Mint Mobile is an American telecommunications company which sells mobile phone services and operates as an MVNO on T-Mobile's cellular network in the United States. BleepingComputer reported that Mint Mobile has disclosed a data breach that […] | Data Breach | ||
|
2021-07-10 13:18:17 | Mint Mobile hit by a data breach after numbers ported, data accessed (lien direct) | Mint Mobile has disclosed a data breach after an unauthorized person gained access to subscribers' account information and ported phone numbers to another carrier. [...] | Data Breach | ||
|
2021-07-09 14:10:50 | Insurance firm CNA discloses data breach after March ransomware attack (lien direct) | Insurance giant CNA notifies customers of a data breach after the Phoenix CryptoLocker ransomware attack suffered in March. US insurance giant CNA is notifying customers of a data breach after the ransomware attack that it suffered in March. The insurance firm paid a $40 ransom to restore access to its files following the ransomware attack. […] | Ransomware Data Breach | ||
|
2021-07-09 07:29:40 | Insurance giant CNA reports data breach after ransomware attack (lien direct) | CNA Financial Corporation, a leading US-based insurance company, is notifying customers of a data breach following a Phoenix CryptoLocker ransomware attack that hit its systems in March. [...] | Ransomware Data Breach Guideline | ||
 |
2021-07-08 23:16:18 | Morgan Stanley discloses data breach that resulted from Accellion FTA hacks (lien direct) | Financial services firm says data was stolen by exploiting flaws discovered in December. | Data Breach | ||
|
2021-07-08 19:30:40 | Morgan Stanley discloses data breach after the hack of a third-party vendor (lien direct) | The American multinational investment bank and financial services firm Morgan Stanley discloses a data breach caused by the hack of an Accellion FTA server of a third-party vendor. Investment banking firm Morgan Stanley has disclosed a data breach after threat actors have compromised the Accellion FTA server of the third-party vendor Guidehouse. The company has offices in more than […] | Data Breach Hack Threat |
To see everything:
Our RSS (filtrered)
