This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-06-06T17:10:33+00:00 www.secnews.physaphae.fr CyberScoop - scoopnewsgroup.com special Cyber The incident was discovered in July, the company said, and includes a limited number of employees and customers. ]]> 2022-09-20T14:22:58+00:00 https://www.cyberscoop.com/american-airlines-discloses-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=7016448 False Data Breach None None Malwarebytes Labs - MalwarebytesLabs Categories: NewsTags: American Airlines Tags: data breach Tags: phishing Tags: identity theft Major airline American Airlines fell victim to a data breach after a cybercriminal got access to the email accounts of several employees via a phishing attack. (Read more...) ]]> 2022-09-20T14:00:00+00:00 https://www.malwarebytes.com/blog/news/2022/09/american-airlines-suffers-data-breach-after-phishing-incident www.secnews.physaphae.fr/article.php?IdArticle=7025452 False Data Breach None None ComputerWeekly - Computer Magazine 2022-09-20T12:00:00+00:00 https://www.computerweekly.com/news/252525141/Thousands-of-customers-affected-in-Revolut-data-breach www.secnews.physaphae.fr/article.php?IdArticle=7017492 False Data Breach None None Security Affairs - Blog Secu American Airlines disclosed a data breach, threat actors had access to an undisclosed number of employee email accounts. American Airlines recently suffered a data breach, threat actors compromised a limited number of employee email accounts. The intruders had access to sensitive personal information contained in the accounts, but the company’s data breach notification states that it is not aware […] ]]> 2022-09-20T10:52:13+00:00 https://securityaffairs.co/wordpress/135963/data-breach/american-airlines-data-breach.html www.secnews.physaphae.fr/article.php?IdArticle=7013090 False Data Breach,Threat None None IT Security Guru - Blog Sécurité 2022-09-20T10:48:47+00:00 https://www.itsecurityguru.org/2022/09/20/american-airlines-announce-data-breach-exposing-customer-and-staff-information/?utm_source=rss&utm_medium=rss&utm_campaign=american-airlines-announce-data-breach-exposing-customer-and-staff-information www.secnews.physaphae.fr/article.php?IdArticle=7013219 False Data Breach None None Bleeping Computer - Magazine Américain 2022-09-19T17:50:19+00:00 https://www.bleepingcomputer.com/news/security/american-airlines-discloses-data-breach-after-employee-email-compromise/ www.secnews.physaphae.fr/article.php?IdArticle=7006620 False Data Breach None None Naked Security - Blog sophos 2022-09-19T16:59:05+00:00 https://nakedsecurity.sophos.com/2022/09/19/lastpass-source-code-breach-incident-response-report-released/ www.secnews.physaphae.fr/article.php?IdArticle=7003919 False Data Breach LastPass None Security Intelligence - Site de news Américain As John Donne once wrote, “No man is an island entire of itself.” With digitalization bridging any distance, the same logic could be applied to tech. Threat actors have vast underground forums for sharing their intelligence, while security professionals remain tight-lipped in a lot of data breach cases. Much like the way a vaccine can […] ]]> 2022-09-19T13:00:00+00:00 https://securityintelligence.com/posts/3-reasons-technology-integration-matters/ www.secnews.physaphae.fr/article.php?IdArticle=7002599 False Data Breach,Threat None None SecurityWeek - Security News 2022-09-19T10:47:33+00:00 https://www.securityweek.com/lastpass-found-no-code-injection-attempts-following-august-data-breach www.secnews.physaphae.fr/article.php?IdArticle=7001778 False Data Breach LastPass None Bleeping Computer - Magazine Américain 2022-09-19T10:13:55+00:00 https://www.bleepingcomputer.com/news/security/revolut-hack-exposes-data-of-50-000-users-fuels-new-phishing-wave/ www.secnews.physaphae.fr/article.php?IdArticle=7002825 False Data Breach,Hack None None Bleeping Computer - Magazine Américain 2022-09-17T10:12:14+00:00 https://www.bleepingcomputer.com/news/security/new-york-ambulance-service-discloses-data-breach-after-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=6956462 False Ransomware,Data Breach None None Schneier on Security - Chercheur Cryptologue Américain big: The breach appeared to have compromised many of Uber’s internal systems, and a person claiming responsibility for the hack sent images of email, cloud storage and code repositories to cybersecurity researchers and The New York Times. “They pretty much have full access to Uber,” said Sam Curry, a security engineer at Yuga Labs who corresponded with the person who claimed to be responsible for the breach. “This is a total compromise, from what it looks like.” It looks like a pretty basic phishing attack; someone gave the hacker their login credentials. And because Uber has lousy internal security, lots of people have access to everything. So once a hacker gains a foothold, they have access to everything...]]> 2022-09-16T14:07:13+00:00 https://www.schneier.com/blog/archives/2022/09/massive-data-breach-at-uber.html www.secnews.physaphae.fr/article.php?IdArticle=6931477 False Data Breach,Hack Uber,Uber None Bleeping Computer - Magazine Américain 2022-09-16T11:53:37+00:00 https://www.bleepingcomputer.com/news/security/hacker-sells-stolen-starbucks-data-of-219-000-singapore-customers/ www.secnews.physaphae.fr/article.php?IdArticle=6932247 False Data Breach None None SecurityWeek - Security News Uber “responding to a cybersecurity incident” after hacker claims to have breached several systems ]]> 2022-09-16T09:22:19+00:00 https://www.securityweek.com/uber-investigating-data-breach-after-hacker-claims-extensive-compromise www.secnews.physaphae.fr/article.php?IdArticle=6927482 False Data Breach Uber None CSO - CSO Daily Dashboard In a statement on Twitter, Uber wrote “We are currently responding to a cybersecurity incident. We are in touch with law enforcement and will post additional updates here as they become available.” While details from the company are currently sparse, a report by the New York Times on Thursday claimed that a hacker was able to compromise an employee's Slack account and used it to send a message to Uber employees announcing that the company had suffered a data breach.To read this article in full, please click here]]> 2022-09-16T03:46:00+00:00 https://www.csoonline.com/article/3673942/uber-responding-to-cybersecurity-incident-following-reports-of-significant-data-breach.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6927552 False Data Breach Uber,Uber None Malwarebytes Labs - MalwarebytesLabs Categories: BusinessThreat hunting can weed out malware before anything bad like a data breach can happen, but cyber threat hunting is more difficult for SMBs to do than it is for large organizations due to resource constraints. That's where Managed Detection and Response (MDR) can help. (Read more...) ]]> 2022-09-15T10:00:00+00:00 https://www.malwarebytes.com/blog/business/2022/09/cyber-threat-hunting-for-smbs-how-mdr-can-help www.secnews.physaphae.fr/article.php?IdArticle=6918132 False Data Breach,Malware,Threat None None SecurityWeek - Security News 2022-09-13T09:42:44+00:00 https://www.securityweek.com/u-haul-says-customer-data-accessed-using-compromised-credentials www.secnews.physaphae.fr/article.php?IdArticle=6867369 False Data Breach None None Dark Reading - Informationweek Branch 2022-09-12T19:05:42+00:00 https://www.darkreading.com/attacks-breaches/cisco-data-breach-lapsus-ransomware-group www.secnews.physaphae.fr/article.php?IdArticle=6862794 False Ransomware,Data Breach None None Bleeping Computer - Magazine Américain 2022-09-12T16:28:35+00:00 https://www.bleepingcomputer.com/news/security/u-haul-discloses-data-breach-exposing-customer-driver-licenses/ www.secnews.physaphae.fr/article.php?IdArticle=6863156 False Data Breach,Tool None None Wired Threat Level - Security News 2022-09-10T13:00:00+00:00 https://www.wired.com/story/la-school-district-ransomware-albania-iran-security-roundup/ www.secnews.physaphae.fr/article.php?IdArticle=6822620 False Ransomware,Data Breach None None TechRepublic - Security News US The lack of transparency could be cause for concern, but the data that was stolen is not high value. ]]> 2022-09-09T20:04:34+00:00 https://www.techrepublic.com/article/samsung-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=6807732 False Data Breach None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-09-09T19:00:00+00:00 https://thehackernews.com/2022/09/6-top-api-security-risks-favored.html www.secnews.physaphae.fr/article.php?IdArticle=6803427 False Data Breach None None InformationSecurityBuzzNews - Site de News Securite 2022-09-08T14:18:20+00:00 https://informationsecuritybuzz.com/expert-comments/ubers-ex-security-officer-facing-criminal-charges-after-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=6785622 False Data Breach Uber None Security Intelligence - Site de news Américain What happens when attackers breach local government, police departments or public health services? What would happen if attackers compromised the U.S. Treasury’s network? These types of incidents happen every month and lead to service interruptions at the very least. More serious problems could occur, such as leakage of classified data or damage to critical infrastructure. […] ]]> 2022-09-07T10:00:00+00:00 https://securityintelligence.com/articles/cost-data-breach-government-agencies/ www.secnews.physaphae.fr/article.php?IdArticle=6766152 False Data Breach,Guideline None None MitnickSecurity - Former Hacker Services Suffering a data breach can be one of the most financially devastating events to happen to your organization - period. According to CNET, the data breach of T-Mobile in July of 2021 will cost the company $350 million dollars in payouts. ]]> 2022-09-06T21:14:00+00:00 https://www.mitnicksecurity.com/blog/10-reasons-why-your-organization-needs-penetration-testing www.secnews.physaphae.fr/article.php?IdArticle=6755370 False Data Breach None 5.0000000000000000 SecurityWeek - Security News 2022-09-06T06:46:28+00:00 https://www.securityweek.com/samsung-us-says-customer-data-compromised-july-data-breach www.secnews.physaphae.fr/article.php?IdArticle=6750670 False Data Breach None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-09-05T20:29:00+00:00 https://thehackernews.com/2022/09/tiktok-denies-data-breach-reportedly.html www.secnews.physaphae.fr/article.php?IdArticle=6749527 False Data Breach None None Security Affairs - Blog Secu Threat actors published a sample of data allegedly stolen from TikTok, but the company denies it was breached. The hacking collective AgainstTheWest recently published a post on Breach Forums message board claiming to have hacked TikTok and stolen source code and user data. The group published screenshots of an alleged stolen data, it claims to […] ]]> 2022-09-05T18:03:10+00:00 https://securityaffairs.co/wordpress/135333/data-breach/tiktok-data-leak.html www.secnews.physaphae.fr/article.php?IdArticle=6742175 False Data Breach None None InformationSecurityBuzzNews - Site de News Securite 2022-09-05T12:25:30+00:00 https://informationsecuritybuzz.com/expert-comments/tiktok-faces-accusations-of-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=6739782 False Data Breach None None IT Security Guru - Blog Sécurité 2022-09-05T09:50:57+00:00 https://www.itsecurityguru.org/2022/09/05/samsung-breach-sept-2022/?utm_source=rss&utm_medium=rss&utm_campaign=samsung-breach-sept-2022 www.secnews.physaphae.fr/article.php?IdArticle=6738838 False Data Breach None None InfoSecurity Mag - InfoSecurity Magazine 2022-09-05T09:15:00+00:00 https://www.infosecurity-magazine.com/news/samsung-reveals-new-us-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=6738740 False Data Breach None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-09-05T05:04:00+00:00 https://www.csoonline.com/article/3672211/samsung-reports-second-data-breach-in-6-months.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6739846 False Data Breach None None The State of Security - Magazine Américain The biggest cyber security threat that businesses have to tackle is much closer than you'd think. Verizon's 2022 Data Breach Investigations report – found human error to be a key driver in 82% of breaches, which is why it is crucial for businesses to address cyber security awareness in the workplace and ensure that employees […]… Read More ]]> 2022-09-05T03:00:00+00:00 https://www.tripwire.com/state-of-security/security-awareness/workforce-support-companys-security-health/ www.secnews.physaphae.fr/article.php?IdArticle=6735022 False Data Breach,Threat None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-09-03T09:47:00+00:00 https://thehackernews.com/2022/09/samsung-admits-data-breach-that-exposed.html www.secnews.physaphae.fr/article.php?IdArticle=6698104 False Data Breach None 2.0000000000000000 Security Affairs - Blog Secu Electronics giant Samsung has confirmed a new data breach after some of its US systems were compromised in July. After the attack that hit the company in late July 2022, Samsung disclosed a data breach. The Electronics giant discovered on August 4 that threat actors have had access to its systems and exfiltrated customer personal […] ]]> 2022-09-02T22:38:44+00:00 https://securityaffairs.co/wordpress/135241/data-breach/samsung-second-data-breach-2022.html www.secnews.physaphae.fr/article.php?IdArticle=6692821 True Data Breach,Threat None None Bleeping Computer - Magazine Américain 2022-09-02T13:23:29+00:00 https://www.bleepingcomputer.com/news/security/samsung-discloses-data-breach-after-july-hack/ www.secnews.physaphae.fr/article.php?IdArticle=6688270 False Data Breach,Hack None None Sontiq - Ancien CyberScout When a data breach or cyberattack compromises an employee's identity information, the impact on the individual is clear. Recovery takes time, money and often an emotional toll on victims. What might be underestimated is how their employers are affected. Giving employees the tools to protect their identity information in the wake of a breach - […] ]]> 2022-09-01T13:04:51+00:00 https://www.sontiq.com/resources/protecting-public-sector-employees-from-identity-theft/ www.secnews.physaphae.fr/article.php?IdArticle=6664405 False Data Breach None None Bleeping Computer - Magazine Américain 2022-09-01T07:14:28+00:00 https://www.bleepingcomputer.com/news/security/neopets-says-hackers-had-access-to-its-systems-for-18-months/ www.secnews.physaphae.fr/article.php?IdArticle=6664255 False Data Breach None None CSO - CSO Daily Dashboard 2022 Verizon Data Breach Investigation Report (DBIR) found that cloud misconfigurations pose an ongoing threat to organizations. Error, especially misconfigured cloud storage, factored in 13% of data breaches analyzed by Verizon this year.To read this article in full, please click here]]> 2022-09-01T06:14:00+00:00 https://www.csoonline.com/article/3671354/how-to-avoid-cloud-misconfigurations.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6665010 False Data Breach,Threat None None InformationSecurityBuzzNews - Site de News Securite 2022-08-31T14:08:19+00:00 https://informationsecuritybuzz.com/expert-comments/nelnet-data-breach-exposes-millions-of-student-loan-accounts/ www.secnews.physaphae.fr/article.php?IdArticle=6646941 False Data Breach None None AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC $4.35 million as of 2022, a figure that keeps rising over time. Stronger cybersecurity prevents these costly events, improving a company’s bottom line. Cyberattacks are too common to assume you’ll never encounter one, either. These attacks happen every 39 seconds, and more than half of all businesses have experienced some kind of security incident. A company will suffer an attack without reliable cybersecurity, and it will be costly. Consequently, stopping them is a critical part of lowering long-term expenses. Added resilience A more robust cybersecurity strategy will also make a business more resilient. Part of that stems from preventing attacks. Fewer successful hacks mean less disruption, leading to increased uptime and productivity. However, even if a breach does occur, companies will be more likely to survive it with strong cybersecurity. On average, companies employing security AI lose $3.05 million less in data breaches than those without it. Similarly, zero-trust architecture saves $1 million in a hack. These reduced costs ensure businesses recover faster, in some cases avoiding bankruptcy, making them more valuable. Lower risks The reduced chances of a breach and lowered costs translate into fewer risks for investors or potential partners. Many business valuation methods adjust rates based on risk or liability. As a result, the fewer financial threats a company poses to potential buyers or investors, the more valuable it is. Cyber-risks are some of the most important of these factors today, so more valuation methods will look at them to determine business value. That applies to formal valuations from investors, tax officials and other companies looking for potential partners. Given the rising likelihood of third-party breaches, more businesses today will judge whether a partner is worth it by their cyber-risks. Increased customer confidence Robust cybersecurity will also improve a business’s reputation among customers. Between 80%-90% of consumers say they wished there were more companies they could trust with their data, and 84% will switch over data concerns. If businesses don’t have strong security, it could drive customers away, dropping their market value, but better security could have the opposite effect. These trends apply to B2B markets, too. Businesses seeking to improve their own security to attract and retain customers will require stronger cybersecurity from their partners and vendors. Consequently, B2Bs that can promise increased security will be more valuable to potential clients. Cybersecurity is a crucial business value]]> 2022-08-31T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/how-does-robust-cybersecurity-add-value-to-a-business www.secnews.physaphae.fr/article.php?IdArticle=6643523 False Data Breach,Guideline None None Security Affairs - Blog Secu The Russian subscription-based streaming service Start discloses a data breach affecting 7.5 million users. The Russian media streaming platform START disclosed a data breach that impacted 7.5 millions of its users. According to the company, the attackers stole a 2021 database from its infrastructure and also shared a samples online to demonstrate the authenticity of […] ]]> 2022-08-31T08:00:52+00:00 https://securityaffairs.co/wordpress/135069/data-breach/start-data-breach.html www.secnews.physaphae.fr/article.php?IdArticle=6641929 False Data Breach None None Bleeping Computer - Magazine Américain 2022-08-30T16:15:18+00:00 https://www.bleepingcomputer.com/news/security/russian-streaming-platform-confirms-data-breach-affecting-75m-users/ www.secnews.physaphae.fr/article.php?IdArticle=6632197 False Data Breach None None SecurityWeek - Security News 2022-08-30T13:22:35+00:00 https://www.securityweek.com/25-million-impacted-data-breach-nelnet-servicing www.secnews.physaphae.fr/article.php?IdArticle=6626661 False Data Breach None None InformationSecurityBuzzNews - Site de News Securite 2022-08-30T12:30:30+00:00 https://informationsecuritybuzz.com/expert-comments/nato-investigates-security-breach/ www.secnews.physaphae.fr/article.php?IdArticle=6624866 False Data Breach None None InformationSecurityBuzzNews - Site de News Securite 2022-08-29T20:38:02+00:00 https://informationsecuritybuzz.com/articles/what-can-we-learn-from-the-opensea-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=6616017 False Data Breach None None The Last Watchdog - Blog Sécurité de Byron V Acohido Damage caused by ‘business logic’ hacking This is according to Verizon’s latest 2022 Data Breach Investigations Report (DBIR). In … (more…) ]]> 2022-08-29T16:27:31+00:00 https://www.lastwatchdog.com/guest-essay-stolen-logons-brute-force-hacking-get-used-the-most-to-breach-web-email-servers/ www.secnews.physaphae.fr/article.php?IdArticle=6613966 False Data Breach,Guideline None None Malwarebytes Labs - MalwarebytesLabs Categories: NewsTags: twilio Tags: okta Tags: Authy Tags: Signal Tags: Cloudflare Tags: MailChimp Tags: Klaviyo Tags: scatter swine Tags: oktapus Tags: 2fa Tags: otp Even if you don't know a thing about Twilio, you may have been affected by their data breach. (Read more...) ]]> 2022-08-29T11:00:00+00:00 https://www.malwarebytes.com/blog/news/2022/08/twilio-data-breach-turns-out-to-be-more-elaborate-than-suspected www.secnews.physaphae.fr/article.php?IdArticle=6617836 False Data Breach None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-08-29T04:19:00+00:00 https://www.csoonline.com/article/3671333/facebook-agrees-to-settle-class-action-lawsuit-related-to-cambridge-analytica-data-breach.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6612015 False Data Breach None None The State of Security - Magazine Américain The volume and impact of data breaches have accelerated largely in 2022, which has contributed to many adverse effects for businesses. Tc highlights several updated factors that have generated great costs across 17 countries and regions, and 17 industries. The report has included new related areas of analysis such as: Extended Detection and Response (XDR). […]… Read More ]]> 2022-08-28T23:15:00+00:00 https://www.tripwire.com/state-of-security/security-data-protection/key-points-ibm-cost-data-breach-report/ www.secnews.physaphae.fr/article.php?IdArticle=6604121 False Data Breach None None Bleeping Computer - Magazine Américain 2022-08-26T15:30:34+00:00 https://www.bleepingcomputer.com/news/security/doordash-discloses-new-data-breach-tied-to-twilio-hack/ www.secnews.physaphae.fr/article.php?IdArticle=6550442 False Data Breach,Hack None None Bleeping Computer - Magazine Américain 2022-08-26T15:30:34+00:00 https://www.bleepingcomputer.com/news/security/doordash-discloses-new-data-breach-tied-to-twilio-hackers/ www.secnews.physaphae.fr/article.php?IdArticle=6552596 True Data Breach None 4.0000000000000000 SecurityWeek - Security News 2022-08-25T20:05:19+00:00 https://www.securityweek.com/lastpass-says-source-code-stolen-data-breach www.secnews.physaphae.fr/article.php?IdArticle=6526818 False Data Breach LastPass None InformationSecurityBuzzNews - Site de News Securite 2022-08-25T13:11:36+00:00 https://informationsecuritybuzz.com/expert-comments/expert-commentary-on-the-plex-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=6520730 False Data Breach None None The Intercept - Site journalistique Anglais Thanks to its tax status, the Southern Poverty Law Center-designated hate group has largely avoided public scrutiny. ]]> 2022-08-25T11:00:40+00:00 https://theintercept.com/2022/08/25/liberty-counsel-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=6518645 False Data Breach None None Security Affairs - Blog Secu The streaming media platform Plex is urging its users to reset passwords after threat actors gained access to its database. Plex is an American streaming media service and a client–server media player platform. The company disclosed a data breach after threat actors have access to a limited subset of data stored in a compromised database. Exposed data includes emails, usernames, and […] ]]> 2022-08-24T23:12:45+00:00 https://securityaffairs.co/wordpress/134814/data-breach/plex-data-breach.html www.secnews.physaphae.fr/article.php?IdArticle=6509871 False Data Breach,Threat None None Malwarebytes Labs - MalwarebytesLabs Categories: NewsTags: Plex Tags: breach Tags: sign out Tags: change password Tags: Troy Hunt Tags: HaveIBeenPwnd In an email sent to its users, Plex revealed that a cybercriminal accessed a limited subset of customer data, including emails and encrypted passwords. (Read more...) ]]> 2022-08-24T10:30:00+00:00 https://www.malwarebytes.com/blog/news/2022/08/reset-your-password-now-plex-suffers-data-breach www.secnews.physaphae.fr/article.php?IdArticle=6510029 False Data Breach None None Bleeping Computer - Magazine Américain 2022-08-24T07:49:00+00:00 https://www.bleepingcomputer.com/news/security/plex-warns-users-to-reset-passwords-after-a-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=6502893 True Data Breach None None Bleeping Computer - Magazine Américain 2022-08-22T14:16:51+00:00 https://www.bleepingcomputer.com/news/security/misconfigured-meta-pixel-exposed-healthcare-data-of-13m-patients/ www.secnews.physaphae.fr/article.php?IdArticle=6474804 False Data Breach None None SecurityWeek - Security News 2022-08-22T13:46:29+00:00 https://www.securityweek.com/textile-company-sferra-discloses-data-breach www.secnews.physaphae.fr/article.php?IdArticle=6472495 False Data Breach None None Bleeping Computer - Magazine Américain 2022-08-22T11:35:43+00:00 https://www.bleepingcomputer.com/news/security/greek-natural-gas-operator-suffers-ransomware-related-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=6473503 False Data Breach None None Security Intelligence - Site de news Américain The cost of a data breach has reached an all-time high. It averaged $4.35 million in 2022, according to the newly published IBM Cost of a Data Breach Report. What’s more, 83% of organizations have faced more than one data breach, with just 17% saying this was their first data breach.  What can organizations do […] ]]> 2022-08-19T13:00:00+00:00 https://securityintelligence.com/posts/how-edr-security-supports-defenders-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=6414580 False Data Breach None None Security Intelligence - Site de news Américain IBM Security and the Ponemon institute release an annual report known as one the most significant industry benchmarks. The Cost of a Data Breach analysis examines real-world breaches in great detail, producing insights into the factors that impact the cost of cyber-attacks. In the 2022 report just released, the healthcare sector stands out for extremely […] ]]> 2022-08-17T16:02:00+00:00 https://securityintelligence.com/posts/healthcare-data-breaches-costliest/ www.secnews.physaphae.fr/article.php?IdArticle=6376081 False Data Breach None None AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC risk-based approach to cybersecurity is thus ultimately interactive and a dynamic tool to support strategic decision-making. Focused on business value, utilizing a common language among the interested parties, and directly linking enterprise risks to controls, the approach helps translate executive decisions about risk reduction into control implementation. The power of the risk-based approach to optimize risk reduction at any level of investment is enhanced by its flexibility, adjusting to an evolving risk-appetite strategy as needed. A risk-based approach recognizes that there are no perfect security solutions. Still, those that strategically balance security, scalability, access, usability, and cost can ultimately provide the best long-term protection against an evolving adversary. Fundamentally, risk transformation changes security strategy from an outside-in perspective, where external threats and regulations drive strategy, to an ]]> 2022-08-17T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/a-pragmatic-approach-to-risk-management-resilience www.secnews.physaphae.fr/article.php?IdArticle=6370163 False Ransomware,Data Breach,Tool,Vulnerability,Threat,Patching,Guideline None None Krebs on Security - Chercheur Américain 2022-08-16T17:06:00+00:00 https://krebsonsecurity.com/2022/08/when-efforts-to-contain-a-data-breach-backfire/ www.secnews.physaphae.fr/article.php?IdArticle=6356329 False Data Breach,Threat None None CSO - CSO Daily Dashboard data breaches since 2019 suggest that regulators are getting more serious about organizations that don't properly protect consumer data. Marriott was hit with a $124 million fine, later reduced, while Equifax agreed to pay a minimum of $575 million for its 2017 breach. Now, the Equifax fine has been eclipsed by the $1.19 billion fine levied against the Chinese firm Didi Global for violating that nation's data protection laws, and by the $877 million fine against Amazon last year for running afoul of the General Data Protection Regulation (GDPR) in Europe.To read this article in full, please click here]]> 2022-08-16T02:00:00+00:00 https://www.csoonline.com/article/3410278/the-biggest-data-breach-fines-penalties-and-settlements-so-far.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6349701 False Data Breach Equifax,Equifax None Bleeping Computer - Magazine Américain 2022-08-15T17:46:24+00:00 https://www.bleepingcomputer.com/news/security/twilio-hack-exposed-signal-phone-numbers-of-1-900-users/ www.secnews.physaphae.fr/article.php?IdArticle=6345363 False Data Breach,Hack None None We Live Security - Editeur Logiciel Antivirus ESET 2022-08-12T16:25:57+00:00 https://www.welivesecurity.com/videos/data-breach-romance-scams-week-in-security-with-tony-anscombe/ www.secnews.physaphae.fr/article.php?IdArticle=6282399 False Data Breach None None Sontiq - Ancien CyberScout Every data breach differs in terms of the type, amount and sensitivity of the information stolen. BreachIQ™ takes identity protection to the next level by providing hyper-personalized data breach insights and customized action plans based on an individual's unique breach history and risk exposure - providing their own dynamic Identity Safety Score.   ]]> 2022-08-11T16:15:09+00:00 https://www.sontiq.com/resources/video-sontiq-breachiq/ www.secnews.physaphae.fr/article.php?IdArticle=6253008 False Data Breach None None InformationSecurityBuzzNews - Site de News Securite 2022-08-11T11:59:50+00:00 https://informationsecuritybuzz.com/expert-comments/120k-priority-health-members-impacted-by-third-party-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=6248830 False Data Breach None None Security Affairs - Blog Secu Cloudflare revealed that at least 76 employees and their family members were targeted by smishing attacks similar to the one that hit Twilio. The content delivery network and DDoS mitigation company Cloudflare revealed this week that at least 76 employees and their family members received text messages on their personal and work phones. According to […] ]]> 2022-08-10T13:48:54+00:00 https://securityaffairs.co/wordpress/134237/hacking/twilio-hackers-hit-cloudflare-employees.html www.secnews.physaphae.fr/article.php?IdArticle=6230310 False Data Breach None None Security Intelligence - Site de news Américain When it comes to reducing security breach costs, companies with security artificial intelligence (AI) and automation can save millions, per a new report. According to the most recent IBM Cost of a Data Breach Report, organizations with fully deployed security AI and automation save $3.05 million per data breach compared to those without. That’s a 65.2% […] ]]> 2022-08-10T10:00:00+00:00 https://securityintelligence.com/articles/security-automation-save-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=6228712 False Data Breach None None CSO - CSO Daily Dashboard Politico ran a story detailing how the U.S. Department of Justice was investigating a recent data breach of the federal court system, which dated back to early 2020. The chair of the House Judiciary Committee, Jerrold Nadler (D-NY), described the breach as a “system security failure of the U.S. Courts' document management system.”On the same day, July 28, 2022, the U.S. Government Accountability Office (GAO) published the report GAO-22-105068 “U.S. Courts: Action Needed to Improve IT Management and Establish a Chief Information Officer.” The GAO report described systemic shortcomings in the administration of the U.S. court system, including the lack of a CIO, to oversee the substantive infrastructure.To read this article in full, please click here]]> 2022-08-10T02:00:00+00:00 https://www.csoonline.com/article/3669390/u-s-federal-court-breach-reveals-it-and-security-maturation-issues.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6226210 False Data Breach None None IT Security Guru - Blog Sécurité 2022-08-09T10:08:23+00:00 https://www.itsecurityguru.org/2022/08/09/twilio-suffers-phishing-based-data-breach/?utm_source=rss&utm_medium=rss&utm_campaign=twilio-suffers-phishing-based-data-breach www.secnews.physaphae.fr/article.php?IdArticle=6209652 False Data Breach None None IT Security Guru - Blog Sécurité 2022-08-09T09:25:56+00:00 https://www.itsecurityguru.org/2022/08/09/how-to-stay-safe-from-cybercriminals-and-avoid-data-breaches/?utm_source=rss&utm_medium=rss&utm_campaign=how-to-stay-safe-from-cybercriminals-and-avoid-data-breaches www.secnews.physaphae.fr/article.php?IdArticle=6227245 False Data Breach None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-08-09T07:24:25+00:00 https://thehackernews.com/2022/08/twilio-suffers-data-breach-after.html www.secnews.physaphae.fr/article.php?IdArticle=6213568 False Data Breach,Threat None None Malwarebytes Labs - MalwarebytesLabs Categories: PrivacyTwitter has confirmed a data breach on July 2. (Read more...) ]]> 2022-08-09T00:00:00+00:00 https://www.malwarebytes.com/blog/news/2022/08/twitter-confirmed-july-2022-data-breach-affecting-5.4m-users www.secnews.physaphae.fr/article.php?IdArticle=6218976 False Data Breach None None ZD Net - Magazine Info 2022-08-08T21:29:35+00:00 https://www.zdnet.com/article/how-to-find-out-if-you-are-involved-in-a-data-breach-and-what-to-do-next/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=6206148 False Data Breach None None Security Affairs - Blog Secu Communications company Twilio discloses a data breach after threat actors have stolen employee credentials in an SMS phishing attack. Communications company Twilio discloses a data breach, threat actors had access to the data of some of its customers. The attackers accessed company systems using employee credentials obtained through a sophisticated SMS phishing attack. Twilio is […] ]]> 2022-08-08T18:16:46+00:00 https://securityaffairs.co/wordpress/134147/data-breach/twilio-discloses-data-breach.html www.secnews.physaphae.fr/article.php?IdArticle=6204814 True Data Breach,Threat None None Bleeping Computer - Magazine Américain 2022-08-08T14:17:51+00:00 https://www.bleepingcomputer.com/news/security/email-marketing-firm-hacked-to-steal-crypto-focused-mailing-lists/ www.secnews.physaphae.fr/article.php?IdArticle=6204832 False Data Breach,Threat None None Bleeping Computer - Magazine Américain 2022-08-08T10:37:06+00:00 https://www.bleepingcomputer.com/news/security/twilio-discloses-data-breach-after-sms-phishing-attack-on-employees/ www.secnews.physaphae.fr/article.php?IdArticle=6203052 False Data Breach None None Security Affairs - Blog Secu Twitter confirmed that the recent data breach that exposed data of 5.4 million accounts was caused by the exploitation of a zero-day flaw. At the end of July, a threat actor leaked data of 5.4 million Twitter accounts that were obtained by exploiting a now-fixed vulnerability in the popular social media platform. The threat actor offered […] ]]> 2022-08-05T22:08:30+00:00 https://securityaffairs.co/wordpress/134087/data-breach/twitter-zero-day-data-leak.html www.secnews.physaphae.fr/article.php?IdArticle=6150012 False Data Breach,Vulnerability,Threat None None Bleeping Computer - Magazine Américain 2022-08-05T12:00:00+00:00 https://www.bleepingcomputer.com/news/security/twitter-confirms-zero-day-used-to-expose-data-of-54-million-accounts/ www.secnews.physaphae.fr/article.php?IdArticle=6145861 False Data Breach,Vulnerability,Threat None None IT Security Guru - Blog Sécurité 2022-08-03T15:22:35+00:00 https://www.itsecurityguru.org/2022/08/03/apis-attacked-in-94-of-companies-in-past-year/?utm_source=rss&utm_medium=rss&utm_campaign=apis-attacked-in-94-of-companies-in-past-year www.secnews.physaphae.fr/article.php?IdArticle=6108768 False Data Breach None None knowbe4 - cybersecurity services ]]> 2022-08-03T12:50:01+00:00 https://blog.knowbe4.com/new-data-breach-extortion-attack-begins-with-a-fake-duolingo-or-masterclass-subscription-scam www.secnews.physaphae.fr/article.php?IdArticle=6106611 False Data Breach None None TechRepublic - Security News US With the median cost per incident coming in at $130,000, most data breaches do not cross the $1 million threshold. ]]> 2022-08-02T22:30:39+00:00 https://www.techrepublic.com/article/black-kite-cost-of-data-breach-averages-15-million/ www.secnews.physaphae.fr/article.php?IdArticle=6096599 False Data Breach None None Security Intelligence - Site de news Américain Before I started covering cybersecurity, I thought the term ‘breach’ had a single meaning — that an attacker stole data from a computer system. I also thought all the different versions of the word meant the same thing. However, I’ve since learned the nuances and differences between a breach, a data breach and a data […] ]]> 2022-08-01T13:00:00+00:00 https://securityintelligence.com/articles/how-prepare-respond-data-privacy-breach/ www.secnews.physaphae.fr/article.php?IdArticle=6079242 False Data Breach None None IT Security Guru - Blog Sécurité 2022-08-01T10:39:47+00:00 https://www.itsecurityguru.org/2022/08/01/congress-warns-of-us-court-records-data-breach/?utm_source=rss&utm_medium=rss&utm_campaign=congress-warns-of-us-court-records-data-breach www.secnews.physaphae.fr/article.php?IdArticle=6077531 True Data Breach None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-08-01T07:44:00+00:00 https://www.csoonline.com/article/3668655/global-cost-of-data-breach-reaches-record-high-of-435-million-ibm.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6079444 False Data Breach None None CSO - CSO Daily Dashboard CIS Critical Security Controls (CIS Controls) are a prioritized set of actions that mitigate the most common cyber attacks. They translate cyber threat information into action. The CIS Benchmarks are secure configuration recommendations designed to safeguard systems against today's evolving cyber threats. Both CIS best practices provide organizations of all sizes with specific and actionable recommendations to enhance cyber defenses. Both are also mapped to or referenced by a number of industry standards and frameworks like NIST, HIPAA, PCI DSS, and more.To read this article in full, please click here]]> 2022-08-01T05:07:00+00:00 https://www.csoonline.com/article/3668529/solving-the-challenges-of-remediating-configuration-settings.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6078545 False Data Breach,Threat None None Krebs on Security - Chercheur Américain 2022-07-29T19:34:45+00:00 https://krebsonsecurity.com/2022/07/911-proxy-service-implodes-after-disclosing-breach/ www.secnews.physaphae.fr/article.php?IdArticle=6018116 False Data Breach None None Malwarebytes Labs - MalwarebytesLabs 2022-07-29T16:44:16+00:00 https://blog.malwarebytes.com/cybercrime/2022/07/to-settle-with-the-doj-uber-must-confess-to-a-cover-up-and-it-did/ www.secnews.physaphae.fr/article.php?IdArticle=6015494 False Data Breach Uber,Uber None Dark Reading - Informationweek Branch 2022-07-29T15:43:19+00:00 https://www.darkreading.com/cloud/questions-massive-shanghai-police-data-breach www.secnews.physaphae.fr/article.php?IdArticle=6014171 False Data Breach None None SecurityWeek - Security News 2022-07-29T12:02:50+00:00 https://www.securityweek.com/onetouchpoint-discloses-data-breach-impacting-over-30-healthcare-firms www.secnews.physaphae.fr/article.php?IdArticle=6013379 False Data Breach None None SecureMac - Security focused on MAC IBM reports on the cost of a data breach - and it impacts you even if you haven't been involved in one. Plus: The latest iOS 16 beta shows that Apple is listening. ]]> 2022-07-28T16:00:00+00:00 https://www.securemac.com/news/checklist-289-breaches-edits-and-heat www.secnews.physaphae.fr/article.php?IdArticle=5996075 False Data Breach None None Kovrr - cyber risk management platform 2bn] US corporations. By looking at the rate at which data breach events have been reported so far this year, we predict that the number of events reported is expected to be15-20% of the number of breaches reported in 2021‍Possible causes:Increased reporting delays: But the time to report has shown a decreasing trend over the last 4 yearsGenuine improvement in cyber defenses preventing data exfiltration Reduction in reporting requirements, or public disclosure preventionIn this analysis we look at all the reported cyber events which involve data exfiltration (data breach), allocated to the year in which the event started. Comparing the number of events reported at each point during the year then gives us an indication for the rate which can be compared between years.The data and populationThe data collected represents public reports of data breaches from US companies with an annual revenue above $2bn (Excluding public services).The data used includes breach events reported up to end of Q2 2022It is this area where the cyber reporting requirements are highest, there is a high level of data available. It is important to note that this will not be all events which occur, only those disclosed, but by looking for changes in the behavior we can look at the potential causes.Overall Breach CountAs of the end of Q2 2022, we have seen 18 breach reports of events occurring in 2022 compared to the 160 cyber events reported from 2021, and 292 from 2020. While we are only 50% through 2022, the number of events reported so far from the first half is 25% of the 2021 total reported at the same point through 2021. To fully compare 2022 against prior years we need to take into account a number of factors:Events not yet reported: some events have occurred but have not yet been reported either because they have not yet been discovered, or because the have been discovered but not publicly disclosedEvents not yet occurred: events which have yet to occur, in the second half of 2022 (and have not yet been reported)‍‍‍How the year unfoldsTo explore how 2022 is emerging, we can look at the rate at which events are being reported. That is to show not just the total report to date, but how the total number of events reported in a year has emerged from the start of the year. To do this we plot the cumulative number of events reported vs the number of days from the start of each incident year.What we see is an indication of how many incidents have been reported from each year have been reported after the same number of days. A steep curve indicates a greater number of incidents reported per month.** Note that the event counts are lower because we do not have exact disclosure dates for all events.‍‍From the chart we can see that the number of reported cyber incidents after 6 months (180 days) of experience is low for 2022 compared with all other years since 2015. This leads us to believe that 2022 is on track to have a very low number of overall incidents reported.There could be a few explanations for thisReporting Delay: The time taken to report incidents has increased in 2022, and there will be a correction in the later part of the yearCybersecurity Investment: The overall number of incidents reported will be lower due to improvements in security postureRegulatory Action: the overall number of incidents reported will be lower due to changes in how the events are reported (or required to be reported)‍Reporting DelayTo consider if the low reported number of events in 2022 is being driven by an increase in a delay between a cyber event starting and it being reported, we have looked at the trend over the last 10 yearsThe chart below shows the trend over the last 10 years.‍‍‍There has been a steady reduction in median reporting delay from 204 days in 2017 to 63 days ]]> 2022-07-28T00:00:00+00:00 https://www.kovrr.com/reports/2022-seems-to-be-on-target-for-the-lowest-year-of-reported-breaches-by-large-us-corporations www.secnews.physaphae.fr/article.php?IdArticle=8393598 False Data Breach,Prediction,Cloud None 3.0000000000000000 Graham Cluley - Blog Security 2022-07-27T20:12:10+00:00 https://www.bitdefender.com/blog/hotforsecurity/ubers-former-head-of-security-faces-fraud-charges-after-allegedly-covering-up-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=5975515 False Data Breach Uber,Uber None Dark Reading - Informationweek Branch 2022-07-27T17:21:51+00:00 https://www.darkreading.com/risk/most-companies-pass-on-breach-costs-to-customers www.secnews.physaphae.fr/article.php?IdArticle=5972852 False Data Breach None None SecurityWeek - Security News 2022-07-27T14:10:49+00:00 https://www.securityweek.com/ibm-security-cost-data-breach-hitting-all-time-highs www.secnews.physaphae.fr/article.php?IdArticle=5970462 False Data Breach None None InformationSecurityBuzzNews - Site de News Securite 2022-07-27T11:34:53+00:00 https://informationsecuritybuzz.com/expert-comments/twitter-data-breach-from-former-gartner-cybersecurity-analyst/ www.secnews.physaphae.fr/article.php?IdArticle=5968004 False Data Breach None None