This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T10:20:19+00:00 www.secnews.physaphae.fr SecurityWeek - Security News Les informations personnelles de plus de 950 000 personnes ont été compromises dans une attaque de ransomware de combinaison noire contre le jeune conseil.

---

>The personal information of over 950,000 people was compromised in a BlackSuit ransomware attack on Young Consulting. ]]> 2024-08-28T09:22:43+00:00 https://www.securityweek.com/950000-impacted-by-young-consulting-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8565338 False Ransomware,Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain Young Consulting is sending data breach notifications to 954,177 people who had their information exposed in a BlackSuit ransomware attack on April 10, 2024. [...]]]> 2024-08-27T17:01:04+00:00 https://www.bleepingcomputer.com/news/security/blacksuit-ransomware-stole-data-of-950-000-from-software-vendor/ www.secnews.physaphae.fr/article.php?IdArticle=8564931 False Ransomware,Data Breach None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine The Texas Dow Employees Credit Union told the Maine Attorney General the MOVEit data breach compromised information of over 500,000 members]]> 2024-08-27T15:30:00+00:00 https://www.infosecurity-magazine.com/news/moveit-hack-exposed-tdecu-data/ www.secnews.physaphae.fr/article.php?IdArticle=8564785 False Data Breach,Hack None 3.0000000000000000 HackRead - Chercher Cyber TDECU reports a data breach affecting over 500,000 members due to a MOVEit vulnerability. Compromised data includes Social…]]> 2024-08-27T11:37:11+00:00 https://hackread.com/tdecu-data-breach-by-moveit-exploit/ www.secnews.physaphae.fr/article.php?IdArticle=8564656 False Data Breach,Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Park\'N Fly is warning that a data breach exposed the personal and account information of 1 million customers in Canada after hackers breached its network. [...]]]> 2024-08-27T11:24:14+00:00 https://www.bleepingcomputer.com/news/security/parkn-fly-notifies-1-million-customers-of-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8564786 False Data Breach None 3.0000000000000000 TechRepublic - Security News US The finding is linked to a lack of visibility of the business\'s app estate and decentralised security governance.]]> 2024-08-27T07:01:29+00:00 https://www.techrepublic.com/article/appomni-saas-security-report/ www.secnews.physaphae.fr/article.php?IdArticle=8564751 False Data Breach,Studies,Cloud None 4.0000000000000000 Bleeping Computer - Magazine Américain Patelco Credit Union warns customers it suffered a data breach after personal data was stolen in a RansomHub ransomware attack earlier this year. [...]]]> 2024-08-26T15:30:37+00:00 https://www.bleepingcomputer.com/news/security/patelco-notifies-726-000-customers-of-ransomware-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8564267 False Ransomware,Data Breach None 3.0000000000000000 Global Security Mag - Site de news francais rapports spéciaux

---

Companies that Use Security AI and Automation Reported $1.8 Million Lower Average Data Breach Cost in 2024 - Special Reports]]> 2024-08-26T12:56:14+00:00 https://www.globalsecuritymag.fr/companies-that-use-security-ai-and-automation-reported-1-8-million-lower.html www.secnews.physaphae.fr/article.php?IdArticle=8564088 False Data Breach None 3.0000000000000000 SecurityWeek - Security News Les informations personnelles de 500 000 membres des employés du Texas Dow ont été compromis dans le hack Moveit l'année dernière.

---

>The personal information of 500,000 Texas Dow Employees Credit Union members was compromised in the MOVEit hack last year. ]]> 2024-08-26T11:34:29+00:00 https://www.securityweek.com/500k-impacted-by-texas-dow-employees-credit-union-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8564086 False Data Breach,Hack None 2.0000000000000000 SecurityWeek - Security News Patelco Credit Union a confirmé qu'une violation de données ayant un impact sur de nombreuses personnes après que le groupe RansomHub Ransomware a volé certaines bases de données.

---

>Patelco Credit Union has confirmed a data breach impacting many individuals after the RansomHub ransomware group stole some databases.  ]]> 2024-08-26T09:00:08+00:00 https://www.securityweek.com/patelco-credit-union-says-breach-impacts-726k-after-ransomware-gang-auctions-data/ www.secnews.physaphae.fr/article.php?IdArticle=8564000 False Ransomware,Data Breach None 2.0000000000000000 ProofPoint - Cyber Firms 2024-08-23T07:07:37+00:00 https://www.proofpoint.com/us/blog/insider-threat-management/insider-threat-visibility-reduce-risk-gain-efficiency www.secnews.physaphae.fr/article.php?IdArticle=8562684 False Data Breach,Tool,Threat,Cloud None 3.0000000000000000 ProofPoint - Cyber Firms 2024-08-23T07:07:37+00:00 https://www.proofpoint.com/us/blog/insider-threat-management//insider-threat-visibility-reduce-risk-gain-efficiency www.secnews.physaphae.fr/article.php?IdArticle=8562639 False Data Breach,Tool,Threat,Cloud None 3.0000000000000000 SecurityWeek - Security News Des informations personnelles pour environ 39 000 personnes ont été volées en octobre 2023 à l'administrateur de règlement de recours collectif Arden Claims Service.

---

>Personal information for about 39,000 individuals was stolen in October 2023 from class action settlement administrator Arden Claims Service. ]]> 2024-08-21T14:00:08+00:00 https://www.securityweek.com/arden-claims-service-reports-data-breach-139000-affected/ www.secnews.physaphae.fr/article.php?IdArticle=8561458 False Data Breach None 2.0000000000000000 Dark Reading - Informationweek Branch The company has released little information on the breach, but claims it\'s been in contact with the individuals affected.]]> 2024-08-20T19:33:56+00:00 https://www.darkreading.com/cyberattacks-data-breaches/toyota-customer-employee-data-leaks-in-confirmed-data-breach www.secnews.physaphae.fr/article.php?IdArticle=8561179 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain The Cannon Corporation dba CannonDesign is sending notices of a data breach to more than 13,000 of its clients, informing that hackers breached and stole data from its network in an attack in early 2023. [...]]]> 2024-08-20T18:46:58+00:00 https://www.bleepingcomputer.com/news/security/cannondesign-confirms-avos-locker-ransomware-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8561073 False Ransomware,Data Breach None 3.0000000000000000 Security Intelligence - Site de news Américain Les organisations industrielles ont récemment reçu un bulletin de rapport sur leurs performances concernant les coûts de violation de données.Et il y a beaucoup de place à amélioration.Selon le coût IBM 2024 d'un rapport de violation de données (CODB), le coût total moyen d'une violation de données dans le secteur industriel était de 5,56 millions de dollars.Cela reflète une augmentation de 18% pour le [& # 8230;]

---

>Industrial organizations recently received a report card on their performance regarding data breach costs. And there’s plenty of room for improvement. According to the 2024 IBM Cost of a Data Breach (CODB) report, the average total cost of a data breach in the industrial sector was $5.56 million. This reflects an 18% increase for the […] ]]> 2024-08-20T13:00:00+00:00 https://securityintelligence.com/articles/cost-of-a-data-breach-industrial-sector/ www.secnews.physaphae.fr/article.php?IdArticle=8560848 False Data Breach,Studies,Industrial None 4.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Healthcare organization Jewish Home Lifecare has revealed that a 2024 data breach hit over 100,000 customers]]> 2024-08-20T09:00:00+00:00 https://www.infosecurity-magazine.com/news/jewish-home-lifecare-100000/ www.secnews.physaphae.fr/article.php?IdArticle=8560722 False Ransomware,Data Breach,Medical None 3.0000000000000000 Bleeping Computer - Magazine Américain Toyota confirmed that customer data was exposed in a third-party data breach after a threat actor leaked an archive of 240GB of stolen data on a hacking forum. [...]]]> 2024-08-19T16:51:17+00:00 https://www.bleepingcomputer.com/news/security/toyota-confirms-third-party-data-breach-impacting-customers/ www.secnews.physaphae.fr/article.php?IdArticle=8561045 False Data Breach,Threat None 2.0000000000000000 SecurityWeek - Security News Les données comprennent les noms, les dates de naissance, les adresses physiques, les numéros de sécurité sociale, les informations médicales et de diagnostic et les détails de l'assurance maladie.

---

>Data includes names, dates of birth, physical addresses, Social Security Numbers, medical and diagnosis information, and health insurance details. ]]> 2024-08-19T14:31:35+00:00 https://www.securityweek.com/carespring-data-breach-exposes-personal-and-medical-information-of-nearly-77000-patients/ www.secnews.physaphae.fr/article.php?IdArticle=8560351 False Data Breach,Medical None 3.0000000000000000 SecurityWeek - Security News Les données publiques nationales (NPD) ont confirmé une violation de données, mais la société affirme que l'incident n'affecte que 1,3 million de personnes aux États-Unis.

---

>National Public Data (NPD) has confirmed suffering a data breach, but the company says the incident only affects 1.3 million people in the US. ]]> 2024-08-19T13:20:26+00:00 https://www.securityweek.com/national-public-data-says-breach-impacts-1-3-million-people/ www.secnews.physaphae.fr/article.php?IdArticle=8560304 False Data Breach None 3.0000000000000000 SecurityWeek - Security News Une violation de données de la vie à domicile juive résultant d'une attaque de ransomware Blackcat a un impact sur plus de 100 000 personnes.

---

>A Jewish Home Lifecare data breach resulting from a BlackCat ransomware attack impacts over 100,000 individuals. ]]> 2024-08-19T09:18:25+00:00 https://www.securityweek.com/100000-impacted-by-jewish-home-lifecare-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8560202 False Ransomware,Data Breach None 2.0000000000000000 InformationSecurityBuzzNews - Site de News Securite Background check provider National Public Data (NPD) has confirmed a data breach after hackers leaked a stolen database containing millions of Social Security numbers and other sensitive information. The compromised data reportedly includes names, email addresses, phone numbers, Social Security numbers (SSNs), and mailing addresses. The breach has been linked to a hacking attempt from [...]]]> 2024-08-19T06:21:16+00:00 https://informationsecuritybuzz.com/npd-admits-breach-millions-ssn/ www.secnews.physaphae.fr/article.php?IdArticle=8560130 False Data Breach None 3.0000000000000000 Wired Threat Level - Security News Social Security numbers, physical addresses, and more-all available online. After months of confusion, leaked information from a background-check firm underscores the long-term risks of data breaches.]]> 2024-08-16T18:31:13+00:00 https://www.wired.com/story/national-public-data-breach-leak/ www.secnews.physaphae.fr/article.php?IdArticle=8558858 False Data Breach None 3.0000000000000000 SecureMac - Security focused on MAC Une violation de données massive expose les enregistrements de 2,7B, tandis que le MIT lance un référentiel à risque d'IA pour répondre aux préoccupations croissantes de la sécurité de l'intelligence artificielle.

---

>Massive data breach exposes 2.7B records, while MIT launches an AI risk repository to tackle growing concerns in artificial intelligence safety. ]]> 2024-08-16T16:31:43+00:00 https://www.securemac.com/checklist/checklist-388-everybodys-data-is-out-there www.secnews.physaphae.fr/article.php?IdArticle=8558804 False Data Breach None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine The US data broker did not address the threat actor\'s claim that the breach concerns 2.9 billion records]]> 2024-08-16T10:45:00+00:00 https://www.infosecurity-magazine.com/news/national-public-data-confirms-data/ www.secnews.physaphae.fr/article.php?IdArticle=8558649 False Data Breach,Threat None 3.0000000000000000 Global Security Mag - Site de news francais mise à jour malveillant

---

National Public Data Breach Puts Personal Information at Risk: Expert Insights; Craig Birch, identity security expert and Principal Security Engineer at Cayosoftcomments this attack. - Malware Update]]> 2024-08-16T07:12:28+00:00 https://www.globalsecuritymag.fr/national-public-data-breach-puts-personal-information-at-risk-expert-insights.html www.secnews.physaphae.fr/article.php?IdArticle=8558554 False Data Breach None 3.0000000000000000 ProofPoint - Cyber Firms 2024-08-15T14:42:29+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/surge-credential-hijacking-attacks-focus-on-sharepoint www.secnews.physaphae.fr/article.php?IdArticle=8558354 False Ransomware,Data Breach,Malware,Tool,Vulnerability,Threat,Cloud None 3.0000000000000000 Intigrity - Blog There\'s a lot being written about the need for strong cyber resilience, and with good reason. Cyber resilience offers several key benefits for organizations, strengthening their ability to handle cyber threats effectively while reducing the risk of business disruption. With the average data breach cost reaching $4.45million in 2023, according to IBM, there\'s more than enough mo…]]> 2024-08-15T00:00:00+00:00 https://blog.intigriti.com/business-insights/cybersecurity-posture-assessment www.secnews.physaphae.fr/article.php?IdArticle=8558753 False Data Breach None 3.0000000000000000 McAfee Labs - Editeur Logiciel Les nouvelles d'une violation de données majeure qui pourraient affecter près de trois milliards de personnes découlent d'un peu inhabituel ...

---

> News of a major data breach that could affect nearly three billion people comes to light from a somewhat unusual... ]]> 2024-08-14T15:43:01+00:00 https://www.mcafee.com/blogs/security-news/data-breach-exposes-3-billion-personal-information-records/ www.secnews.physaphae.fr/article.php?IdArticle=8557676 False Data Breach None 3.0000000000000000 SecurityWeek - Security News Les données publiques nationales (NPD) sont au centre de la controverse avec des allégations d'une violation massive de données impliquant 2,9 milliards de dossiers.Malgré la couverture médiatique et un recours collectif, la preuve vérifiable reste rare

---

>National Public Data (NPD) is at the center of controversy with allegations of a massive data breach involving 2.9 billion records. Despite media coverage and a class action lawsuit, verifiable proof remains scarce ]]> 2024-08-14T14:33:22+00:00 https://www.securityweek.com/unconfirmed-hack-of-2-9-billion-records-at-national-public-data-sparks-media-frenzy-amid-lawsuits/ www.secnews.physaphae.fr/article.php?IdArticle=8557650 False Data Breach,Hack None 3.0000000000000000 Troy Hunt - Blog qu'est-ce qui est décrit comme undes plus grandes violations de données de tous les temps .Habituellement, il est facile d'articuler une violation de données;un service que les gens fournissent leurs informations à quelqu'un

---

I decided to write this post because there's no concise way to explain the nuances of what's being described as one of the largest data breaches ever. Usually, it's easy to articulate a data breach; a service people provide their information to had someone]]> 2024-08-13T18:31:02+00:00 https://www.troyhunt.com/inside-the-3-billion-people-national-public-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8557165 False Data Breach None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine The EVIT breach exposed the data of 208,717 individuals, including students, faculty and parents]]> 2024-08-13T15:00:00+00:00 https://www.infosecurity-magazine.com/news/evit-suffers-data-breach-2024/ www.secnews.physaphae.fr/article.php?IdArticle=8557057 False Data Breach None 3.0000000000000000 ZoneAlarm - Security Firm Blog Dans un affichage stupéfiant de la cyber-vulnérabilité, une violation récente de données a conduit à l'exposition de 2,7 milliards de dossiers, y compris des informations sensibles telles que les numéros de sécurité sociale et les adresses domestiques.La portée et l'échelle de cette violation ont envoyé des ondes de choc via la communauté de la cybersécurité, ce qui soulève de sérieuses préoccupations concernant la protection des données et la sophistication croissante & # 8230;

---

>In a staggering display of cyber vulnerability, a recent data breach has led to the exposure of 2.7 billion records, including sensitive information such as Social Security numbers and home addresses. The scope and scale of this breach have sent shockwaves through the cybersecurity community, raising serious concerns about data protection and the increasing sophistication … ]]> 2024-08-13T14:29:50+00:00 https://blog.zonealarm.com/2024/08/massive-data-breach-exposes-2-7-billion-records-including-social-security-numbers/ www.secnews.physaphae.fr/article.php?IdArticle=8557049 False Data Breach,Vulnerability None 3.0000000000000000 TechRepublic - Security News US In August, 2.7 billion records from National Public Data, including social security numbers, were leaked on a dark web forum.]]> 2024-08-13T14:26:21+00:00 https://www.techrepublic.com/article/social-security-numbers-leak/ www.secnews.physaphae.fr/article.php?IdArticle=8557051 False Data Breach None 3.0000000000000000 Security Intelligence - Site de news Américain Selon le coût IBM d'un rapport de violation de données 2024, le coût moyen de violation mondiale a atteint 4,88 millions de dollars & # 8212;Une augmentation significative par rapport à 4,45 millions de dollars de l'année dernière et le plus grand bond depuis la pandémie.Pour les entreprises du secteur financier, les coûts sont encore plus élevés.Les entreprises dépensent désormais 6,08 millions de dollars traitant des violations de données, ce qui est [& # 8230;]

---

>According to the IBM Cost of a Data Breach 2024 report, the average global breach cost has reached $4.88 million — a significant increase over last year’s $4.45 million and the biggest jump since the pandemic. For financial industry enterprises, costs are even higher. Companies now spend $6.08 million dealing with data breaches, which is […] ]]> 2024-08-13T13:00:00+00:00 https://securityintelligence.com/articles/cost-of-a-data-breach-2024-financial-industry/ www.secnews.physaphae.fr/article.php?IdArticle=8557047 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain Kootenai Health has disclosed a data breach impacting over 464,000 patients after their personal information was stolen and leaked by the 3AM ransomware operation. [...]]]> 2024-08-13T11:23:20+00:00 https://www.bleepingcomputer.com/news/security/3am-ransomware-stole-data-of-464-000-kootenai-health-patients/ www.secnews.physaphae.fr/article.php?IdArticle=8557084 False Ransomware,Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain Don\'t let AI CoPilots be the source of your first data breach. Learn more from Varonis about the challengers of securing your data in the era of gen AI. [...]]]> 2024-08-13T10:02:04+00:00 https://www.bleepingcomputer.com/news/security/how-to-prevent-your-first-ai-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8557013 False Data Breach None 3.0000000000000000 SecurityWeek - Security News Les informations personnelles et santé des étudiants, du personnel, des professeurs et des parents ont été compromises dans une violation de données à East Valley Institute of Technology.

---

>The personal and health information of students, staff, faculty, and parents was compromised in a data breach at East Valley Institute of Technology. ]]> 2024-08-12T12:38:05+00:00 https://www.securityweek.com/200k-impacted-by-east-valley-institute-of-technology-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8556356 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain ​CSC ServiceWorks, a leading provider of commercial laundry services, has disclosed a data breach after the personal information of an undisclosed number of individuals was exposed in a 2023 cyberattack. [...]]]> 2024-08-09T13:56:43+00:00 https://www.bleepingcomputer.com/news/security/csc-serviceworks-discloses-data-breach-after-2023-cyberattack/ www.secnews.physaphae.fr/article.php?IdArticle=8554818 False Data Breach,Commercial None 3.0000000000000000 SecurityWeek - Security News ADT a confirmé que les pirates ont volé des informations après que 30 000 enregistrements clients ont été divulgués récemment.

---

>ADT has confirmed that hackers have stolen information after 30,000 customer records were leaked recently. ]]> 2024-08-09T07:52:46+00:00 https://www.securityweek.com/physical-security-firm-adt-confirms-hack-and-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8554584 False Data Breach,Hack None 3.0000000000000000 Checkpoint - Fabricant Materiel Securite Check Point s'est récemment associé à Cysurance, un leader de l'atténuation des risques de nouvelle génération, pour lancer un programme d'évaluation conjoint d'assurance.Ce programme innovant est conçu pour aider les entreprises à identifier et à atténuer les risques potentiels de cybersécurité, en s'assurant qu'ils respectent les normes de sécurité strictes et améliorent leur assurabilité.Avec une moyenne de 4,45 millions de dollars dépensée pour chaque violation de données en 2023 et un coût de ransomware de 265 milliards de dollars prévu d'ici 2031, le maintien de la cyber-résilience est essentiel pour toute entreprise.Tirant parti des normes et des cadres de l'industrie tels que le NIST, le CSF et le RGPD, le programme identifie les opportunités et les lacunes, fournissant des recommandations à assistance industrielle pour une sécurité améliorée [& # 8230;]

---

>Check Point recently teamed up with Cysurance, a leader in next-generation risk mitigation, to launch a joint Insurability Assessment program. This innovative program is designed to help businesses proactively identify and mitigate potential cyber security risks, ensuring they meet stringent security standards and improve their insurability. With an average of $4.45 million spent on every data breach in 2023 and a projected $265 billion ransomware cost by 2031, maintaining cyber resilience is essential for any business. Leveraging industry standards and frameworks such as NIST, CSF, and GDPR, the program identifies opportunities and deficiencies, providing industry-tailored recommendations for an enhanced security […] ]]> 2024-08-08T13:00:40+00:00 https://blog.checkpoint.com/infinity-global-services/infinity-global-services-and-cysurance-launch-a-comprehensive-insurability-assessment-program/ www.secnews.physaphae.fr/article.php?IdArticle=8554067 False Ransomware,Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain ADT Inc. disclosed via a Form 8-K filing at the U.S. Securities and Exchange Commission (SEC) that hackers have gained access to its systems, which hold customer order details. [...]]]> 2024-08-08T09:41:12+00:00 https://www.bleepingcomputer.com/news/security/adt-confirms-data-breach-after-customer-info-leaked-on-hacking-forum/ www.secnews.physaphae.fr/article.php?IdArticle=8554096 False Data Breach None 3.0000000000000000 HackRead - Chercher Cyber National Public Data, a service by Jerico Pictures Inc., suffered a massive breach. Hacker “Fenice” leaked 2.9 billion…]]> 2024-08-06T17:07:54+00:00 https://hackread.com/data-breach-national-public-data-records-ssns-dumped/ www.secnews.physaphae.fr/article.php?IdArticle=8552863 False Data Breach None 2.0000000000000000 TechRepublic - Security News US IBM\'s recent Cost of a Data Breach report found that the average cost of a data breach in Australia reached a record-high in 2024. Explore additional key findings and how the Australian government is mitigating these threats.]]> 2024-08-06T14:00:34+00:00 https://www.techrepublic.com/article/ibm-data-breach-cost-report-australia/ www.secnews.physaphae.fr/article.php?IdArticle=8553422 False Data Breach None 1.00000000000000000000 Security Intelligence - Site de news Américain Les cyberattaques se développent chaque année en sophistication et en fréquence, et le coût des violations de données continue de monter avec eux.Un nouveau rapport d'IBM et du Ponemon Institute, l'étude sur le coût de la violation des données de 2024, détaille les impacts financiers des attaques dans plusieurs secteurs.Le coût moyen mondial d'une violation de données a atteint un historique [& # 8230;]

---

>Cyberattacks grow every year in sophistication and frequency, and the cost of data breaches continues to rise with them. A new report by IBM and the Ponemon Institute, the 2024 Cost of Data Breach Study, details the financial impacts of attacks across multiple industries. The global average cost of a data breach reached an all-time […] ]]> 2024-08-06T13:00:00+00:00 https://securityintelligence.com/articles/cost-of-a-data-breach-healthcare-industry/ www.secnews.physaphae.fr/article.php?IdArticle=8552773 False Data Breach,Studies,Medical None 2.0000000000000000 TechRepublic - Security News US Australian regulators allege that cyber security failures at Optus and Medibank contributed to data breaches in 2022, leading to theft of sensitive customer data.]]> 2024-08-02T18:38:34+00:00 https://www.techrepublic.com/article/optus-medibank-data-breaches-australia/ www.secnews.physaphae.fr/article.php?IdArticle=8549990 False Data Breach None 3.0000000000000000 We Live Security - Editeur Logiciel Antivirus ESET Organizations that leveraged AI and automation in security prevention cut the cost of a data breach by US$2.22 million compared to those that didn\'t deploy these technologies, according to IBM]]> 2024-08-02T11:30:15+00:00 https://www.welivesecurity.com/en/videos/ai-automation-reducing-breach-costs-week-security-tony-anscombe/ www.secnews.physaphae.fr/article.php?IdArticle=8550474 False Data Breach None 3.0000000000000000 knowbe4 - cybersecurity services ]]> 2024-07-31T17:31:00+00:00 https://blog.knowbe4.com/the-first-half-of-2024-results-in-more-than-1-billion-data-breach-victims www.secnews.physaphae.fr/article.php?IdArticle=8548191 False Data Breach None 3.0000000000000000 SecurityWeek - Security News Le coût moyen d'une violation de données a atteint 4,88 millions de dollars, contre 4,45 millions de dollars en 2023, un pic de 10%.

---

>The average cost of a data breach jumped to $4.88 million from $4.45 million in 2023, a 10% spike. ]]> 2024-07-31T16:59:58+00:00 https://www.securityweek.com/cost-of-data-breach-in-2024-4-88-million-says-latest-ibm-study/ www.secnews.physaphae.fr/article.php?IdArticle=8548153 False Data Breach,Studies None 4.0000000000000000 CyberSecurityVentures - cybersecurity services This week in cybersecurity from the editors at Cybercrime Magazine –Read the Full Yahoo! Finance Story Sausalito, Calif. – Jul. 31, 2024 According to Cybersecurity Ventures, approximately $5.6 billion is spent on cybersecurity awareness training globally, and yet according to Verizon’s Data Breach Investigations Report (DBIR) ]]> 2024-07-31T13:02:47+00:00 https://cybersecurityventures.com/new-hackops-game-teaches-newbies-how-to-fight-cybercrime/ www.secnews.physaphae.fr/article.php?IdArticle=8547997 False Data Breach None 3.0000000000000000 SecurityWeek - Security News La ville de Columbus enquête sur la portée d'une violation de données résultant d'une attaque de ransomware contrecarrée.

---

>The City of Columbus is investigating the scope of a data breach resulting from a thwarted ransomware attack. ]]> 2024-07-31T12:07:01+00:00 https://www.securityweek.com/city-of-columbus-says-data-compromised-in-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8548000 False Ransomware,Data Breach None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine IBM reveals a 10% increase in the global cost of a data breach to $4.9m]]> 2024-07-31T09:30:00+00:00 https://www.infosecurity-magazine.com/news/cost-data-breach-10-shadow-data/ www.secnews.physaphae.fr/article.php?IdArticle=8547892 False Data Breach None 3.0000000000000000 IT Security Guru - Blog Sécurité La violation des données de santé compromet les informations client Il est apparu pour la première fois sur gourou de la sécurité informatique .

---

HealthEquity, a leading provider of health savings account (HSA) services, has announced it suffered a data breach recently, resulting in compromised customer protected health information (PHI). It is understood the breach was detected on March 25, 2024, after abnormal activity was flagged from a business partner’s device. Once an investigation was carried out, it was […] The post HealthEquity Data Breach Compromises Customer Information first appeared on IT Security Guru. ]]> 2024-07-30T14:42:23+00:00 https://www.itsecurityguru.org/2024/07/30/healthequity-data-breach-compromises-customer-information/?utm_source=rss&utm_medium=rss&utm_campaign=healthequity-data-breach-compromises-customer-information www.secnews.physaphae.fr/article.php?IdArticle=8547327 False Data Breach None 3.0000000000000000 Security Intelligence - Site de news Américain Les équipes de sécurité s'améliorent pour détecter et répondre aux incursions de violation, mais les attaquants infligent une plus grande douleur aux organisations & # 8217;Lignes basses.Le coût récent de l'IBM d'un rapport de violation de données 2024 a révélé que la violation moyenne mondiale a atteint un record de 4,88 millions de dollars.Cela a une augmentation de 10% par rapport à 2023 et le plus grand pic depuis la pandémie.Tandis que [& # 8230;]

---

>Security teams are getting better at detecting and responding to breach incursions, but attackers are inflicting greater pain on organizations’ bottom lines. IBM’s recent Cost of a Data Breach Report 2024 found the global average breach hit a record $4.88 million. That’s a 10% increase from 2023 and the largest spike since the pandemic. While […] ]]> 2024-07-30T10:00:00+00:00 https://securityintelligence.com/posts/whats-new-2024-cost-of-a-data-breach-report/ www.secnews.physaphae.fr/article.php?IdArticle=8547205 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain HSA provider HealthEquity has determined that a cybersecurity incident disclosed earlier this month has compromised the information of 4,300,000 people. [...]]]> 2024-07-29T11:54:48+00:00 https://www.bleepingcomputer.com/news/security/healthequity-says-data-breach-impacts-43-million-people/ www.secnews.physaphae.fr/article.php?IdArticle=8546687 False Data Breach None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-07-29T10:58:35+00:00 https://community.riskiq.com/article/72f3426d www.secnews.physaphae.fr/article.php?IdArticle=8546560 False Ransomware,Data Breach,Spam,Malware,Tool,Vulnerability,Threat,Legislation,Mobile,Industrial,Medical APT 28,APT 36 2.0000000000000000 SecurityWeek - Security News HealthEquity indique que les informations personnelles et de santé de 4,3 millions de personnes ont été compromises dans une violation de données.

---

>HealthEquity says the personal and health information of 4.3 million individuals was compromised in a data breach. ]]> 2024-07-29T10:40:51+00:00 https://www.securityweek.com/4-3-million-impacted-by-healthequity-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8546530 False Data Breach None 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC have become integral to everyday life. This includes business and personal activities, facilitating everything from banking and transactions to marketing and social networking. This rise in popularity has made web applications a prime target for cybercriminals. According to Verizon’s 2024 Data Breach Investigation Report, nearly 40% of cybersecurity incidents result from web application vulnerabilities. Businesses relying on these applications for everyday operations must implement robust security measures to ensure their app stack is resilient to threats and capable of maintaining uninterrupted service. One of the most effective tools for safeguarding web applications is a web application firewall (WAF), which provides critical protection against a wide range of cyber threats. Most Common Threats to Web App Security Before we dive into how web application firewalls protect our web assets, let’s look at the most pressing security threats facing web applications in 2024. Stolen credentials are top of mind, as millions are available for sale on the dark web. One of the most significant cyberattacks of the year involved compromised credentials from a third-party application in an attack on UnitedHealth, which jeopardized the data of one-third of Americans. Attackers were nested inside the victim’s systems for months before striking, highlighting how important real-time monitoring capabilities are for detecting suspicious behavior. Zero-day exploits are also a common vector attackers have used in recent years to breach web applications. A zero-day vulnerability is unknown to the application vendor or the public at the time it is discovered and exploited by attackers. They can be quite dangerous if they’re not identified and patched quickly. In 2023, there were 97 reported zero-day vulnerabilities, a 50% increase from the year before. Additionally, as web applications increasingly rely on each other to provide maximum functionality to the end user, API-related attacks have also become prevalent. App integrations must be executed correctly with strong authentication and authorization mechanisms. Input validation is also required to prevent injection attacks. Modern WAF Solutions Are Essential to Improving Security A web application firewall is a hardware or software-based solution used to monitor and filter HTTP traffic between a web application and the internet. WAFs provide two essential security features: traffic filtering and real-time monitoring. WAFs use rule-based filters to inspect HTTP requests and responses. These filters detect and block a wide spectrum of attacks, including SQL injection, cross-site scripting (XSS), and cross-site request forgery (CSRF). By analyzing traffic in real time, a WAF solution can identify and mitigate threats as they occur, foiling attacks before]]> 2024-07-29T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/why-you-need-a-web-application-firewall-in-2024 www.secnews.physaphae.fr/article.php?IdArticle=8546775 False Data Breach,Tool,Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Cryptocurrency exchange Gemini is warning it suffered a data breach incident caused by a cyberattack at its Automated Clearing House (ACH) service provider, whose name was not disclosed. [...]]]> 2024-07-26T15:31:09+00:00 https://www.bleepingcomputer.com/news/security/crypto-exchange-gemini-discloses-third-party-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8544966 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain Debt collection agency Financial Business and Consumer Solutions (FBCS) has again increased the number of people impacted by a February data breach, now saying it affects 4.2 million people in the US. [...]]]> 2024-07-26T14:47:59+00:00 https://www.bleepingcomputer.com/news/security/fbcs-data-breach-impact-now-reaches-42-million-people/ www.secnews.physaphae.fr/article.php?IdArticle=8544936 False Data Breach None 3.0000000000000000 knowbe4 - cybersecurity services Frequently Asked Questions About KnowBe4\'s Fake IT Worker Blog   July 23, 2024, I wrote a blog post about how KnowBe4 inadvertently hired a skillful North Korean IT worker who used the stolen identity of a US citizen. He participated in several rounds of video interviews and circumvented background check processes commonly used.   The intent was to share an organizational learning moment, so you can make sure this does not happen to you. The story went viral, which is exactly what I had hoped for. Do we have egg on our face? Yes. And I am sharing that lesson with you. It\'s why I started KnowBe4 in 2010. In 2024 our mission is more important than ever.    Q1: Was any KnowBe4 system breached in this North Korean IT worker incident? No. KnowBe4 was not breached. When we hire new employees, their user account is granted only limited permissions that allow them to proceed through our new hire onboarding process and training. They can access only a minimal number of necessary apps to go through our new employee training.   Q2: What access do new employees get?  These are apps such as their email inbox, slack, and zoom. The workstation they receive is locked down and has no data residing on it, it is essentially a laptop with nothing on it except our endpoint security and management tools   Q3: Did the new employee get access to customer data?  No. This person never had access to any customer data, KnowBe4\'s private networks, cloud infrastructure, code, or any KnowBe4 confidential information. They had basic communication apps and a factory-new provisioned laptop. We detected suspicious activity and responded within minutes, quarantining the entire laptop.    Q4: Was any malware executed on the machine?  No. No malware was executed on the machine as it was blocked by our security tooling. A complete review of all processes, commands, network connections, and other activity on the laptop was conducted and we concluded that no further action was needed as there was suspicious activity outside of what was detected and blocked.   ]]> 2024-07-25T11:09:14+00:00 https://blog.knowbe4.com/north-korean-fake-it-worker-faq www.secnews.physaphae.fr/article.php?IdArticle=8544077 False Data Breach,Malware,Cloud None 3.0000000000000000 ProofPoint - Cyber Firms 2024-07-25T06:04:58+00:00 https://www.proofpoint.com/us/blog/security-awareness-training/building-effective-security-awareness-program-employees www.secnews.physaphae.fr/article.php?IdArticle=8544107 False Ransomware,Data Breach,Tool,Vulnerability,Threat,Cloud None 3.0000000000000000 SecurityWeek - Security News Michigan Medicine notifie environ 57 000 personnes d'une violation de données ayant un impact sur leurs informations personnelles et santé.

---

>Michigan Medicine is notifying roughly 57,000 individuals of a data breach impacting their personal and health information. ]]> 2024-07-24T13:21:08+00:00 https://www.securityweek.com/57000-patients-impacted-by-michigan-medicine-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8543466 False Data Breach None 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC 6 cyber-attacks happen every 4 minutes and attacks like the 2022 one on the International Committee of the Red Cross (ICRC) send shivers across non-profits. To make things even worse, limited resources and backup resources mean a successful breach could prove catastrophic. Hence, non-profit cybersecurity is a particularly important issue. Understanding the Cybersecurity Risks for Nonprofits Non-profit organizations face unique cybersecurity risks that stem from their distinct operational models and resource constraints. They frequently handle sensitive information, including donor and beneficiary details, which makes them attractive targets for cybercriminals. Another significant factor is the general lack of robust cybersecurity measures within many nonprofit organizations. In fact, data shows that more than 84% of nonprofit organizations don’t have a cybersecurity plan. This makes them a prime target for many malicious players. Additionally, many nonprofit organizations struggle to allocate sufficient resources to cybersecurity due to limited budgets and competing priorities. Much like the security of small business savings accounts suffers from lower budgets, non-profits are also prone to thinking reactively, instead of taking a proactive stance towards their own cyber fortress. For example, some non-profits don’t have the resources to invest in identity theft protection, cybersecurity consultancy, and even pen-testing tools to use in-house. Cybercriminals are well aware of this vulnerability and are increasingly targeting nonprofits. Some charity organizations also often underestimate their risk level, falsely believing they are unlikely targets for cyberattacks. This complacency can lead to a lack of preparedness and awareness, further increasing their vulnerability. Common Cybersecurity Risks for Nonprofits There are many types of cyber threats and attacks that affect non-profit organizations. Here are some of the most common: Data Breaches Nonprofits are goldmines when it comes to data. A data breach typically occurs when cybercriminals exploit vulnerabilities in an organization’s cybersecurity defenses. This could be through hacking efforts, phishing scams, or even physical access to insecure storage locations. There have even been cases of scammers presenting themselves as SAP consultants, requiring n]]> 2024-07-24T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/navigating-the-minefield-cybersecurity-for-non-profit-organizations www.secnews.physaphae.fr/article.php?IdArticle=8543498 False Ransomware,Data Breach,Malware,Tool,Vulnerability,Threat None 3.0000000000000000 knowbe4 - cybersecurity services ]]> 2024-07-23T17:55:04+00:00 https://blog.knowbe4.com/crypto-data-breach-continues-to-fuel-phishing-scams-years-later www.secnews.physaphae.fr/article.php?IdArticle=8542875 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain Verizon Communications has agreed to a $16,000,000 settlement with the Federal Communications Commission (FCC) in the U.S. concerning three data breach incidents its wholly-owned subsidiary, TracFone Wireless, suffered after its acquisition in 2021. [...]]]> 2024-07-23T12:34:56+00:00 https://www.bleepingcomputer.com/news/security/verizon-to-pay-16-million-in-tracfone-data-breach-settlement/ www.secnews.physaphae.fr/article.php?IdArticle=8542847 False Data Breach None 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC 2023 Cost of a Data Breach report reveals. But data breaches aren’t just expensive, they also harm patient privacy, damage organizational reputation, and erode patient trust in healthcare providers. As data breaches are now largely a matter of “when” not “if”, it’s important to devise a solid data breach response plan. By acting fast to prevent further damage and data loss, you can restore operations as quickly as possible with minimal harm done. Contain the Breach Once a breach has been detected, you need to act fast to contain it, so it doesn’t spread. That means disconnecting the affected system from the network, but not turning it off altogether as your forensic team still needs to investigate the situation. Simply unplug the network cable from the router to disconnect it from the internet. If your antivirus scanner has found malware or a virus on the system, quarantine it, so it can be analyzed later. Keep the firewall settings as they are and save all firewall and security logs. You can also take screenshots if needed. It’s also smart to change all access control login details. Strong complex passwords are a basic cybersecurity feature difficult for hackers and software to crack. It’s still important to record old passwords for future investigation. Also, remember to deactivate less-important accounts. Document the Breach You then need to document the breach, so forensic investigators can find out what caused it, as well as recommend accurate next steps to secure the network now and prevent future breaches. So, in your report, explain how you came to hear of the breach and relay exactly what was stated in the notification (including the date and time you were notified). Also, document every step you took in response to the breach. This includes the date and time you disconnected systems from the network and changed account credentials and passwords. If you use artificial intelligence (AI) tools, you’ll also need to consider whether they played a role in the breach, and document this if so. For example, ChatGPT, a popular chatbot and virtual assistant, can successfully exploit zero-day security vulnerabilities 87% of the time, a recent study by researchers at the University of Illinois Urbana-Champaign found. Although AI is increasingly used in healthcare to automate tasks, manage patient data, and even make tailored care recommendations, it does pose a serious risk to patient data integrity despite the other benefits it provides. So, assess whether AI influenced your breach at all, so your organization can make changes as needed to better prevent data breaches in the future. Report the Breach Although your first instinct may be to keep the breach under wraps, you’re actually legally required to report it. Under the ]]> 2024-07-23T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/what-healthcare-providers-should-do-after-a-medical-data-breach www.secnews.physaphae.fr/article.php?IdArticle=8542852 False Data Breach,Malware,Tool,Vulnerability,Threat,Studies,Medical ChatGPT 3.0000000000000000 Bleeping Computer - Magazine Américain The Land Registry agency in Greece has announced that it suffered a limited-scope data breach following a wave of 400 cyberattacks targeting its IT infrastructure over the last week. [...]]]> 2024-07-22T18:46:31+00:00 https://www.bleepingcomputer.com/news/security/greeces-land-registry-agency-breached-in-wave-of-400-cyberattacks/ www.secnews.physaphae.fr/article.php?IdArticle=8542320 False Data Breach None 3.0000000000000000 SecurityWeek - Security News Les informations personnelles et de santé de 12,9 millions ont été volées dans une attaque de ransomware chez le fournisseur de services de prescription numérique australienne Mediseecure.

---

>The personal and health information of 12.9 million was stolen in a ransomware attack at Australian digital prescription services provider MediSecure. ]]> 2024-07-19T11:50:05+00:00 https://www.securityweek.com/medisecure-data-breach-impacts-12-9-million-individuals/ www.secnews.physaphae.fr/article.php?IdArticle=8540194 False Ransomware,Data Breach None 2.0000000000000000 Dark Reading - Informationweek Branch Though the number of victims has risen, the actual number of breaches has gone down, as fewer, bigger breaches affect more individuals.]]> 2024-07-18T21:04:59+00:00 https://www.darkreading.com/cyberattacks-data-breaches/us-data-breach-victim-numbers-increase-1000 www.secnews.physaphae.fr/article.php?IdArticle=8539820 False Data Breach None 3.0000000000000000 SecurityWeek - Security News Le concessionnaire de bateaux Marinemax a déclaré que la violation des données causée par une récente attaque de ransomware a un impact sur 123 000 personnes.

---

>Boat dealer MarineMax said the data breach caused by a recent ransomware attack impacts over 123,000 individuals. ]]> 2024-07-18T12:40:07+00:00 https://www.securityweek.com/marinemax-notifying-123000-of-data-breach-following-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8539549 False Ransomware,Data Breach None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine New figures reveal a massive 1170% increase in people impacted by data breaches in Q2 2024 versus a year ago]]> 2024-07-18T09:15:00+00:00 https://www.infosecurity-magazine.com/news/us-data-breach-victims-surge-1170/ www.secnews.physaphae.fr/article.php?IdArticle=8539457 False Data Breach None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine The ICO said a lack of security controls led to a large-scale data breach at the London Borough of Hackney Council]]> 2024-07-17T14:30:00+00:00 https://www.infosecurity-magazine.com/news/ico-london-council-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8538918 False Data Breach None 3.0000000000000000 Mandiant - Blog Sécu de Mandiant   In the ever-evolving landscape of cybersecurity, staying ahead of threats demands continuous learning and skill development. The NIST NICE framework provides a roadmap, but mastering its extensive tasks, knowledge, and skills (TKSs) can be daunting. That\'s where the power of artificial intelligence (AI) comes in. We\'ve leveraged Google Gemini AI to create a revolutionary solution: a comprehensive library of over 6,000 prompts designed to guide you through the NICE framework. These AI-powered prompts offer a dynamic and personalized learning experience, accelerating your journey to cybersecurity expertise. In this blog post, we\'ll explore the NIST NICE framework in detail, delve into the art of prompt engineering, and share how we harnessed the power of Google Gemini AI to build this valuable resource. Whether you\'re a seasoned cybersecurity veteran or just starting your journey, this guide will provide you with the tools and insights you need to engage with large language models (LLMs) for a dynamic learning experience. The NIST NICE Framework: Your Blueprint for Cybersecurity Success The National Initiative for Cybersecurity Education (NICE) framework, developed by the National Institute of Standards and Technology (NIST), serves as the cornerstone of cybersecurity education and workforce development.  At its core, the NICE framework provides a common language and taxonomy for describing cybersecurity work. Each role is mapped to specific TKSs necessary for successful responsibilities. By mapping out these competencies, the NICE framework helps individuals identify career paths, employers define job requirements, and training providers develop targeted curricula. But the NICE framework isn\'t just about job descriptions and training programs. It\'s about building a robust and adaptable cybersecurity workforce capable of meeting the dynamic challenges of the digital age. By aligning your skillset with the NICE framework, you\'re not only investing in your own career advancement but also contributing to the collective defense against cyber threats. Whether you\'re aspiring to become a security analyst, penetration tester, incident responder, or any other cybersecurity role, understanding and embracing the NICE framework is essential. It provides a roadmap for your professional development, highlighting the knowledge and skills you need to acquire to succeed in your chosen path. In the following sections, we\'ll explore how AI-powered prompts can help you navigate this roadmap and accelerate your mastery of the essential competencies outlined in the NICE framework. Prompt Engineering: Unleashing the Power of LLMs for Cybersecurity Learning In the realm of artificial intelligence, LLMs like Google Gemini have emerged as powerful tools capable of understanding and generating human-like text. At the heart of harnessing this power lies the art of prompt engineering. But what exactly is a prompt, and why is it so crucial for cybersecurity learning? In simple terms, a prompt is the input you provide to an LLM to guide its response. Think of it as a question, a scenario, or a task that you present to the AI. The quality and specificity of your prompt directly influence the quality and relevance of the LLM\'s output. In the context of cybersecurity, well-craft]]> 2024-07-17T14:00:00+00:00 https://cloud.google.com/blog/topics/threat-intelligence/ai-nist-nice-prompt-library-gemini/ www.secnews.physaphae.fr/article.php?IdArticle=8538992 False Data Breach,Tool,Vulnerability,Threat,Studies None 3.0000000000000000 HackRead - Chercher Cyber Life360, a popular family location tracker app, suffered a data breach affecting 443,000 users. Personal details, including first…]]> 2024-07-17T13:36:48+00:00 https://hackread.com/family-location-tracker-app-life360-breach-data-leak/ www.secnews.physaphae.fr/article.php?IdArticle=8538876 False Data Breach None 3.0000000000000000 SecurityWeek - Security News MNGI Digestive Health dit il y a le Maine que les pirates ont accédé aux informations personnelles de 765 000 personnes.

---

>MNGI Digestive Health tells the Maine AGO that hackers accessed the personal information of 765,000 individuals. ]]> 2024-07-17T10:54:07+00:00 https://www.securityweek.com/mngi-digestive-health-data-breach-impacts-765000-individuals/ www.secnews.physaphae.fr/article.php?IdArticle=8538774 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain MarineMax, self-described as the world\'s largest recreational boat and yacht retailer, is notifying over 123,000 customers whose personal information was stolen in a March security breach claimed by the Rhysida ransomware gang. [...]]]> 2024-07-17T10:37:39+00:00 https://www.bleepingcomputer.com/news/security/yacht-giant-marinemax-data-breach-impacts-over-123-000-people/ www.secnews.physaphae.fr/article.php?IdArticle=8538912 False Ransomware,Data Breach None 2.0000000000000000 SecurityWeek - Security News La chaîne de pharmacie Rite Aid indique que 2,2 millions de personnes sont touchées par une violation de données récente pour laquelle le groupe RansomHub a pris le crédit.

---

>Pharmacy chain Rite Aid says 2.2 million people are impacted by a recent data breach for which the RansomHub group has taken credit. ]]> 2024-07-17T07:45:32+00:00 https://www.securityweek.com/rite-aid-says-hack-impacts-2-2m-people-as-ransomware-gang-threatens-to-leak-data/ www.secnews.physaphae.fr/article.php?IdArticle=8538709 False Ransomware,Data Breach,Hack None 3.0000000000000000 HackRead - Chercher Cyber The hacker behind the Trello data breach claims the data was stolen in January 2024 and can be…]]> 2024-07-16T23:01:56+00:00 https://hackread.com/trello-data-breach-hacker-dumps-users-personal-info/ www.secnews.physaphae.fr/article.php?IdArticle=8538449 False Data Breach None 3.0000000000000000 Recorded Future - FLux Recorded Future 2024-07-16T20:55:05+00:00 https://therecord.media/senate-letter-att-snowflake www.secnews.physaphae.fr/article.php?IdArticle=8538394 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain Rite Aid, the third-largest drugstore chain in the United States, says that 2.2 million customers\' personal information was stolen last month in what it described as a "data security incident." [...]]]> 2024-07-16T10:54:23+00:00 https://www.bleepingcomputer.com/news/security/rite-aid-says-june-data-breach-impacts-22-million-people/ www.secnews.physaphae.fr/article.php?IdArticle=8538227 False Data Breach None 3.0000000000000000 Dark Reading - Informationweek Branch The breach affects older customer information involved in purchases made from June 6, 2017, up until July 30, 2018.]]> 2024-07-15T16:32:53+00:00 https://www.darkreading.com/cyberattacks-data-breaches/rite-aid-ransomhub-victim-data-breach www.secnews.physaphae.fr/article.php?IdArticle=8537640 False Data Breach None 2.0000000000000000 Checkpoint Research - Fabricant Materiel Securite For the latest discoveries in cyber research for the week of 15th July, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES American telecom giant AT&T has disclosed a massive data breach that exposed personal information of 110M of its customers. The data was stolen from the company\'s workspace on a third-party cloud platform, […]

---

>For the latest discoveries in cyber research for the week of 15th July, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES American telecom giant AT&T has disclosed a massive data breach that exposed personal information of 110M of its customers. The data was stolen from the company\'s workspace on a third-party cloud platform, […] ]]> 2024-07-15T14:50:05+00:00 https://research.checkpoint.com/2024/15th-july-threat-intelligence-report/ www.secnews.physaphae.fr/article.php?IdArticle=8537583 False Data Breach,Threat,Cloud None 3.0000000000000000 Veracode - Application Security Research, News, and Education Blog Lax security measures in the software development lifecycle (SDLC) can lead to severe financial repercussions for organizations. The Verizon 2024 Data Breach Investigations Report highlights this growing risk, stating, "Our ways-in analysis witnessed a substantial growth of attacks involving the exploitation of vulnerabilities as the critical path to initiate a breach when compared to previous years. It almost tripled (180% increase) from last year."   This underscores the critical need to integrate security practices throughout the SDLC. Let\'s delve into the importance of this integration and explore strategies to overcome common pitfalls in the process.    For a deep dive into our expertise on integrating security measures, automation, and advanced testing techniques for secure software development at speed, download the eBook, Secure the SDLC in 6 Steps: Optimizing Developer Experience Through Automation.  Pitfalls that Lead to Insecure Software Development…]]> 2024-07-15T10:34:59+00:00 https://www.veracode.com/blog/secure-development/overcoming-pitfalls-inadequate-security-measures-sdlc www.secnews.physaphae.fr/article.php?IdArticle=8537585 False Data Breach,Vulnerability None 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC promises to improve visitor experiences and operational effectiveness. Smart technologies like IoT-enabled gadgets and AI-powered services are being incorporated into modern hotels. These include mobile check-in, keyless entry for a quick, contactless experience, AI-powered chatbots and automated concierge systems for smooth guest interactions, smart in-room entertainment systems that allow guests to control various aspects of their environment via voice commands or smartphone apps, and smart thermostats for customized climate control. While these innovations significantly enhance convenience and personalization, they also introduce considerable cybersecurity risks. The interconnected nature of these devices and the vast amounts of data they handle make hotels and Airbnb rooms attractive targets for cybercriminals. Here are some of the most dangerous cybersecurity threats facing modern hospitality settings. Data Breaches Data breaches are a major concern in the hospitality industry due to the vast amounts of sensitive guest information collected and stored. High-profile incidents, such as the Marriott data breach in 2018, which affected up to 500 million guest records, underscore the severity of this threat. Compromised data often includes personal identification details, credit card information, and even passport numbers, leading to significant financial and reputational damage for the affected hotels and Airbnb hosts​. IoT Vulnerabilities The globalization of IoT devices in accommodation businesses like hotels and Airbnb properties increases the attack surface for cybercriminals. Each connected device represents a potential entry point for hackers. For instance, vulnerabilities in smart thermostats or lighting systems can be exploited to gain access to the broader network, compromising other critical systems and guest data​. Phishing and Social Engineering Phishing attacks and social engineering tactics are prevalent in the hospitality industry. Cybercriminals often target staff and guests with deceptive emails or messages designed to steal login credentials or other sensitive information. These attacks can lead to unauthorized access to systems and data breaches​. Point of Sale (POS) Systems POS systems handle numerous financial transactions, making them attractive to hackers. Attacks on POS systems can involve malware that captures credit card information before it is encrypted. Such inci]]> 2024-07-15T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/smart-hotel-technologies-and-the-cybersecurity-risks-they-bring www.secnews.physaphae.fr/article.php?IdArticle=8537435 False Ransomware,Data Breach,Malware,Vulnerability,Threat,Mobile None 2.0000000000000000 CyberSecurityVentures - cybersecurity services This week in cybersecurity from the editors at Cybercrime Magazine – Read the Full Newsday Story Sausalito, Calif. – Jul. 13, 2024 Newsday reports that AT&T disclosed Jul. 12 that nearly all its customers were affected by a data breach that exposed call and text message ]]> 2024-07-13T13:20:21+00:00 https://cybersecurityventures.com/att-data-breach-poses-phishing-attack-risk-to-consumers/ www.secnews.physaphae.fr/article.php?IdArticle=8536355 False Data Breach None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) American telecom service provider AT&T has confirmed that threat actors managed to access data belonging to "nearly all" of its wireless customers as well as customers of mobile virtual network operators (MVNOs) using AT&T\'s wireless network. "Threat actors unlawfully accessed an AT&T workspace on a third-party cloud platform and, between April 14 and April 25, 2024, exfiltrated]]> 2024-07-13T11:21:00+00:00 https://thehackernews.com/2024/07/at-confirms-data-breach-affecting.html www.secnews.physaphae.fr/article.php?IdArticle=8536176 False Data Breach,Threat,Mobile,Cloud None 2.0000000000000000 Wired Threat Level - Security News Plus: The Heritage Foundation gets hacked over Project 2025, a car dealership software provider seems to have paid $25 million to a ransomware gang, and authorities disrupt a Russian bot farm.]]> 2024-07-13T10:30:00+00:00 https://www.wired.com/story/spyware-users-exposed-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8536303 False Ransomware,Data Breach Heritage 3.0000000000000000 Krebs on Security - Chercheur Américain AT&T Corp. disclosed today that a new data breach has exposed phone call and text message records for roughly 110 million people -- nearly all of its customers. AT&T said it delayed disclosing the incident in response to "national security and public safety concerns," noting that some of the records included data that could be used to determine where a call was made or text message sent. AT&T also acknowledged the customer records were exposed in a cloud database that was protected only by a username and password (no multi-factor authentication needed).]]> 2024-07-12T18:12:20+00:00 https://krebsonsecurity.com/2024/07/hackers-steal-phone-sms-records-for-nearly-all-att-customers/ www.secnews.physaphae.fr/article.php?IdArticle=8535868 False Data Breach,Cloud None 2.0000000000000000 Wired Threat Level - Security News Telecom giant AT&T says a major data breach has exposed the call and text records of “nearly all” of its customers, epitomizing the dire state of data security.]]> 2024-07-12T17:44:16+00:00 https://www.wired.com/story/att-phone-records-breach-110-million/ www.secnews.physaphae.fr/article.php?IdArticle=8535869 False Data Breach None 2.0000000000000000 SecureMac - Security focused on MAC Apple améliore la confidentialité de Chatgpt.Roll20 subit une violation de données, réduisant les appels pour 2FA.Détails et analyse à l'intérieur.

---

>Apple enhances ChatGPT privacy. Roll20 suffers data breach, sparking calls for 2FA. Full details and analysis inside. ]]> 2024-07-12T17:42:05+00:00 https://www.securemac.com/checklist/checklist-383-roll-for-security www.secnews.physaphae.fr/article.php?IdArticle=8535864 False Data Breach ChatGPT 2.0000000000000000 HackRead - Chercher Cyber AT&T confirms a data breach exposing call and text records for “Nearly All” customers from May 2022 to…]]> 2024-07-12T16:32:11+00:00 https://hackread.com/att-data-breach-hackers-steal-call-text-records/ www.secnews.physaphae.fr/article.php?IdArticle=8535812 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain Pharmacy giant Rite Aid confirmed a data breach after suffering a cyberattack in June, which was claimed by the RansomHub ransomware operation. [...]]]> 2024-07-12T14:49:07+00:00 https://www.bleepingcomputer.com/news/security/rite-aid-confirms-data-breach-after-june-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8535872 False Ransomware,Data Breach None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine AT&T discloses data breach where hackers accessed customer call logs from a cloud platform in April]]> 2024-07-12T14:00:00+00:00 https://www.infosecurity-magazine.com/news/hackers-downloaded-call-logs-cloud/ www.secnews.physaphae.fr/article.php?IdArticle=8535721 False Data Breach,Cloud None 2.0000000000000000 SecurityWeek - Security News Data breach exposed records of call and text interactions for nearly all AT&T\'s wireless customers and has been linked to the recent attacks targeting Snowflake customers. ]]> 2024-07-12T12:39:31+00:00 https://www.securityweek.com/att-data-breach-nearly-all-wireless-customers-exposed-in-massive-hack/ www.secnews.physaphae.fr/article.php?IdArticle=8535676 False Data Breach,Hack None 2.0000000000000000 Bleeping Computer - Magazine Américain AT&T is warning of a massive data breach where threat actors stole the call logs for approximately 109 million customers, or nearly all of its mobile customers, from an online database on the company\'s Snowflake account. [...]]]> 2024-07-12T09:37:32+00:00 https://www.bleepingcomputer.com/news/security/massive-atandt-data-breach-exposes-call-logs-of-109-million-customers/ www.secnews.physaphae.fr/article.php?IdArticle=8535718 False Data Breach,Threat,Mobile None 2.0000000000000000 Dark Reading - Informationweek Branch Threat actors had access to the automotive provider\'s networks for more than a month before they were discovered.]]> 2024-07-11T19:04:15+00:00 https://www.darkreading.com/cyberattacks-data-breaches/advance-auto-parts-data-breach-affects-2m-customers www.secnews.physaphae.fr/article.php?IdArticle=8535210 False Data Breach,Threat None 3.0000000000000000 Recorded Future - FLux Recorded Future 2024-07-11T18:27:44+00:00 https://therecord.media/advance-auto-parts-data-breach-2million www.secnews.physaphae.fr/article.php?IdArticle=8535180 False Data Breach None 3.0000000000000000 HackRead - Chercher Cyber Hacktivist group “SiegedSec” claims responsibility for a data breach at the Heritage Foundation, stealing details of a potentially…]]> 2024-07-11T16:33:15+00:00 https://hackread.com/siegedsec-hacks-heritage-foundation-project-2025/ www.secnews.physaphae.fr/article.php?IdArticle=8535147 False Data Breach Heritage 3.0000000000000000 CyberSecurityVentures - cybersecurity services Cette semaine en cybersécurité des éditeurs du magazine Cybercrime & # 8211;Lisez l'histoire complète à Data Breach Today Sausalito, Californie & # 8211;11 juil. 2024 À quoi servent les défenses de cybersécurité d'une entreprise si elles ne peuvent pas détecter une violation?Ce serait comme posséder & # 160; un chien de garde

---

>This week in cybersecurity from the editors at Cybercrime Magazine – Read the Full Story at Data Breach Today Sausalito, Calif. – Jul. 11, 2024 What good are a company\'s cybersecurity defenses if they can\'t detect a breach? This would be like owning a guard dog ]]> 2024-07-11T12:44:51+00:00 https://cybersecurityventures.com/deep-observability-wanted-by-cisos-and-corporate-boards/ www.secnews.physaphae.fr/article.php?IdArticle=8534986 False Data Breach None 3.0000000000000000