What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-02-21 13:43:16 | (Déjà vu) SlickWraps Data Breach Exposes Financial and Customer Info (lien direct) | A security researcher has stated that they have allegedly hacked SlickWraps and after receiving no response to emails, publicly disclosed how they gained access to the site and the data that was exposed. [...] | Data Breach | ||
 |
2020-02-21 13:32:28 | Expert Analsysis Of US Defense Agency Says Personal Data \'Compromised\' In 2019 Data Breach (lien direct) | A U.S. defense agency charged with providing information technology and communications support to the U.S. government, including the president and other senior officials, says its network may have been compromised “in a data breach” on a system hosted by the Defense Information Systems Agency (DISA). It's believed Social Security numbers and other sensitive personal data … The ISBuzz Post: This Post Expert Analsysis Of US Defense Agency Says Personal Data ‘Compromised’ In 2019 Data Breach | Data Breach | ||
|
2020-02-21 12:53:33 | Expert Comments On Over 30 Data Breach Incidents in Health Care Reported So Far In 2020, Affecting Over 1 Million Individuals (lien direct) | In response to reports indicating that 30 over 30 data breach incidents in health care have been reported to HHS so far in 2020, affecting over 1 million individuals, an expert offers perspective. The ISBuzz Post: This Post Expert Comments On Over 30 Data Breach Incidents in Health Care Reported So Far In 2020, Affecting Over 1 Million Individuals | Data Breach | ||
 |
2020-02-21 12:30:25 | U.S. Department of Defense Disclosed Data Breach at DISA (lien direct) | The U.S. Department of Defense (DoD) warned that a data breach at the Defense Information Systems Agency (DISA) might have compromised some individuals’ personal information. In a photograph of a letter obtained by Reuters, DISA CIO and Risk Management Executive Roger S. Greenwell warned recipients that a data breach might have compromised their personal details […]… Read More | Data Breach | ||
 |
2020-02-21 00:00:05 | DOD DISA discloses data breach (lien direct) | The Defense Information Systems Agency (DISA) handles IT and telecommunications support for the White House and military troops. | Data Breach | ||
 |
2020-02-20 20:59:48 | Data breach hits agency overseeing White House communications (lien direct) | The personal data of about 200,000 people is exposed in a cyber-attack. | Data Breach | ||
 |
2020-02-20 15:52:03 | MGM Resorts data breach exposes details of 10.6 million guests (lien direct) | A number of celebrities, government officials and tech CEOs were also caught up in the incident | Data Breach | ||
 |
2020-02-19 16:12:00 | BrandPost: How to Maximize Resources in Your Cybersecurity Workforce (lien direct) | There's no denying that skilled people will always be an integral part of cybersecurity operations. After all, every cybersecurity threat requires a conversation around it, intelligent intervention, and thorough analysis to combat future issues.Yet without the right resources at their fingertips, even the most knowledgeable cybersecurity workforce is set up to fail. Consider this in the context of a misconfiguration in the cloud-one of the top cloud security threats. If this issue is buried beneath a pile of other threats and alerts or SecOps need days or maybe even weeks to identify the root of the problem, cyber attackers have more room to make their way in the perimeter and exfiltrate sensitive data. (This year's Capital One data breach is a prime example.) | Data Breach Threat | ||
 |
2020-02-19 15:10:15 | Insider data breach survey finds directors most likely to break company policy (lien direct) | Report suggests IT leaders think breaches are inevitable and don't have adequate risk management in place. | Data Breach Guideline | ||
 |
2020-02-17 10:25:51 | Second Likud Party app voter data leak (lien direct) | A second and more serious data breach has been uncovered in the Elector firm's election software that Likud has been using in its Knesset campaign, as reported by the Calcalist business daily on Sunday. Both hacking incidents, which occurred within a week of one another, involved the leak of the entire registry of Israeli voters […] | Data Breach | ||
 |
2020-02-11 18:05:38 | Personal Data Of All 6.5 Million Israeli Voters Exposed (lien direct) | A security breach in an election app exposed the sensitive personal information of nearly 6.5 million Israelis to hackers, according to Israeli media reports. News of the data breach comes just three weeks before the country's national election on March 2. The security flaw was found on the mobile-based application, Elector designed by the Israeli […] | Data Breach | ||
 |
2020-02-11 15:52:00 | China denies it was behind the Equifax hack, as four men charged for data breach (lien direct) | China has denied that it was behind the hack of Equifax in 2017, which saw the personal data of hundreds of millions of individuals stolen – including the names, birth dates and social security numbers for nearly half of all American citizens. Read more in my article on the Hot for Security blog. | Data Breach Hack | Equifax | |
|
2020-02-11 12:29:03 | Expert On Facebook Was Repeatedly Warned Of Security Flaw That Led To Biggest Data Breach In Its History (lien direct) | The Telegraph is reporting Facebook knew about a huge security flaw that let hackers to steal personal data from millions of its users almost one year before the crime, yet failed to fix it in time. Legal documents show that the company was repeatedly warned by its own employees as well as outsiders about a dangerous loophole … The ISBuzz Post: This Post Expert On Facebook Was Repeatedly Warned Of Security Flaw That Led To Biggest Data Breach In Its History | Data Breach | ||
|
2020-02-10 12:31:36 | Data Privacy Event Disclosed by Affordable Preschool Provider (lien direct) | A San Diego-based provider of affordable preschool disclosed that a data privacy incident might have affected some customers’ personal information. In a notice of data breach published on February 5, Educational Enrichment Systems, Inc. (EES) announced that it had suffered a security incident involving an employee’s email account: On August 30, 2019, EES became aware […]… Read More | Data Breach | ||
 |
2020-02-10 07:57:01 | U.S. Charges 4 Chinese Military Hackers Over Equifax Data Breach (lien direct) | The United States Department of Justice today announced charges against 4 Chinese military hackers who were allegedly behind the Equifax data breach that exposed the personal and financial data of nearly 150 million Americans.
In a joint press conference held today with the Attorney General William Barr and FBI Deputy Director David Bowdich, the DoJ officials labeled the state-sponsored |
Data Breach | Equifax | |
|
2020-02-06 10:43:25 | (Déjà vu) Personal Information of 654K Medicaid patients exposed in breach (lien direct) | Medicaid coordinated care organization (CCO) Health Share of Oregon today disclosed a data breach exposing the health and personal info of 654,362 individuals following the theft of a laptop owned by its transportation vendor GridWorks IC. The non-profit organization is Oregon’s largest Medicaid CCO and it serves the Oregon Health Plan (Medicaid) members in Clackamas, Multnomah, and Washington […] | Data Breach | ||
|
2020-02-05 16:40:00 | Medicaid CCO Vendor Breach Exposes Health, Personal Info of 654K (lien direct) | Medicaid coordinated care organization (CCO) Health Share of Oregon today disclosed a data breach exposing the health and personal info of 654,362 individuals following the theft of a laptop owned by its transportation vendor GridWorks IC. [...] | Data Breach | ||
|
2020-02-05 10:51:29 | 17,000 yachting industry professionals details exposed in data breach (lien direct) | Crew and Concierge is an international recruitment agency specialising in securing staff for ultra-high-net-worth clients' yachts operating around the world. The server, which was discovered during a Verdict investigation, consisted of over 90,000 files, all of which appeared to relate to individuals on Crew and Concierge's books. It was left exposed on a misconfigured unsecured […] | Data Breach | ||
|
2020-01-31 15:12:56 | How to avoid the mistakes made in the UN data breach (lien direct) | Falling prey to a hacker because it neglected to properly patch its systems, the United Nations also failed to publicly disclose the hack. Here's how your organization can avoid the same mistakes. | Data Breach | ||
|
2020-01-31 10:52:58 | Experts On Data Breach At Indian Airline SpiceJet Affects 1.2 Million Passengers (lien direct) | It has been reported that SpiceJet, one of India's largest privately owned airlines, has acknowledged a data breach involving the details of over a million of its passengers. The database included a rolling month's worth of flight information and details of each commuter, they said, adding that they believe that the database was easily accessible for anyone who knew where to … The ISBuzz Post: This Post Experts On Data Breach At Indian Airline SpiceJet Affects 1.2 Million Passengers | Data Breach | ||
 |
2020-01-31 09:32:12 | Les notifications de violations de données personnelles à la CNIL ont progressé de 25% (lien direct) | D'après le baromètre « Data Breach » Fic-Bessé-PWC, sur la base de données ouvertes de la CNIL, 812 536 personnes étaient concernées par les violations notifiées au premier semestre 20...Lire la suite | Data Breach | ||
 |
2020-01-31 08:47:31 | La première édition du Baromètre Data Breach par PwC et Bessé (lien direct) | La première édition du Baromètre Data Breach, publiée lors du FIC 2020 par PwC et Bessé, constitue à la fois une ressource informationnelle et analytique sur les violations de données en France, et un guide pratique de la gestion du risque. Pour Sandrine Cullaffroz-Jover, Directrice et Avocate chez PwC Société d'Avocats, et Christophe Madec, expert en cybersécurité chez Bessé, la prise de conscience du risque par les entreprises est la pierre angulaire de la maîtrise de l'impact d'une violation de (...) - Business | Data Breach | ||
 |
2020-01-30 13:10:00 | United Nations Data Breach Started with Microsoft SharePoint Bug (lien direct) | A remote code execution flaw enabled a breach of UN offices in Geneva and Vienna, as well as the Office of the High Commissioner for Human Rights. | Data Breach | ||
 |
2020-01-29 20:09:26 | Wawa card breach: 30 million card records for sale in the dark web (lien direct) | New revelations on the Wawa card data breach suggests that the incident might have exposed 30 million customers’ data that are now available online for sale. In December 2019, Wawa convenience store chain disclosed a payment card breach, its security team discovered a PoS malware on its payment processing systems. Wawa operates more than 860 convenience retail stores, this […] | Data Breach | ||
|
2020-01-29 12:04:10 | Payment Cards Exposed in Wawa Breach Offered for Sale on Dark Web (lien direct) | Digital criminals posted customers’ payment card details exposed in the 2019 Wawa data breach for sale on a dark web marketplace. In December 2019, the Joker’s Stash first announced what it called the “BIGBADABOOM-III” breach. Advertisements posted by the dark web marketplace announced that the breach included over 30 million payment card details exposed in […]… Read More | Data Breach | ||
|
2020-01-29 11:53:00 | Episode 2: Three things that keep Biogen CISO Bob Litterer up at night (lien direct) | Bob Litterer, VP and CISO of biotech giant Biogen, isn't a worrier at heart, but there are a few things that keep him up at night. High on that list is the interdependencies in his company's third-party network; a data breach anywhere in that ecosystem could have a devastating ripple effect. Also topping Litterer's list of worries are the exposed underbelly of operational technology and cloud sprawl, which can leave organizations with more exposure than they may realize. | Data Breach | ||
|
2020-01-23 10:43:19 | UPS Store Subject to a Data Breach After Phishing Scam (lien direct) | In a data breach notification letter to customers, The UPS Store has disclosed that an unauthorized party successfully devised a phishing scheme to gain entry into the email accounts of numerous store locations. The breach exposed information contained within documents that customers emailed to stores for printing and related services, the San Diego-based subsidiary of UPS explained […] | Data Breach | ||
|
2020-01-22 13:55:19 | Microsoft data breach exposes 250 million customer service and support records (lien direct) | Red faces at Microsoft after a security researcher discovered an internal customer support database had been left exposed for anyone on the internet to access – no password required. | Data Breach | ||
|
2020-01-21 13:31:57 | US-based children\'s clothing maker Hanna Andersson discloses a data breach (lien direct) | The US-based children’s clothing maker Hanna Andersson has disclosed a data breach that affected its customers. The US-based children’s clothing maker and online retailer Hanna Andersson discloses a data breach, attackers planted an e-skimmer on its e-commerce platform. Like other Magecart attacks, crooks compromised the online store and injected a JavaScript code into checkout pages to […] | Data Breach | ||
|
2020-01-21 12:23:39 | Mitsubishi Electric Confirms Major Data Breach – Expert Commentary (lien direct) | Mitsubishi Electric released a statement today confirming that the company was hit by a data breach dating back to late June last year. It's speculated that the cyberattack is linked to a Chinese cyber-espionage group, Tick (or Bronze Butler), that is well-known for targeting Japan over the past few years. The unauthorized access was tracked … The ISBuzz Post: This Post Mitsubishi Electric Confirms Major Data Breach – Expert Commentary | Data Breach | ||
|
2020-01-21 11:30:42 | Expert On Breach: Regus Sales Staff Data Exposed After Huge Data Breach (lien direct) | Job performance details about more than 900 employees of a major office-space provider have been published online by accident after a staff review. Sales staff at Regus had been recorded showing researchers posing as clients around office space available to rent. Information about the employees was later published on Trello, a task-management website, and a … The ISBuzz Post: This Post Expert On Breach: Regus Sales Staff Data Exposed After Huge Data Breach | Data Breach | ||
|
2020-01-20 12:17:09 | GDPR Regulators Have Imposed $126M in Fines Thus Far, Finds Survey (lien direct) | A new survey found that regulators have thus far imposed $126 million worth of fines for data breaches and other GDPR infringements. According to DLA Piper’s GDPR Data Breach Survey, data protection regulators imposed €114 million (about US$126 million / £97 million) in GDPR-related fines between May 25, 2018 and January 27, 2020. The international […]… Read More | Data Breach | ||
|
2020-01-17 10:05:15 | Law enforcement seized WeLeakInfo.com for selling access to data from data breaches (lien direct) | The FBI has seized the WeLeakInfo.com websites for selling subscriptions to data that were exposed in data breaches. WeLeakInfo.com is a data breach notification service that allows its customers to verify if their credentials been compromised in data breaches. The service was claiming a database of over 12 billion records from over 10,000 data breaches. […] | Data Breach | ||
|
2020-01-16 10:02:01 | Customer account information in P&N Bank data breach (lien direct) | On Wednesday, a security researcher going under the Twitter handle @vrNicknack pinged Troy Hunt, the operator of the Have I Been Pwned? search engine, with a notice he had received from the bank. P&N Bank, a division of Police & Nurses Limited and operating in Western Australia, sent the notice which warned of an “information breach” occurring through its […] | Data Breach | ||
|
2020-01-15 18:00:00 | 2017 Data Breach Will Cost Equifax at Least $1.38 Billion (lien direct) | Company agrees to set aside a minimum of $380.5 million as breach compensation and spend another $1 billion on transforming its information security over the next five years. The 147 million US consumers affected by the breach have one week from today to file a claim. | Data Breach | Equifax | |
|
2020-01-15 15:48:15 | PussyCash adult webcam data breach exposes highly sensitive data of models (lien direct) | You may have been expecting to reveal a lot by signing up as an adult webcam model, but I doubt this is quite what you had in mind. | Data Breach | ★★★★★ | |
|
2020-01-15 15:38:19 | P&N Bank data breach may have impacted 100,000 West Australians (lien direct) | P&N Bank discloses data breach, customer account information, balances exposed The Australian P&N Bank is notifying its customers a data breach that has exposed personally identifiable information (PII) and sensitive account data. P&N Bank, a division of Police & Nurses Limited and operating in Western Australia, suffered a data breach and is reporting the incident […] | Data Breach | ||
 |
2020-01-14 15:29:09 | IT Asset Disposition (ITAD) is the Slow Motion Data Breach Nobody notices (lien direct) | Efforts to wall off sensitive corporate and government data from foreign adversaries have a gaping hole: IT asset disposition (ITAD), where vendors - many owned by Chinese firms - process discarded hardware and data with little oversight. The post IT Asset Disposition (ITAD) is the Slow Motion Data Breach Nobody notices | Data Breach | ||
|
2020-01-14 04:00:28 | Developing a Data Protection Compliance Program – Verizon\'s 9-5-4 Model (lien direct) | In a previous post, I wrote about my key take-aways from Verizon's 2019 Payment Security Report. While it’s no surprise it was full of interesting and useful data, (Verizon's yearly Data Breach Investigation Report (DBIR) has become required reading.) I was delighted to find an excellent guide on the the 9-5-4 model, a means by […]… Read More | Data Breach | ||
 |
2020-01-13 14:00:00 | How to identify phishing emails and what to do (lien direct) |
Note:This blog was written by an independent guest blogger.
Phishing scams remain one of the most widespread cybercrimes. A phishing scam can be as simple as getting someone to click on a link, attachment, or a picture of cute kittens. I recently received a spam email with the message:
“Old friends post embarrassing pictures of Jason Nelson online; click here to see.”
Seeing my name in the body or subject line of an email is alarming. That is why scammers word these emails this way. They want to alarm you, and in your rush to defend yourself, click the link to see the pictures.
Similar to extortion emails that claim to have videos of “compromising” situations or screen recordings of users on adult websites. These emails work on our fear of embarrassment, rejection, or ruin to get us to let down our guard.
Do not click on anything in these emails. Delete, Delete, DELETE.
But, it does beg the question, where do these emails come from, who is sending them? In this article, we will be looking at the phishing phenomenon and what options we have to defend ourselves.
According to a 2018 report from statistics website Statista, at 11.69%, the majority of spam emails originated in China. But before we in the U.S. pat ourselves on the back, the second-largest amount of spam emails came from the United States at 9.04%.
Since 2018, many of these scams demand some form of a cryptocurrency payment. In an October 8, 2019 report, the cybersecurity company Cofense said that phishing scams are changing their tactics and moving from Bitcoin to one of the so-called altcoins like Litecoin or Monero.
So how do these scammers get our emails? One way and most likely is lax security protocols or a data breach at a service or email provider. HaveIbeenPwned is a website that can help you see if your email is on a compromised site.
But there are other ways as well, including email addresses sold to the highest bidder. A way to minimize our risk of phishing scams is to be mindful of and limit the websites we provide our emails. Also, use a password manager to create more complex passwords. BitWarden, 1Password, and Dashlane are good options.
When deciding on an email address, avoid using your name and or some specific data. For example, janedoe1980@email.com - try to avoid using your actual name and actual year of birth or the last four of your social (for U.S. Citizens).
There is no way to be 100% safe online, but at least we can make it that much harder for cybercriminals.
So let’s look at some steps we can take to protect ourselves from phishing and scam emails:
Check the sender address, even if the message seems legitimate, look at the sending address, if it looks odd, it’s probably spam.
Does the email ask you to click on a link or attachment? Again check the sender address and the rest of the email for anything out of the ordinary.
Did you receive the email out of the blue? A long lost relative is trying to send you money? Delete.
Does the email contain several misspelled words? It could be a phishing email.
Does the email contain some threat (embarrassment, prosecution for example) it’s more than likely a phishing scam.
Lastly, if the email appears to be from someone you know or an organization you do business with, call that person (not from a number on the email) and verify they sent the email. Law Enforcement and the IRS are not known for sending threatening |
Data Breach Spam Threat | ||
|
2020-01-10 11:57:25 | Man jailed for using data breach info leaks to claim over $12 million in IRS tax refunds (lien direct) | Information leaked due to data breaches was used to file fraudulent tax returns. | Data Breach | ||
|
2020-01-09 14:37:42 | Las Vegas Data Breach Announced Amid Warnings Of Iranian Cyber Threat (lien direct) | A data breach in Las Vegas comes amid tensions with Iran and a warning from homeland security of quote “potentially disruptive and destructive” Iranian cyber operations. The city released the following statement to News 3: The city of Las Vegas experienced a cyber compromise at 4:30 a.m. PST Tuesday. The city's Information Technologies Department is … The ISBuzz Post: This Post Las Vegas Data Breach Announced Amid Warnings Of Iranian Cyber Threat | Data Breach Threat | ||
|
2020-01-09 13:47:00 | Eliminate the Password, Eliminate the Password Problem. (lien direct) | Weak, stolen or reused passwords are the root of 8 in 10 data breaches. Fixing the data breach problem means abandoning passwords for something more secure. But what does passwordless authentication even look like? Yaser Masoudnia, the Senior Director Product Management, Identity Access Management, at LogMeIn* takes us there. The post Eliminate...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/615424460/0/thesecurityledger -->» | Data Breach | ||
|
2020-01-09 12:04:33 | Travelex customers left in cashless limbo, ICO not formally alerted to data theft claims (lien direct) | The ransomware attack has infuriated stranded customers and the ICO has still not seen an official data breach report. | Ransomware Data Breach | ||
|
2020-01-07 11:15:02 | Expert On News: Crypto Exchange Poloniex Forces Password Reset Following Data Breach (lien direct) | A cryptocurrency exchange has been forced to reset customer passwords after a suspected data leak via social media, although its incident response efforts caused more confusion among some users. US-based exchange Poloniex informed around 1% of its customer base that they had to reset their log-ins, following a tweet claiming to contain a list of … The ISBuzz Post: This Post Expert On News: Crypto Exchange Poloniex Forces Password Reset Following Data Breach | Data Breach | ||
|
2020-01-07 06:28:27 | HappyHotel, popular search engine for love hotels in Japan discloses data breach (lien direct) | HappyHotel, a Japanese search engine used to find and book rooms in “love hotels,” announced to have suffered a security breach in December. HappyHotel is a popular Japanese search engine for “love hotels,” it is used by married couples and unfaithful spouses, it allows users to book rooms in love hotels in Japan. Almex, the […] | Data Breach | ||
|
2020-01-06 09:15:31 | School software provider Active Network discloses data breach (lien direct) | The US-based School management software provider Active Network disclosed a severe security breach last week. Active Network provides web-based school management software for K-12 schools and districts, last week it announced to have suffered a major security breach. The hackers gained access to Blue Bear, a cloud school accounting software customized especially for K-12 schools and […] | Data Breach | ||
|
2020-01-02 10:03:51 | Active Network, A School Software Vendor, Suffers Data Breach (lien direct) | Active Network's Blue Bear Software platform reported that unauthorized activity in its network earlier this year resulted in customer PII being exposed. The company reported the issue to the California Attorney General's office stating it recently became aware that between Oct. 1, 2019 and Nov. 13, 2019 there was illegal activity taking place on its Blue Bear […] | Data Breach | ||
|
2019-12-26 03:00:00 | What is Magecart? How this hacker group steals payment card data (lien direct) | Magecart definition Magecart is a consortium of malicious hacker groups who target online shopping cart systems, usually the Magento system, to steal customer payment card information. This is known as a supply chain attack. The idea behind these attacks is to compromise a third-party piece of software from a VAR or systems integrator or infect an industrial process unbeknownst to IT. [ How much does a data breach cost? Here's where the money goes. | Get the latest from CSO by signing up for our newsletters. ] | Data Breach | ||
|
2019-12-20 15:53:01 | Expert Comment: Gaming Site Nexus Mods Discloses Data Breach (lien direct) | In response to the news that gaming modification site Nexus Mods disclosed a data breach, a cybersecurity expert offers perspective. The ISBuzz Post: This Post Expert Comment: Gaming Site Nexus Mods Discloses Data Breach | Data Breach |
To see everything:
Our RSS (filtrered)
