Tag: data-breach
-
Sperm donation giant California Cryobank warns of a data breach
US sperm donor giant California Cryobank is warning customers it suffered a data breach that exposed customers’ personal information. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/sperm-donation-giant-california-cryobank-warns-of-a-data-breach/
-
US DOGE Staffer Sent Unencrypted Treasury Data over Email
Agency Official Says Ex-DOGE Staffer’s Data Breach Violated Security Policy. An ex-Department of Government Efficiency staffer violated Treasury rules by sending unencrypted personal data to two senior Trump administration officials without approval, raising concerns about the task force’s apparent disregard for or lack of knowledge about critical data security policies. First seen on govinfosecurity.com Jump…
-
GitHub Action hack likely led to another in cascading supply chain attack
A cascading supply chain attack that began with the compromise of the “reviewdog/action-setup@v1” GitHub Action is believed to have led to the recent breach of “tj-actions/changed-files” that leaked CI/CD secrets. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/github-action-hack-likely-led-to-another-in-cascading-supply-chain-attack/
-
Western Alliance Bank notifies 21,899 customers of data breach
Arizona-based Western Alliance Bank is notifying nearly 22,000 customers their personal information was stolen in October after a third-party vendor’s secure file transfer software was breached. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/western-alliance-bank-notifies-21-899-customers-of-data-breach/
-
Data breach hits California Cryobank
First seen on scworld.com Jump to article: www.scworld.com/brief/data-breach-hits-california-cryobank
-
Thousands of GitHub repositories’ secrets exposed by supply chain compromise
First seen on scworld.com Jump to article: www.scworld.com/brief/thousands-of-github-repositories-secrets-exposed-by-supply-chain-compromise
-
Black Basta Leader in League With Russian Officials, Chat Logs Show
Though the chat logs were leaked a month ago, analysts are now seeing that Russian officials may have assisted Black Basta members according, to the shared messages. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/black-basta-league-russian-officials-chat-logs
-
Western Alliance Bank says nearly 22,000 impacted by file transfer software breach
Phoenix-based Western Alliance Bank filed data breach notices saying about 22,000 people were affected by an incident involving file transfer software. First seen on therecord.media Jump to article: therecord.media/western-alliance-bank-data-breach
-
BlackBasta Ransomware Ties to Russian Authorities Uncovered
Leaked chat logs have exposed connections between the BlackBasta ransomware group and Russian authorities, according to new analysis by Trellix First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/blackbasta-ransomwares-ties-russia/
-
Over 16.8 Billion Records Exposed as Data Breaches Increase 6%
Flashpoint data points to a surge in data breaches fueled by compromised credentials, ransomware and exploits First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/168-billion-records-exposed/
-
Western Alliance Bank Discloses Data Breach Linked to Cleo Hack
The personal information of 22,000 Western Alliance Bank customers was stolen in a data breach linked to Cl0p’s hacking of the Cleo file transfer tool. The post Western Alliance Bank Discloses Data Breach Linked to Cleo Hack appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/western-alliance-bank-discloses-data-breach-linked-to-cleo-hack/
-
Third of UK Supply Chain Relies on “Chinese Military” Companies
Bitsight reveals that UK companies are more exposed to cyber risk than global peers via their digital supply chains First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/third-uk-supply-chain-relies/
-
Infosys Settles Data Breach Class Action Lawsuits for $17.5M
Ransomware Attack in 2023 Affected More Than 6 Million People. Indian IT services giant Infosys said its U.S. subsidiary Infosys McCamish Systems agreed to pay $17.5 million to settle six class action lawsuits related to a cybersecurity incident that compromised the personal information of more than 6 million people. First seen on govinfosecurity.com Jump to…
-
Cyberangriff auf einen Altenpflegedienst in Deutschland
Datenschutzvorfall in unseren Pflegeeinrichtungen First seen on sozial-holding.de Jump to article: www.sozial-holding.de/news-reader/datenschutzvorfall-in-unseren-pflegeeinrichtungen.html
-
Addressing The Growing Challenge of Generic Secrets: Beyond GitHub’s Push Protection
Generic secrets are hard to detect and are getting leaked more often. See how GitGuardian offers advanced protection where GitHub’s push protection falls short. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/addressing-the-growing-challenge-of-generic-secrets-beyond-githubs-push-protection/
-
What Is Exposure Management and Why Does It Matter?
Tags: access, attack, breach, business, ciso, cloud, compliance, credentials, cve, cyber, cybersecurity, data, data-breach, group, identity, infrastructure, iot, metric, password, phishing, risk, service, software, technology, threat, tool, vulnerability, vulnerability-managementEach Monday, the Tenable Exposure Management Academy will provide the practical, real-world guidance you need to shift from vulnerability management to exposure management. In our first blog in this new series, we get you started with an overview of the differences between the two and explore how cyber exposure management can benefit your organization. Traditional…
-
Millions of RSA Keys Exposed, Revealing Serious Exploitable Flaws
A recent study has highlighted a significant vulnerability in RSA keys used across the internet, particularly in IoT devices. Researchers collected and analyzed a vast dataset of RSA certificates, revealing that approximately 1 in 172 keys share a factor with another, making them susceptible to compromise. This vulnerability arises primarily from poor random number generation…
-
Zoom Team Chat Decrypted, Exposing User Activity Data
Cybersecurity experts have successfully decrypted Zoom Team Chat data, revealing a wealth of information about user activities. This achievement underscores the importance of digital forensics in uncovering hidden digital evidence. The focus on Zoom Team Chat artifacts has shown that, despite encryption, crucial communications and shared files can be exposed through meticulous analysis. The decryption…
-
RIP Mark Klein, the engineer who exposed US domestic spying ops after wiring it up
AT&T engineer, and the Deep Throat of the network age, dies at 79 First seen on theregister.com Jump to article: www.theregister.com/2025/03/15/rip_mark_klein/
-
Jaguar Land Rover Hit by HELLCAT Ransomware Using Stolen Jira Credentials
The HELLCAT ransomware group has claimed responsibility for a significant data breach at Jaguar Land Rover (JLR), exposing vast amounts of sensitive data including proprietary documents, source codes, employee information, and partner details. This attack follows a pattern previously observed against prominent companies like Telefónica, Schneider Electric, and Orange, highlighting the group’s reliance on exploiting…
-
AI development pipeline attacks expand CISOs’ software supply chain risk
Tags: access, ai, api, application-security, attack, backdoor, breach, business, ciso, cloud, container, control, cyber, cybersecurity, data, data-breach, detection, encryption, exploit, flaw, fortinet, government, infrastructure, injection, intelligence, LLM, malicious, malware, ml, network, open-source, password, penetration-testing, programming, pypi, risk, risk-assessment, russia, saas, sbom, service, software, supply-chain, threat, tool, training, vpn, vulnerabilitydevelopment pipelines are exacerbating software supply chain security problems.Incidents of exposed development secrets via publicly accessible, open-source packages rose 12% last year compared to 2023, according to ReversingLabs (RL).A scan of 30 of the most popular open-source packages found an average of six critical-severity and 33 high-severity flaws per package.Commercial software packages are also a…
-
South African Department of Defence Denies Stolen Data Claims
Attackers leaked 1.6TB of stolen data, which government officials dismissed as fake news. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/south-african-department-of-defence-denies-stolen-data-claims
-
Kroll’s Crypto Breach Highlights SIM-Swapping Risk
Information was exposed on hundreds of crypto-related bankruptcy claimants in proceedings involving FTX, Genesis, and BlockFI. First seen on darkreading.com Jump to article: www.darkreading.com/remote-workforce/kroll-cryoto-breach-sim-swapping-risk
-
Datenleck bei Merkur Online-Casinos: Spieler können mehr als nur viel Geld verlieren
Tags: data-breachDie White Hat Hackerin Lilith Wittmann hat erneut zugeschlagen und ein gravierendes Datenleck bei den Merkur Online-Casinos entdeckt. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/datenleck-bei-merkur-online-casinos-spieler-koennen-mehr-als-nur-viel-geld-verlieren-311822.html
-
Report on ransomware attacks on Fortinet firewalls also reveals possible defenses
Tags: access, attack, authentication, automation, backdoor, backup, ciso, control, credentials, cve, cybercrime, data, data-breach, defense, exploit, firewall, fortinet, group, infrastructure, Internet, lockbit, malicious, monitoring, network, password, radius, ransom, ransomware, risk, router, tactics, threat, tool, update, vpn, vulnerability, windowsSigns of intrusion: “This actor exhibits a distinct operational signature that blends elements of opportunistic attacks with ties to the LockBit ecosystem,” Forescout said in its analysis.”Mora_001’s relationship to the broader Lockbit’s ransomware operations underscores the increased complexity of the modern ransomware landscape where specialized teams collaborate to leverage complementary capabilities.”CISOs should note these consistent…
-
More than 23.7 Million Hardcoded Secrets Publicly Exposed In GitHub Last Year
First seen on scworld.com Jump to article: www.scworld.com/brief/more-than-23-7-million-hardcoded-secrets-publicly-exposed-in-github-last-year
-
Appellate court upholds sentence for former Uber cyber executive Joe Sullivan
A federal three-judge panel in California upheld the sentence former Uber executive Joe Sullivan received after being convicted in an attempted coverup of a 2016 data breach at the company. First seen on therecord.media Jump to article: therecord.media/joe-sullivan-former-uber-executive-conviction-upheld
-
ATT technician Mark Klein, who exposed secret NSA spying, dies
Klein, a former ATT technician turned whistleblower, exposed mass surveillance by the U.S. government in 2006. First seen on techcrunch.com Jump to article: techcrunch.com/2025/03/14/att-technician-mark-klein-who-exposed-secret-nsa-spying-dies/