What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-09-19 13:45:54 | Yahoo data breach settlement means affected users may get $100 (lien direct) | If you had a Yahoo account between January 1, 2012 and December 31, 2016, you may be entitled to a bit of money. | Data Breach | Yahoo | |
 |
2019-09-18 16:15:52 | Malindo Air has confirmed passenger data breach. (lien direct) | KUALA LUMPUR: Malaysia’s Malindo Air, a subsidiary of Indonesia’s Lion Group, said on Wednesday (Sep 18) it was investigating a data breach involving the personal details of its passengers. Malindo Air’s statement followed a report by Moscow-based cybersecurity firm Kaspersky Lab that the details of around 30 million passengers of Malindo and fellow Lion Group subsidiary […] | Data Breach | ||
 |
2019-09-18 07:11:00 | IT Firm Manager Arrested in the Biggest Data Breach Case of Ecuador\'s History (lien direct) | Ecuador officials have arrested the general manager of IT consulting firm Novaestrat after the personal details of almost the entire population of the Republic of Ecuador left exposed online in what seems to be the most significant data breach in the country's history.
Personal records of more than 20 million adults and children, both dead and alive, were found publicly exposed on an unsecured |
Data Breach | ||
 |
2019-09-17 16:11:39 | Arrest made in Ecuador\'s massive data breach (lien direct) | Ecuador police arrest director of data analytics firm that leaked the personal records of most of Ecuador's population. | Data Breach | ||
|
2019-09-17 11:10:24 | Financial asset firm PCI ordered to pay $1.5 million for poor cybersecurity practices (lien direct) | Phillip Capital Inc. has been penalized for a data breach and failing to disclose the incident to clients quickly. | Data Breach | ||
 |
2019-09-17 01:02:42 | Security Firm: Data Breach Exposes Millions of Ecuadorians (lien direct) | Millions of Ecuadorians are at risk of identity theft because a security breach exposed a trove of data including names, phone numbers and birth dates, a cyber security firm said Monday. | Data Breach | ||
 |
2019-09-16 13:00:00 | Hacker prevention: tips to reduce your attack surface (lien direct) |
These days it seems that every time you open your favorite news source there is another data breach related headline. Victimized companies of all sizes, cities, counties, and even government agencies have all been the subject of the “headline of shame” over the past several months or years. With all this publicity and the increasing awareness of the general public about how data breaches can impact their personal privacy and financial wellbeing, it is no surprise that there is a lot of interest in preventing hacking. The trouble is that there is no way to prevent others from attempting to hack into any target they chose. Since there is a practically limitless number of targets to choose from, the attacker need only be lucky or skilled enough to succeed once. In addition, the risk of successful prosecution of perpetrators remains low. However, while you can’t prevent hacking, you can help to reduce your attack surface to make your organization less likely to be the subject of attacks.
At this point, lets differentiate between opportunistic attacks and targeted attacks. Opportunistic attacks are largely automated, low-complexity exploits against known vulnerable conditions and configurations. Ever wonder why a small business with a small geographic footprint and almost no online presence gets compromised? Chances are good they just had the right combination of issues that an automated attack bot was looking to exploit. These kinds of events can potentially end a small to medium business as a going concern while costing the attacker practically nothing.
Targeted attacks are a different story all together. These attacks are generally low, slow and persistent; targeting your organizations technical footprint as well as your employees, partners and supply chain. While targeted attacks may utilize some of the same exploitable conditions that opportunistic attacks use, they tend to be less automated in nature so as to avoid possible detection for as long as possible. In addition, they may involve a more frequent use of previously unknown exploit vectors (“zero day’s”) to reach their goals or abuse trusted connections with third parties to gain access to your organization. Ultimately it doesn’t matter which of these kinds of attacks results in a breach event, but it is important to think of both when aligning your people, processes and technology for maximum effect to mitigate that risk.
There have been many articles written regarding best practices for minimizing the risk of a cyber-security incident. Rather than recount a list of commonly cited controls, I would like to approach the topic from a slightly different perspective and focus on the top six technical controls that I feel are likely to help mitigate the most risk, provided that all the “table stakes” items are in place (i.e. you have a firewall, etc.).
Patch and Update Constantly: Ultimately the most hacker-resistant environment is the one that is best administered. Organizations are short cutting system and network administration activities through budget / staff reductions and lack of training. This practice often forces prioritization and choice about what tasks get done sooner, later or at all. Over time this creates a large, persistent baseline of low to medium risk issues in the environment that can contribute to a wildfire event under the right conditions. Lack |
Data Breach Malware Hack | ||
|
2019-09-16 04:57:16 | How Cloud-Based Automation Can Keep Business Operations Secure (lien direct) | The massive data breach at Capital One – America's seventh-largest bank, according to revenue – has challenged many common assumptions about cloud computing for the first time.
Ironically, the incident, which exposed some 106 million Capital One customers' accounts, has only reinforced the belief that the cloud remains the safest way to store sensitive data.
"You have to compare [the cloud] |
Data Breach | ||
 |
2019-09-12 10:45:02 | 5 Things You Can Do After a Data Breach to Help Mitigate Cost (lien direct) | >Reading Time: 5 minutes The cost of a data breach is rising, and a carefully planned and regularly rehearsed response can go a long way toward saving your company money in the wake of a security incident. | Data Breach | ||
 |
2019-09-12 08:00:22 | How to Foil the 6 Stages of a Network Intrusion (lien direct) | The cost of a breach is on the rise. A recent report from IBM revealed that the average cost of a data breach had risen 12 percent over the past five years to $3.92 million per incident on average. Additionally, this publication uncovered that data breaches originating from malicious digital attacks were both the most […]… Read More | Data Breach | ||
|
2019-09-12 03:00:42 | (Déjà vu) What to Do If You Receive a Legitimate \'Unusual Account Activity\' Notice (lien direct) | Sadly, it's all too common for consumers to receive notices of “unusual account activity” these days. Yes, service providers might send out these letters after learning of a data breach that affected a large portion of their customer base. But sprawling security incidents aren't the only motivation here for issuing these types of notifications. Indeed, […]… Read More | Data Breach | ||
|
2019-09-12 03:00:04 | What to Do If You Receive a Legitimate “Unusual Account Activity” Notice (lien direct) | Sadly, it's all too common for consumers to receive notices of “unusual account activity” these days. Yes, service providers might send out these letters after learning of a data breach that affected a large portion of their customer base. But sprawling security incidents aren't the only motivation here for issuing these types of notifications. Indeed, […]… Read More | Data Breach | ||
 |
2019-09-10 14:14:03 | CirclCI Data Breach Exposed Customer GitHub And Bitbucket Logins (lien direct) | According to this link, https://www.scmagazineuk.com/circlci-data-breach-exposed-customer-github-bitbucket-logins/article/1595997, CircleCI has informed its clients that a third-party analytics vendor suffered an incident exposing login information for their GitHub and Bitbucket accounts. The information compromised included usernames and email addresses associated with GitHub and Bitbucket and IP addresses and user agent strings Additionally, organisation name, repository URLs and names, branch names, … The ISBuzz Post: This Post CirclCI Data Breach Exposed Customer GitHub And Bitbucket Logins | Data Breach | ||
|
2019-09-09 19:06:05 | More than 99% of attacks in the past year relied on human error to gain access (lien direct) | Experiencing a data breach purely from being internet-connected is quite rare. Hackers rely on users to open or install a malicious payload, according to Proofpoint. | Data Breach | ||
|
2019-09-05 13:15:03 | Over 328,000 Users Hit By Foxit Data Breach (lien direct) | It has been reported that PDF solutions provider Foxit has informed customers that it had recently detected unauthorised access to data associated with its “My Account” service. The company told SecurityWeek that the incident impacted 328,549 users. The compromised data includes names, email addresses, passwords, phone numbers, company names, and IP addresses, but payment information was not exposed. The ISBuzz Post: This Post Over 328,000 Users Hit By Foxit Data Breach | Data Breach | ||
|
2019-09-05 13:10:04 | Multicloud Deployments Are Twice As Likely To Fall Victim To Security Breaches (lien direct) | A new report has found that 52% of multicloud environments have suffered a breach within the past year, compared with 24% of hybrid cloud users. More than half of firms running multicloud environments have been hit with a data breach in the past year, compared with 24% of hybrid cloud organisations and 24% of single-cloud users. Great article on … The ISBuzz Post: This Post Multicloud Deployments Are Twice As Likely To Fall Victim To Security Breaches | Data Breach | ||
|
2019-09-05 13:00:00 | DK-Lok data breach exposes global enterprise client data, internal emails (lien direct) | Requests to plug the leaking database were read and trashed - information ironically revealed through the exposed system. | Data Breach | ||
|
2019-09-04 13:00:00 | Yves Rocher Third Party Data Breach Exposes Millions Of Customer Records (lien direct) | Cosmetics giant Yves Rocher is warning that a major data leak exposed the personal data of millions of its customers and sensitive internal company information to the public. The data exposure stems from a database left unprotected by a third-party consultant to the firm. Researchers with vpnMentor on Monday said that they discovered an unprotected Elasticsearch … The ISBuzz Post: This Post Yves Rocher Third Party Data Breach Exposes Millions Of Customer Records | Data Breach | ||
|
2019-09-04 12:49:03 | (Déjà vu) Exposed Data From Mastercard Loyalty Scheme Breach Now Online (lien direct) | It has been reported that a database containing sensitive information of about 90,000 German Mastercard “Priceless Specials” loyalty program members shared online following a breach discovered on August 20 was added to data breach site Have I Been Pwned on September 1. MasterCard has notified German and Belgium regulators of a data breach affecting customers of its ‘Priceless … The ISBuzz Post: This Post Exposed Data From Mastercard Loyalty Scheme Breach Now Online | Data Breach | ||
|
2019-09-04 12:39:02 | (Déjà vu) Cracked Passwords For Millions Of Poshmark Accounts Being Sold Online (lien direct) | Dehashed login details for customers of Poshmark, an online marketplace for buying and selling used clothes and accessories, have been circulating online following the data breach a few months ago. At the beginning of the year, Poshmark announced that it had 40 million community members. According to data breach platform Have I Been Pwned, login details … The ISBuzz Post: This Post Cracked Passwords For Millions Of Poshmark Accounts Being Sold Online | Data Breach | ||
|
2019-09-04 10:06:04 | Customer personal information exposed on flight booking side, Option Way. (lien direct) | A data breach at flight booking site Option Way exposed personal details on passengers and their flight and travel plans. Researchers at vpnMentor led by Noam Rotem and Ran Locar were “able to access over 100 GB of data, a massive amount of customers' unencrypted Personally Identifiable Information (PII),” including names, birth dates, gender email addresses, […] | Data Breach | ||
|
2019-09-04 10:05:04 | (Déjà vu) 562,000 users emails and passwords have been exposed due to the XKCD Forum breach. (lien direct) | The forums of the XKCD webcomic created by Randall Munroe in 2005 are currently offline after being impacted by a data breach which exposed the information of 561,991 users on July 1. The compromised user information including usernames, emails, and IP addresses, as well as hashed and salted passwords stored in MD5 phpBB3 format, was added to Have […] | Data Breach | ||
|
2019-09-04 04:50:03 | Over 328,000 Users Hit by Foxit Data Breach (lien direct) | PDF solutions provider Foxit last week informed customers that it had recently detected unauthorized access to data associated with its “My Account” service. | Data Breach | ||
 |
2019-09-03 19:47:04 | XKCD forum data breach impacted 562,000 subscribers (lien direct) | The popular webcomic platform XKCD has suffered a data breach that exposed data of its forum users, the incident impacted 562,000 subscribers. XKCD is one of the most popular webcomic platform created by the American author Randall Munroe in 2005, it is a webcomic of romance, sarcasm, math, and language. XKCD has suffered a data […] | Data Breach | ||
|
2019-09-03 14:24:03 | 562,000 Impacted in XKCD Forum Data Breach (lien direct) | The XKCD forum has been taken offline after suffering a data breach that impacted 562,000 subscribers. The forum is associated with XKCD, a webcomic that American author Randall Munroe created in 2005, and which is described in its tagline as “A webcomic of romance, sarcasm, math, and language.” | Data Breach | ||
 |
2019-09-03 11:53:01 | XKCD Forum Breach Exposes Emails, Passwords of 562,000 Users (lien direct) | The forums of the XKCD webcomic created by Randall Munroe in 2005 are currently offline after being impacted by a data breach which exposed the information of 561,991 users on July 1. [...] | Data Breach | ||
|
2019-09-03 08:31:02 | XKCD Forum Hacked – Over 562,000 Users\' Account Details Leaked (lien direct) | XKCD-one of the most popular webcomic platforms known for its geeky tech humor and other science-laden comic strips on romance, sarcasm, math, and language-has suffered a data breach exposing data of its forum users.
The security breach occurred two months ago, according to security researcher Troy Hunt who alerted the company of the incident, with unknown hackers stealing around 562,000 |
Data Breach | ||
|
2019-09-03 05:05:00 | One million cracked Poshmark accounts being sold online (lien direct) | Login details of more than 36 million Poshmark accounts are available for sale in the cybercrime underground. Earlier in August, Poshmark, a social commerce marketplace where people in the United States can buy and sell new or used clothing, shoes, and accessories, disclosed a data breach that took place in May 2018. The company discovered […] | Data Breach | ||
|
2019-09-02 17:06:04 | Data of 90K Mastercard Priceless Specials Members Shared Online (lien direct) | A database containing sensitive information of about 90,000 German Mastercard "Priceless Specials" loyalty program members shared online following a breach discovered on August 20 was added to data breach site Have I Been Pwned on September 1. [...] | Data Breach | ||
|
2019-09-02 16:52:01 | Flight booking platform Option Way exposes customer and internal data (lien direct) | Researchers from vpnMentor security firm have recently discovered a huge data breach in flight booking platform Option Way. Researchers at vpnMentor discovered a huge data breach in flight booking platform Option Way as part of a web-mapping project. Option Way service allows its users to find flight deals to and from destinations around the world. The research […] | Data Breach | ||
|
2019-09-02 12:35:00 | Cracked Passwords for Poshmark Accounts Being Sold Online (lien direct) | Dehashed login details for customers of Poshmark, an online marketplace for buying and selling used clothes and accessories, have been circulating online following the data breach a few months ago. [...] | Data Breach | ||
|
2019-09-02 11:54:01 | Teletext Holidays Data Breach Exposes 212,000 Customer Call Recordings (lien direct) | It has been reported that British travel company Teletext Holidays has suffered a data breach in which some 212,000 customer call audio files were left unprotected on an online server for three years, exposing customer names, email addresses, home addresses, phone numbers and dates of birth. Verdict discovered the files – which have since been removed – on an … The ISBuzz Post: This Post Teletext Holidays Data Breach Exposes 212,000 Customer Call Recordings | Data Breach | ||
|
2019-08-30 17:15:04 | Foxit Software discloses a data breach that exposed user passwords (lien direct) | Foxit Software, the company behind the Foxit PDF reader app, disclosed a data breach that exposed customers’ information, including passwords. Foxit Software, the PDF software provider behind the Foxit PDF reader app disclosed a security breach that took place recently exposing customers’ information. The incident exposed personal identification data of ‘My Account’ service users, third parties […] | Data Breach | ||
|
2019-08-30 11:02:04 | Foxit PDF Software Company Suffers Data Breach-Asks Users to Reset Password (lien direct) | If you have an online account with Foxit Software, you need to reset your account password immediately-as an unknown attacker has compromised your personal data and log-in credentials.
Foxit Software, a company known for its popular lightweight Foxit PDF Reader and PhantomPDF applications being used by over 525 million users, today announced a data breach exposing the personal information of |
Data Breach | ||
|
2019-08-30 10:28:01 | Foxit Software Discloses Data Breach Exposing User Passwords (lien direct) | PDF software provider Foxit Software disclosed today that a recent breach allowed third parties to access personal identification data of 'My Account' service users, including customer and company names, emails, phone numbers, and passwords. [...] | Data Breach | ||
|
2019-08-29 15:27:00 | Going Back To Basics: Data Security After The Capital One Breach (lien direct) | When the news broke that a Capital One data breach had affected approximately 100 million customers in the U.S. and another 6 million in Canada, there was widespread panic among the company's users and much confusion regarding data storage standards. Even amid the arrest of the woman responsible for accessing the data, Capital One customers … The ISBuzz Post: This Post Going Back To Basics: Data Security After The Capital One Breach | Data Breach | ||
|
2019-08-29 14:23:01 | Wisconsin Diagnostic Laboratories Alerts 114,000 Customers Of Data Breach (lien direct) | Wisconsin Diagnostic Laboratories has started to notify 114,985 patients that some of their protected health information (PHI) was compromised in the American Medical Collection Agency's (AMCA) breach from earlier this year. Data affected includes names, dates of birth, dates of service, names of lab or medical service providers, referring physicians' names, balance owed and “other” … The ISBuzz Post: This Post Wisconsin Diagnostic Laboratories Alerts 114,000 Customers Of Data Breach | Data Breach | ||
|
2019-08-29 12:20:05 | Bulgaria\'s DSK Bank Fined $569,930 For A Data Breach That Affected 33,000 Clients (lien direct) | Bulgaria's DSK Bank, a unit of Hungary's OTP Group, has been fined 1 million levs ($569,930) for a data breach that affected over 33,000 clients, as reported by Reuters. The Bulgarian personal data watchdog said the full names, addresses, copies of ID cards as well as bank account numbers and property deed data of 33,492 people … The ISBuzz Post: This Post Bulgaria's DSK Bank Fined $569,930 For A Data Breach That Affected 33,000 Clients | Data Breach | ||
|
2019-08-29 03:00:00 | Insider Threats: Root Causes and Mitigation Practices (lien direct) | The Importance of Insider Threats The recent IBM 2019 Cost of Data Breach survey found that the cost of a data breach had risen 12% over the past 5 years to $3.92 million on average. While 51% of the data breach attacks were attributed to malicious or criminal actors, a stunning 24% of the breaches […]… Read More | Data Breach | ||
|
2019-08-28 12:25:05 | Imperva Data Breach – Experts Dots (lien direct) | Cybersecurity company Imperva has disclosed a data breach associated with customers of its Cloud WAF product, with exposed details including email addresses, hashed and salted passwords, API keys and customer-provided SSL certificates. Imperva data Breach: WAF customers' data exposed – Security Affairs via CyberNews for iOS https://t.co/si1LyIGSHz — CyberNews iOS App (@CyberNewsApp) August 27, 2019 The ISBuzz Post: This Post Imperva Data Breach – Experts Dots | Data Breach | ||
|
2019-08-27 23:12:02 | Imperva data Breach: WAF customers\' data exposed (lien direct) | Security firm Imperva revealed it has suffered a data breach that affecting some customers of its Cloud Web Application Firewall (WAF) product. Cybersecurity firm Imperva disclosed a data breach that has exposed sensitive information for some customers of its Cloud Web Application Firewall (WAF) product, formerly known as Incapsula. Incapsula, is a CDN service designed […] | Data Breach | ||
 |
2019-08-27 16:52:05 | Cybersecurity Firm Imperva Discloses Breach (lien direct) | Imperva, a leading provider of Internet firewall services that help Web sites block malicious cyberattacks, alerted customers on Tuesday that a recent data breach exposed email addresses, scrambled passwords, API keys and SSL certificates for a subset of its firewall users. Redwood Shores, Calif.-based Imperva sells firewall technology designed to detect and block various types of malicious Web traffic, from denial-of-service attacks to digital probes aimed at undermining the security of Web-based software applications. | Data Breach Guideline | ||
|
2019-08-27 11:36:03 | Imperva Breach Exposes WAF Customers\' Data, Including SSL Certs, API Keys (lien direct) | Imperva, one of the leading cybersecurity startups that helps businesses protect critical data and applications from cyberattacks, has suffered a data breach that has exposed sensitive information for some of its customers, the company revealed today.
The security breach particularly affects customers of Imperva's Cloud Web Application Firewall (WAF) product, formerly known as Incapsula, a |
Data Breach Guideline | ||
|
2019-08-26 19:47:05 | Massachusetts Hospital Notifies 10K Patients Of Data Breach (lien direct) | Boston-based Massachusetts General Hospital has begun notifying 10,000 patients that their personal health information may have been exposed in a data breach, according to the Boston Globe. An unauthorized third party gained access to two computer programs used by researchers in the hospital's neurology department in June. Massachusetts General Hospital took immediate steps to secure … The ISBuzz Post: This Post Massachusetts Hospital Notifies 10K Patients Of Data Breach | Data Breach | ||
|
2019-08-26 04:41:05 | Hostinger Suffers Data Breach – Resets Password For 14 Million Users (lien direct) | Popular web hosting provider Hostinger has been hit by a massive data breach, as a result of which the company has reset passwords for all customers as a precautionary measure.
In a blog post published on Sunday, Hostinger revealed that "an unauthorized third party" breached one of its servers and gained access to "hashed passwords and other non-financial data" associated with its millions of |
Data Breach | ||
|
2019-08-26 03:00:04 | IBM Study Shows Data Breach Costs on the Rise (lien direct) | For the 14th consecutive year, IBM Security released its annual Data Breach Report that examines the financial impact of data breaches on organizations. According to the report, the cost of a data breach has risen 12% over the past 5 years to $3.92 million per incident on average. These rising expenses are representative of the […]… Read More | Data Breach | ||
|
2019-08-25 22:58:03 | Hostinger disclosed a data breach that affects 14 Million customers (lien direct) | The popular Hosting provider Hostinger disclosed a recent security breach that allowed unauthorized access to a client database. Hostinger, one of the biggest hosting providers, disclosed a recent security breach that allowed attackers to access a client database. The security breach took place on August 23 and may have impacted up to 14 million Hostinger […] | Data Breach | ||
|
2019-08-25 16:00:01 | (Déjà vu) Hostinger Data Breach Affects Almost 14 Million Customers (lien direct) | Hosting provider Hostinger today announced that it reset the login passwords of 14 million of its customers following a recent security breach that enabled unauthorized access to a client database. [...] | Data Breach | ||
|
2019-08-24 06:56:01 | Mastercard data breach affected Priceless Specials loyalty program (lien direct) | Mastercard disclosed a data breach that impacted customer data from the company’s Priceless Specials loyalty program. The American multinational financial services corporation notified the data breach to the German and Belgian Data Protection Authorities. The data leaked online includes customers’ names, payment card numbers, email addresses, home addresses, phone numbers, gender, and dates of birth. “The Belgian Data […] | Data Breach | ||
|
2019-08-23 12:42:04 | Mastercard Reports Data Breach to German and Belgian DPAs (lien direct) | Mastercard disclosed a data breach to the German and Belgian Data Protection Authorities (DPA) involving customer data from the company's Priceless Specials loyalty program. [...] | Data Breach |
To see everything:
Our RSS (filtrered)
