What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-12-22 10:39:00 | Ubisoft Reveals Player Data Breach Came from User Error (lien direct) | IT misconfiguration enabled attackers to access network | Data Breach | ||
|
2021-12-21 19:42:00 | Desjardins Proposes $155M Data Breach Settlement (lien direct) | Canadian financial company endeavors to settle class-action suit over long-running data breach | Data Breach | ||
 |
2021-12-20 08:16:00 | Five fundamental tips for getting executive buy-in on AppSec (lien direct) | The need for effective cybersecurity programs has never been more apparent. By October of 2021, the number of data breaches leapfrogged the total from 2020 by 17%, and 2021 saw the highest average data breach cost in 17 years ($4.24 million, in fact). Yet, for... Read more | Data Breach | ||
|
2021-12-16 20:43:00 | New Jersey Cancer Care Providers Settle Data Breach Claim (lien direct) | Healthcare providers accused of two security breaches in one year agree to $425K settlement | Data Breach | ||
 |
2021-12-15 20:16:53 | FBI\'s investigation accidentally revealed the HelloKitty ransomware gang operates out of Ukraine (lien direct) | While investigating a data breach suffered by a healthcare organization, FBI accidentally revealed that it believes that the HelloKitty ransomware gang operates out of Ukraine. The investigation conducted by FBI on a recent data breach suffered by an Oregon healthcare organization lead to the accidental revelation that the FBI believes that the HelloKitty ransomware gang […] | Ransomware Data Breach Guideline | ||
 |
2021-12-13 14:09:38 | Socially Engineering Your Way to Customer Data (lien direct) |
US telecommunications company Cox Communications has disclosed a data breach that exposed some customers' information, BleepingComputer reports. The company said in a breach notification letter that an attacker was able to gain access to some customer accounts after using social engineering tactics to impersonate a Cox employee. |
Data Breach | ||
 |
2021-12-09 08:58:50 | Cox discloses data breach after hacker impersonates support agent (lien direct) | Cox Communications has disclosed a data breach after a hacker impersonated a support agent to gain access to customers' personal information. [...] | Data Breach | ||
|
2021-12-09 07:47:15 | Fujitsu pins Japanese govt data breach on stolen ProjectWEB accounts (lien direct) | Fujitsu says the attackers behind the May data breach used a vulnerability in the company's ProjectWEB information-sharing tool to steal accounts from legitimate users and access proprietary data belonging to multiple Japanese government agencies. [...] | Data Breach Tool Vulnerability | ||
|
2021-12-07 15:53:12 | Victims: After a Data Breach, Changing Passwords and Good Password Hygiene Remain Unimportant (lien direct) |
New shocking data shows how unconcerned victim users are after being notified of a data breach involving their credentials, personal information, and even social media accounts. |
Data Breach | ||
|
2021-12-03 19:07:00 | UK Government Fined Over Honors List Data Breach (lien direct) | Exposing honorees' addresses lands Cabinet Office with £500K ($661K) penalty | Data Breach | ||
 |
2021-12-03 14:47:43 | UK Government fined £500,000 after revealing home addresses in New Year honours data breach (lien direct) | The Information Commissioner’s Office (ICO), the UK’s data watchdog, has fined the Government £500,000 after the addresses of over 1,000 New Years Honours recipients were mistakenly published online. The data breach occurred at 10:30pm on Friday 27 December 2019, when the personal details of more 1,097 celebrities, government employees, politicians, and officials who had received … Continue reading "UK Government fined £500,000 after revealing home addresses in New Year honours data breach" | Data Breach | ||
|
2021-12-03 10:26:13 | Man charged with Ubiquiti data breach and extortion was employee assigned to investigate hack (lien direct) | A former employee of Ubiquiti Networks has been arrested and charged in connection with a hack that stole gigabytes of data and attempted to extort US $2 million from the firm. Read more in my article on the Hot for Security blog. | Data Breach Hack | ||
 |
2021-12-02 11:57:05 | Data Hacked for 400,000 Planned Parenthood LA Patients (lien direct) | The Los Angeles branch of Planned Parenthood was hit by a data breach involving about 400,000 patients, but there is no indication that the information was used “for fraudulent purposes,” the group said. | Data Breach | ||
|
2021-12-01 20:18:12 | Planned Parenthood LA discloses data breach after ransomware attack (lien direct) | Planned Parenthood Los Angeles has disclosed a data breach after suffering a ransomware attack in October that exposed the personal information of approximately 400,000 patients. [...] | Ransomware Data Breach | ||
 |
2021-12-01 14:00:00 | How to Cut Down on Data Breach Stress and Fatigue (lien direct) | If you’re tired of hearing the words ‘data breach’, you’re not alone. It’s looking like 2021 might end up becoming the year with the most ransomware attacks on record. In August, SonicWall reported that the global ransomware attack volume had increased 151% during the first six months of the year compared to H1 2020. The […] | Ransomware Data Breach | ||
 |
2021-11-30 23:00:00 | Lessons Learned From GoDaddy\'s 2021 Data Breach (lien direct) |
The American internet domain registrar and web hosting company GoDaddy recently made the news for the latest 2021 security breach. |
Data Breach | ★★★★★ | |
 |
2021-11-30 17:56:03 | Panasonic\'s Data Breach Leaves Open Questions (lien direct) | Cyberattackers had unfettered access to the technology giant's file server for four months. | Data Breach | ||
|
2021-11-30 16:51:25 | (Déjà vu) 2.1 Million People Affected by Breach at DNA Testing Company (lien direct) | Ohio-based DNA testing company DNA Diagnostics Center (DDC) this week disclosed a data breach affecting 2.1 million people. | Data Breach | ||
|
2021-11-30 08:26:13 | DNA testing firm discloses data breach affecting 2.1 million people (lien direct) | DNA Diagnostics Center (DDC), an Ohio-based DNA testing company, has disclosed a hacking incident that affects 2,102,436 persons. [...] | Data Breach | ||
 |
2021-11-30 01:36:45 | Panasonic Suffers Data Breach After Hackers Hack Into Its Network (lien direct) | Japanese consumer electronics giant Panasonic has disclosed a security breach wherein an unauthorized third-party broke into its network and potentially accessed data from one of its file servers. "As the result of an internal investigation, it was determined that some data on a file server had been accessed during the intrusion," the company said in a short statement published on November 26. | Data Breach Hack | ||
|
2021-11-29 17:00:49 | Marine Services Provider Swire Pacific Offshore Discloses Data Breach (lien direct) | Singapore-based marine services provider Swire Pacific Offshore (SPO) disclosed a cybersecurity incident that resulted in the loss of commercial and personal data. In an announcement published over the U.S. Thanksgiving holiday weekend, the company revealed that a third-party was able to access some of its systems without authorization. | Data Breach | ||
|
2021-11-29 15:36:37 | Panasonic Investigating Data Breach (lien direct) | Panasonic last week disclosed a network breach that resulted in a file server reportedly storing potentially sensitive information getting accessed. | Data Breach | ||
|
2021-11-29 14:00:00 | What the SEC Requires From Businesses After a Data Breach (lien direct) | Consumers have become wary of data breaches and the decreased safety of their personal information. However, the cost of a data breach is no longer only a matter of money and your company’s good name. There is now a third critical reason to pay attention: the U.S. Securities and Exchange Commission — more commonly referred […] | Data Breach | ||
|
2021-11-29 13:17:41 | Biopharmaceutical firm Supernus Pharmaceuticals hit by Hive ransomware during an ongoing acquisition (lien direct) | Biopharmaceutical company Supernus Pharmaceuticals discloses a ransomware attack, the Hive ransomware claims to have stolen company data. Biopharmaceutical company Supernus Pharmaceuticals confirmed it was the victim of a data breach after a ransomware attack that hit the firm last in Mid-November. The Company states that the security breach did not impact its operations, it notified […] | Ransomware Data Breach | ||
|
2021-11-29 09:40:21 | Panasonic discloses data breach after network hack (lien direct) | Japanese multinational conglomerate Panasonic disclosed a security breach after unknown threat actors gained access to servers on its network this month. [...] | Data Breach Hack Threat | ||
|
2021-11-25 15:01:27 | (Déjà vu) Several GoDaddy brands impacted in recent data breach (lien direct) | Recently disclosed data breach impacted several of its brands, including Domain Factory, Heart Internet, Host Europe, Media Temple, tsoHost and 123Reg. Recently GoDaddy has disclosed a data breach that impacted up to 1.2 million of its customers, threat actors breached the company's Managed WordPress hosting environment. Threat actors compromised the company network since at least […] | Data Breach Threat | ||
|
2021-11-24 13:03:49 | GoDaddy Says Several Brands Hit by Recent WordPress Hosting Breach (lien direct) | Domain registrar and web hosting giant GoDaddy says the recently disclosed data breach impacts several of its brands, including 123Reg, Domain Factory, Heart Internet, Host Europe, Media Temple and tsoHost. | Data Breach | ||
|
2021-11-24 10:47:05 | GoDaddy data breach hits WordPress hosting services resellers (lien direct) | GoDaddy says the recently disclosed data breach affecting roughly 1.2 million customers has also hit multiple Managed WordPress services resellers. [...] | Data Breach | ||
|
2021-11-22 23:39:14 | GoDaddy Data Breach Exposes Over 1 Million WordPress Customers\' Data (lien direct) | Web hosting giant GoDaddy on Monday disclosed a data breach that resulted in the unauthorized access of data belonging to a total of 1.2 million active and inactive customers, making it the third security incident to come to light since 2018. In a filing with the U.S. Securities and Exchange Commission (SEC), the world's largest domain registrar said that a malicious third-party managed to gain | Data Breach | ||
|
2021-11-22 20:49:37 | New GoDaddy data breach impacted 1.2 million customers (lien direct) | GoDaddy suffered a data breach that impacted up to 1.2 million of its managed WordPress customer accounts. GoDaddy discloses a data breach that impacted up to 1.2 million of its customers, threat actors breached the company’s Managed WordPress hosting environment. Threat actors compromised the company network since at least September 6, 2021, but the security […] | Data Breach Threat | ||
|
2021-11-22 17:26:00 | GoDaddy Announces Data Breach (lien direct) | Web-hosting company says unauthorized third party accessed email addresses of WordPress customers | Data Breach | ||
|
2021-11-22 14:56:25 | Utah Imaging Associates data breach impacts 583,643 patients (lien direct) | Utah-based radiology medical center Utah Imaging Associates discloses a data breach that impacted 583,643 former and current patients. Utah Imaging Associates (UIA) discloses a security breach, on September 4, 2021 the company claims to have detected and blocked a cyber attack. The healthcare provider promptly secured its infrastructure with the help of a specialized third-party […] | Data Breach | ||
|
2021-11-22 14:00:00 | The Cost of a Data Breach Goes Beyond the Bottom Line (lien direct) | How do you measure the cost of a company data breach? You could try asking those that have been attacked. The IBM Security Cost of a Data Breach Report 2021 did just that, and the numbers reveal some hard truths. For example, ransomware attacks cost an average of $4.62 million. These costs included escalation, notification, […] | Ransomware Data Breach | ||
|
2021-11-22 13:02:19 | Utah Medical Group Discloses Data Breach Affecting Over 580,000 Patients (lien direct) | Farmington, Utah-based radiology medical center Utah Imaging Associates has started informing former and current patients that their information might have been compromised in a data breach. As part of the incident, which was identified on September 4, 2021, unknown threat actors accessed files that contained sensitive personal information related to patients. | Data Breach Threat | ||
|
2021-11-22 11:43:08 | GoDaddy hack causes data breach affecting 1.2 million customers (lien direct) | GoDaddy said in a data breach notification published today that the data of up to 1.2 million of its customers was exposed after hackers gained access to the company's Managed WordPress hosting environment. [...] | Data Breach Hack | ||
 |
2021-11-22 10:30:27 | What to do if you receive a data breach notice (lien direct) | Receiving a breach notification doesn't mean you're doomed – here's what you should consider doing in the hours and days after learning that your personal data has been exposed | Data Breach | ||
|
2021-11-21 15:01:49 | Researchers were able to access the payment portal of the Conti gang (lien direct) | The Conti ransomware group has suffered a data breach that exposed its attack infrastructure and allowed researcher to access it. Researchers at security firm Prodaft were able to identify the real IP address of one of the servers used by the Conti ransomware group and access the console for more than a month. The exposed […] | Ransomware Data Breach | ★★★★ | |
|
2021-11-19 20:14:34 | California Pizza Kitchen discloses a data breach (lien direct) | American pizza chain California Pizza Kitchen (CPK) suffered a data breach that might have exposed personal information of its employees. American pizza chain California Pizza Kitchen (CPK) suffered a data breach, the company has already notified employees whose personal information might have been exposed. According to a data breach notification sent to the impacted employees, […] | Data Breach | ||
|
2021-11-19 13:44:45 | California Pizza Kitchen Says Employee Data Stolen in Breach (lien direct) | American pizza chain California Pizza Kitchen (CPK) is notifying employees of a data breach that might have resulted in some of their personal information being accessed by hackers. | Data Breach | ||
|
2021-11-19 13:31:28 | California Pizza Kitchen Serves Up Employee SSNs in Data Breach (lien direct) | A hefty slice of data – that of 100K+ current and former employees – was spilled in an “external system breach,” the pizza chain said. | Data Breach | ||
|
2021-11-19 10:35:08 | Utah medical center hit by data breach affecting 582k patients (lien direct) | Utah Imaging Associates (UIA), a Utah-based radiology center, has announced a data breach affecting 582,170 people after their personal information was exposed. [...] | Data Breach | ||
|
2021-11-19 00:53:26 | A Simple 5-Step Framework to Minimize the Risk of a Data Breach (lien direct) | Today's businesses run on data. They collect it from customers at every interaction, and they use it to improve efficiency, increase their agility, and provide higher levels of service. But it's becoming painfully obvious that all of that data businesses collect has also made them an enticing target for cybercriminals. With each passing day, the evidence of that grows. In the last few months, | Data Breach | ||
 |
2021-11-16 17:34:00 | Anomali Cyber Watch: REvil Affiliates Arrested, Electronics Retail Giant Hit By Ransomware, Robinhood Breach, Zero Day In Palo Alto Security Appliance and More (lien direct) | The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: APT, Data breach, Data leak, Malspam, Phishing, and Vulnerabilities. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity.
Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
Targeted Attack Campaign Against ManageEngine ADSelfService Plus Delivers Godzilla Webshells, NGLite Trojan and KdcSponge Stealer
(published: November 8, 2021)
US Cybersecurity and Infrastructure Security Agency (CISA) has released an alert about advanced persistent threat (APT) actors exploiting vulnerability in self-service password management and single sign-on solution known as ManageEngine ADSelfService Plus. PaloAlto, Microsoft & Lumen Technologies did a joint effort to track, analyse and mitigate this threat. The attack deployed a webshell and created a registry key for persistence. The actor leveraged leased infrastructure in the US to scan hundreds of organizations and compromised at least nine global organizations across technology, defense, healthcare and education industries.
Analyst Comment: This actor has used some unique techniques in these attacks including: a blockchain based legitimate remote control application, and credential stealing tool which hooks specific functions from the LSASS process. It’s important to make sure your EDR solution is configured to and supports detecting such advanced techniques in order to detect such attacks.
MITRE ATT&CK: [MITRE ATT&CK] OS Credential Dumping - T1003 | [MITRE ATT&CK] Ingress Tool Transfer - T1105 | [MITRE ATT&CK] Scripting - T1064 | [MITRE ATT&CK] Valid Accounts - T1078 | [MITRE ATT&CK] Application Layer Protocol - T1071 | [MITRE ATT&CK] Credentials in Files - T1081 | [MITRE ATT&CK] Brute Force - T1110 | [MITRE ATT&CK] Data Staged - T1074 | [MITRE ATT&CK] External Remote Services - T1133 | [MITRE ATT&CK] Hooking - T1179 | [MITRE ATT&CK] Registry Run Keys / Startup Folder - T1060 | [MITRE ATT&CK] Pass the Hash - T1075
Tags: Threat Group 3390, APT27, TG-3390, Emissary Panda, WildFire, NGLite backdoor, Cobalt Strike, Godzilla, PwDump, beacon, ChinaChopper, CVE-2021-40539, Healthcare, Military, North America, China
REvil Affiliates Arrested; DOJ Seizes $6.1M in Ransom
(published: November 9, 2021)
A 22 year old Ukranian national named Yaroslav Vasinskyi, has been charged with conducting ransomware attacks by the U.S Department of Justice (DOJ). These attacks include t |
Ransomware Data Breach Malware Tool Vulnerability Threat Medical | APT 38 APT 27 APT 1 | |
|
2021-11-15 10:52:48 | 7 million Robinhood user email addresses for sale on hacker forum (lien direct) | The data for approximately 7 million Robinhood customers stolen in a recent data breach are being sold on a popular hacking forum and marketplace. [...] | Data Breach | ||
|
2021-11-13 00:06:33 | Retail giant Costco discloses data breach, payment card data exposed (lien direct) | Costco Wholesale Corporation discloses a data breach, threat actors had access to customers’ payment card information. Retail giant Costco Wholesale Corporation notified its customers of a data breach that might have exposed their payment card information. Data was allegedly exposed while customers were shopping at one of its stores. Costco discovered the security breach after […] | Data Breach Threat | ||
|
2021-11-12 15:33:09 | HPE Says Customer Data Compromised in Aruba Data Breach (lien direct) | Hewlett Packard Enterprise (HPE) has confirmed that a small amount of customer data was compromised in a data breach involving its subsidiary Aruba Networks. | Data Breach | ||
|
2021-11-12 10:11:45 | Costco discloses data breach after finding credit card skimmer (lien direct) | Costco Wholesale Corporation has warned customers in notification letters sent this month that their payment card information might have been stolen while recently shopping at one of its stores. [...] | Data Breach | ||
|
2021-11-10 16:00:00 | Anomali Cyber Watch: GitLab Vulnerability Exploited In The Wild, Mekotio Banking Trojan Returns, Microsoft Exchange Vulnerabilities Exploited Again and More (lien direct) | The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: Babuk, Braktooth, Linux, Gamaredon, Magecart and Vulnerabilities. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity.
Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
BrakTooth Bluetooth Bugs Bite: Exploit Code, PoC Released
(published: November 5, 2021)
A proof-of-concept (PoC) tool to test for the recently revealed BrakTooth flaws in Bluetooth devices, and the researchers who discovered them have released both the test kit and full exploit code for the bugs. On Thursday, CISA urged manufacturers, vendors and developers to patch or employ workarounds. On Monday, the University of Singapore researchers updated their table of affected devices, after the chipset vendors Airoha, Mediatek and Samsung reported that some of their devices are vulnerable.
Analyst Comment: Users are urged to patch or employ workarounds as soon as possible.
Tags: Bluetooth, BrakTooth, Exploit, Vulnerability
CVE-2021-43267: Remote Linux Kernel Heap Overflow | TIPC Module Allows Arbitrary Code Execution
(published: November 4, 2021)
Researchers at SentinelOne have identified a vulnerability in the TIPC Module, part of the Linux Kernel. The Transparent Inter-Process Communication (TIPC) module is a protocol that is used for cluster-wide operation and is packaged as part of most major Linux distributions. The vulnerability, designated as “CVE-2021-43267”, is a heap overflow vulnerability that could be exploited to execute code within the kernel.
Analyst Comment: TIPC users should ensure their Linux kernel version is not between 5.10-rc1 and 5.15.
Tags: Linux, TIPC, Vulnerabiltity
Ukraine Links Members Of Gamaredon Hacker Group To Russian FSB
(published: November 4, 2021)
The Ukrainian Secret Service claims to have identified five members of the threat group, Gamaredon. The group, who Ukraine are claiming to be operated by the Russian Federal Security Service (FSB), are believed to be behind over 5,000 attacks against Ukraine. These attacks usually consist of malicious documents and using a template injection vulnerability, the group has targeted government, public and private entities.
Analyst Comment: Users should be careful that a file is sent via a known and trusted sender, that individual should be contacted to verify the authenticity of the attachment prior to opening. Thus, any such file attachment sent by unknown senders should be viewed with the utmost scrutiny, and the attachments should be avoided and properly reported to appropriate personnel. Users should be careful when viewing documents that ask for macros to be enabled.
MITRE ATT&CK: [MITRE ATT&CK] User Execution - T1204
Tags: Gamaredon, Malicious Documents, Russia, Ukraine, Template Injection
|
Ransomware Data Breach Malware Tool Vulnerability Threat | ||
 |
2021-11-09 23:32:54 | Protecting Yourself in the Wake of the Robinhood Data Breach (lien direct) | 
The Robinhood trading platform recently disclosed a data breach that exposed the information of millions of its customers. News of the attack was released on Monday, November 8th along with word the...
|
Data Breach | ||
|
2021-11-09 21:40:55 | Robinhood data breach exposes 7 Million users\' information (lien direct) | Robinhood disclosed a security breach, an unidentified threat actor gained unauthorized access to approximately 7 million customer records. Robinhood Markets, Inc. is an American commission-free stock trading and investing platform, it had 18 million accounts as of March 2021, with over $80 billion in assets. The company disclosed a data breach, a threat actor gained […] | Data Breach Threat |
To see everything:
Our RSS (filtrered)
