Tag: data-breach
-
Week in review: Microsoft patches actively exploited 0-days, Amazon and HSBC employee data leaked
by
in SecurityNewsHere’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039) … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/17/week-in-review-microsoft-patches-actively-exploited-0-days-amazon-and-hsbc-employee-data-leaked/
-
Two-Step Phishing Technique Leveraging Microsoft Visio Files Exposed by Researchers
by
in SecurityNewsPerception Point’s latest findings have uncovered an advanced two-step phishing technique exploiting Microsoft Visio files (.vsdx) and SharePoint to launch highly deceptive credential theft campaigns. Traditionally used for professional diagrams... First seen on securityonline.info Jump to article: securityonline.info/two-step-phishing-technique-leveraging-microsoft-visio-files-exposed-by-researchers/
-
Cyber Crisis Management Plan: Shield for Brand Reputation
by
in SecurityNews
Tags: attack, breach, cyber, cyberattack, cybersecurity, data, data-breach, technology, vulnerabilityDespite advances in security technology, cybersecurity attacks and data breaches are increasingly common as attackers keep discovering new vulnerabilities and infiltration methods. Organizations now understand that a cyberattack or data breach is often inevitable”, it’s typically a question of when, not if. The positive side is that cybersecurity crisis management plans can help businesses prepare…
-
Ten Lessons Learned from The Mother of All Breaches Data Leak
by
in SecurityNewsWhat a year after the Mother of All Breaches data leak has taught us on cybersecurity, data protection, and more. It’s almost been a year since the “Mother of All Breaches” (MOAB), widely known as one of the largest and most impactful data breaches in cybersecurity history, exposed massive volumes of sensitive data. We’ve put……
-
Mögliches Destatis-Datenleck soll keine Wahlauswirkungen haben
by
in SecurityNews
Tags: data-breachBezüglich des möglichen Datenlecks bei Destatis hat die Behörde die Sicherheitsbehörden eingeschaltet. Die anstehende Bundestagswahl sei aber nicht betroffen. First seen on heise.de Jump to article: www.heise.de/news/Moegliches-Datenleck-beim-Statistischen-Bundesamt-10039530.html
-
Keyboard robbers steal 171K customers’ data from AnnieMac mortgage house
by
in SecurityNewsNames and social security numbers of folks looking for the biggest loan of their lives exposed First seen on theregister.com Jump to article: www.theregister.com/2024/11/15/anniemac_data_breach/
-
Critical Plugin Flaw Exposed 4 Million WordPress Websites to Takeover
by
in SecurityNewsOver 4 million WordPress websites were impacted by a critical Really Simple Security plugin vulnerability providing full administrative access. The post Critical Plugin Flaw Exposed 4 Million WordPress Websites to Takeover appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/critical-plugin-flaw-exposed-4-million-wordpress-websites-to-takeover/
-
Microsoft Power Pages misconfigurations exposing sensitive data
by
in SecurityNewsNHS supplier that leaked employee info fell victim to fiddly access controls that can leave databases dangling online First seen on theregister.com Jump to article: www.theregister.com/2024/11/15/microsoft_power_pages_misconfigurations/
-
Low-Code, High Risk: Millions of Records Exposed via Misconfigured Microsoft Power Pages
by
in SecurityNewsSecurity researcher investigated Microsoft Power Pages installations and found several with misconfigurations allowing unintentional access to confidential data. The post Low-Code, High Risk: Millions of Records Exposed via Misconfigured Microsoft Power Pages appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/low-code-high-risk-millions-of-records-exposed-via-misconfigured-microsoft-power-pages/
-
Destatis von Hackern angegriffen: Sensible Unternehmensdaten im Darknet aufgetaucht
by
in SecurityNewsDestatis-Hack: Unternehmensdaten deutscher Firmen im Darknet aufgetaucht. Das Datenleck betrifft sensible Informationen. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/destatis-von-hackern-angegriffen-sensible-unternehmensdaten-im-darknet-aufgetaucht-304250.html
-
1.1 Million UK NHS Employee Records Exposed From Microsoft Power Pages Misconfiguration
by
in SecurityNewsSecurity researchers from AppOmni have uncovered millions of business records that are accessible to anyone through low-code website builder Microsoft Power Pages. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/uk-nhs-employee-records-exposed/
-
IT specialist Jack Teixeira jailed for 15 years after leaking classified military documents on Discord
by
in SecurityNewsJack Teixeira, the 22-year-old former Air National Guardsman who leaked hundreds of classified documents online, has been sentenced to 15 years in prison. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/it-specialist-jack-teixeira-jailed-for-15-years-after-leaking-classified-military-documents-on-discord
-
Kids’ shoemaker Start-Rite trips over security again, spilling customer card info
by
in SecurityNewsFull details exposed, putting shoppers at serious risk of fraud First seen on theregister.com Jump to article: www.theregister.com/2024/11/14/smartrite_breach/
-
5 BCDR Oversights That Leave You Exposed to Ransomware
by
in SecurityNewsRansomware isn’t just a buzzword; it’s one of the most dreaded challenges businesses face in this increasingly digitized world. Ransomware attacks are not only increasing in frequency but also in sophistication, with new ransomware groups constantly emerging. Their attack methods are evolving rapidly, becoming more dangerous and damaging than ever. Almost all respondents (99.8%) in…
-
Datenleck bei Online-Auskunftei: Hackerin kann beliebige Bonitätsdaten einsehen
by
in SecurityNews
Tags: data-breachDie Aktivistin Lilith Wittmann fand einen neuen Weg, beliebige Bonitätsdaten mit wenig Aufwand abzurufen. Der Anbieter reagierte mit Abschaltung. First seen on heise.de Jump to article: www.heise.de/news/Datenleck-bei-Online-Auskunftei-Hackerin-kann-beliebige-Bonitaetsdaten-einsehen-10034774.html
-
WIRTE: Hamas-Linked Cyber Espionage Group Now Wielding SameCoin Wiper Malware
by
in SecurityNewsCheck Point Research recently exposed ongoing activity from WIRTE, a Hamas-affiliated cyber-espionage group, that continues despite the intensifying conflict in the Middle East. Historically focused on espionage, WIRTE has expanded... First seen on securityonline.info Jump to article: securityonline.info/wirte-hamas-linked-cyber-espionage-group-now-wielding-samecoin-wiper-malware/
-
Leaked info of 122 million linked to B2B data aggregator breach
by
in SecurityNewsThe business contact information for 122 million people circulating since February 2024 is now confirmed to have been stolen from a B2B demand generation platform. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/leaked-info-of-122-million-linked-to-b2b-data-aggregator-breach/
-
Hot Topic data breach exposed personal data of 57 million customers
by
in SecurityNewsMillions of customers of Hot Topic have been informed that their personal data was compromised during an October data breach at the American retailer. Have I Been Pwned (HIBP), the breach notification service, said this week that it alerted 57 million Hot Topic customers that their data had been compromised. The stolen data includes email…
-
Exposed United Nations Database Left Sensitive Information Accessible Online
by
in SecurityNewsMore than 115,000 files related to UN Women included detailed financial disclosures from organizations around the world, and personal details and test… First seen on wired.com Jump to article: www.wired.com/story/un-women-database-exposure/
-
D-Link won’t fix critical bug in 60,000 exposed EoL modems
by
in SecurityNewsTens of thousands of exposed D-Link routers that have reached their end-of-life are vulnerable to a critical security issue that allows an unauthenticated remote attacker to change any user’s password and take complete control of the device. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/d-link-wont-fix-critical-bug-in-60-000-exposed-eol-modems/
-
Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned
by
in SecurityNewsCybersecurity researchers have flagged a massive campaign that targets exposed Git configurations to siphon credentials, clone private repositories, a… First seen on thehackernews.com Jump to article: thehackernews.com/2024/11/massive-git-config-breach-exposes-15000.html
-
Citrix ‘Recording Manager’ Zero-Day Bug Allows Unauthenticated RCE
by
in SecurityNewsThe security vulnerability is due to an exposed Microsoft Message Queuing (MSMQ) instance and the use of the insecure BinaryFormatter. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/citrix-recording-manager-zero-day-bug-unauthenticated-rce
-
Halliburton Optimistic Amid $35M Data Breach Loss
by
in SecurityNewsThough its third-quarter earnings report confirms that the company remains on track, it’s unclear how that will be affected if the threat actors commit further damage. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/halliburton-optimistic-35m-data-breach-losses
-
Amazon confirms employee data exposed in leak linked to MOVEit vulnerability
by
in SecurityNewsOver 5 million records from 25 organizations posted to black hat forum First seen on theregister.com Jump to article: www.theregister.com/2024/11/12/amazon_moveit_breach/
-
Form I-9 Compliance Data Breach Impacts Over 190,000 People
by
in SecurityNewsThe impact of a data breach suffered by Form I-9 Compliance is growing, with the number of affected individuals reaching 190,000. The post Form I-9 Compliance Data Breach Impacts Over 190,000 People appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/form-i-9-compliance-data-breach-impacts-over-190000-people/
-
Millions of Hot Topic Customers Impacted by Data Breach
by
in SecurityNewsHot Topic has suffered a data breach impacting approximately 57 million unique email addresses and the personal information of roughly 25 million. The post Millions of Hot Topic Customers Impacted by Data Breach appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/millions-of-hot-topic-customers-impacted-by-data-breach/
-
Halliburton Remains Optimistic Amid $35M Data Breach Losses
by
in SecurityNewsThough its third-quarter earnings report confirms that the company remains on track, it’s unclear how that will be affected if the threat actors commit further damage. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/halliburton-optimistic-35m-data-breach-losses
-
Amazon Employee Data Leaked by Hacker
by
in SecurityNewsAmazon has confirmed that some employee data was compromised as a result of a MOVEit hack last year. The post Amazon Employee Data Leaked by Hacker appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/amazon-employee-data-leaked-by-hacker/
-
Massive troves of Amazon, HSBC employee data leaked
by
in SecurityNewsA threat actor who goes by the online moniker >>Nam3L3ss