Tag: data-breach
-
Security Affairs newsletter Round 514 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Akira ransomware gang used an unsecured webcam to bypass EDR Japanese telecom giant NTT suffered a data breach…
-
Japanese telecom giant NTT suffered a data breach that impacted 18,000 companies
A data breach suffered by the Japanese telecom giant NTT exposed information of nearly 18,000 corporate customers. Japanese telecom giant NTT suffered a data breach that exposed information of nearly 18,000 corporate customers. On February 5th, the security team detected suspicious activity in its ‘Order Information Distribution System,’ and immediately restricted access to device A.…
-
EncryptHub malware operations, attack chain exposed
First seen on scworld.com Jump to article: www.scworld.com/news/encrypthub-malware-operations-attack-chain-exposed
-
Data breach at Japanese telecom giant NTT hits 18,000 companies
Japanese telecommunication services provider NTT Communications Corporation (NTT) is warning almost 18,000 corporate customers that their information was compromised during a cybersecurity incident. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/data-breach-at-japanese-telecom-giant-ntt-hits-18-000-companies/
-
18,000 Organizations Impacted by NTT Com Data Breach
NTT Communications Corporation has disclosed a data breach impacting the information of nearly 18,000 customer organizations. The post 18,000 Organizations Impacted by NTT Com Data Breach appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/18000-organizations-impacted-by-ntt-com-data-breach/
-
Many Schools Report Data Breach After Retirement Services Firm Hit by Ransomware
Dozens of schools and thousands of individuals are impacted by a data breach resulting from a ransomware attack on Carruth Compliance Consulting. The post Many Schools Report Data Breach After Retirement Services Firm Hit by Ransomware appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/many-schools-report-data-breach-after-retirement-services-firm-hit-by-ransomware/
-
PrintSteal: Unmasking a Large-Scale KYC Document Fraud Operation
A recent investigation by CloudSEK has exposed PrintSteal, a vast cybercriminal operation engaged in the fraudulent generation and First seen on securityonline.info Jump to article: securityonline.info/printsteal-unmasking-a-large-scale-kyc-document-fraud-operation/
-
Hacked health firm HCRG demanded journalist ‘take down’ data breach reporting, citing UK court order
DataBreaches.net declined to comply, citing a lack of jurisdiction. First seen on techcrunch.com Jump to article: techcrunch.com/2025/03/06/hacked-health-firm-hcrg-demanded-journalist-take-down-data-breach-reporting-citing-uk-court-order/
-
Why Understanding Your Secrets is the Key to Faster Remediation
Up to 27 days to fix a leaked secret? We feel your pain. Explore how contextual secrets management helps you take control, cut remediation time, and strengthen your security posture. Don’t just detect, understand your secrets. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/why-understanding-your-secrets-is-the-key-to-faster-remediation/
-
Thousands of public school workers impacted by cyberattack on retirement plan administrator
A December 2024 cyberattack on a prominent administrator for retirement plans has exposed the information of thousands of public school teachers and employees across the U.S. First seen on therecord.media Jump to article: therecord.media/thousands-of-public-school-workers-impacted-data-breach
-
PrintSteal Cybercrime Group Mass-Producing Fake Aadhaar PAN Cards
A large-scale cybercrime operation dubbed >>PrintSteal
-
Rite Aid Agrees to $6.8M Data Breach Lawsuit Settlement
Provisional Agreement Tied to Ransomware Attack Affecting 2.2 Million Customers. American pharmacy chain giant Rite Aid reached a $6.8 million agreement to settle a data breach class action lawsuit, which includes a pledge to improve its cybersecurity practices. The breach involved a ransomware group stealing data pertaining to 2.2 million customers. First seen on govinfosecurity.com…
-
Over 37,000 VMware ESXi servers vulnerable to ongoing attacks
Over 37,000 internet-exposed VMware ESXi instances are vulnerable to CVE-2025-22224, a critical out-of-bounds write flaw that is actively exploited in the wild. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/over-37-000-vmware-esxi-servers-vulnerable-to-ongoing-attacks/
-
NHS investigating how API flaw exposed patient data
NHS patient data was left vulnerable by a flaw in an application programming interface used at online healthcare provider Medefer First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366620174/NHS-investigating-how-API-flaw-exposed-patient-data
-
Over 10,000 WordPress Sites Exposed by Donation Plugin Code Execution Vulnerability
A critical security flaw in the widely usedGiveWP Donation Plugin and Fundraising Platformhas left over 10,000 WordPress websites vulnerable to remote code execution attacks since March 3, 2025. Tracked as CVE-2025-0912, the vulnerability allows unauthenticated attackers to hijack sites by exploiting a deserialization flaw in versions 3.19.4 and earlier. Vulnerability Overview The vulnerability stems from […]…
-
Microsoft pushes a lot of products on users, but here’s one cybersecurity can embrace
Tags: access, attack, authentication, best-practice, business, cisa, cloud, cybersecurity, data-breach, defense, governance, government, identity, mfa, microsoft, monitoring, password, phishing, service, siemEntra monitors for suspicious activity: Entra monitors for activities that are more than likely being carried out by attackers. So, for example, the following actions are monitored:Users with leaked credentials.Sign-ins from anonymous IP addresses.Impossible travel to atypical locations.Sign-ins from infected devices.Sign-ins from IP addresses with suspicious activity.Sign-ins from unfamiliar locations.You can set a threshold for…
-
Over 820K airport lost and found records leaked by unsecured databases
Tags: data-breachFirst seen on scworld.com Jump to article: www.scworld.com/brief/over-820k-airport-lost-and-found-records-leaked-by-unsecured-databases
-
49,000+ Access Management Systems Worldwide Exposed to Major Security Gaps
A recent study conducted by Dutch IT security consultancy Modat has revealed alarming vulnerabilities in over 49,000 access management systems (AMS) worldwide. These systems, designed to control and secure access to buildings and sensitive areas, are reportedly plagued by misconfigurations that leave them exposed to cybercriminals. The findings underscore a global issue affecting industries such…
-
Misconfigured access management systems expose global enterprises to security risks
Tags: access, attack, authentication, control, credentials, cyberattack, cybersecurity, data, data-breach, detection, finance, Internet, monitoring, network, regulation, risk, technology, update, vulnerabilityRegional and industry-wide exposure: The investigation found a disproportionate concentration of exposed AMS in Europe, with Italy emerging as a key hotspot, reporting 16,678 exposed systems. Mexico and Vietnam followed, with 5,940 and 5,035 systems exposed, respectively.The US recorded 1,966 vulnerable systems, while other technologically advanced nations such as Canada and Japan showed comparatively lower…
-
BigAnt Server 0-Day Vulnerability Lets Attackers Run Malicious Code Remotely
A critical vulnerability in BigAntSoft’s enterprise chat server software has exposed ~50 internet-facing systems to unauthenticated remote code execution attacks. Designated CVE-2025-0364, this exploit chain enables attackers to bypass authentication protocols, create administrative accounts, and execute malicious PHP code on vulnerable servers running BigAnt Server v5.6.06 and earlier. CVE-2025-0364: Authentication Bypass to PHP Code Execution The…
-
Privacy Roundup: Week 9 of Year 2025
Tags: access, android, apple, attack, backdoor, breach, browser, cctv, control, cyber, cybersecurity, data, data-breach, encryption, endpoint, exploit, firmware, flaw, government, group, hacker, Internet, jobs, law, leak, malware, office, password, phishing, privacy, regulation, router, scam, service, software, switch, technology, threat, tool, update, vpn, vulnerabilityThis is a news item roundup of privacy or privacy-related news items for 23 FEB 2025 – 1 MAR 2025. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things may overlap;…
-
Rubrik rotates authentication keys after log server breach
Rubrik disclosed last month that one of its servers hosting log files was breached, causing the company to rotate potentially leaked authentication keys. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/rubrik-rotates-authentication-keys-after-log-server-breach/
-
Data breach liability strains cyber execs, says SolarWinds CISO
First seen on scworld.com Jump to article: www.scworld.com/brief/data-breach-liability-strains-cyber-execs-says-solarwinds-ciso
-
Meta fired about 20 employees because they had leaked “confidential information outside the company,” with more firings expected.
Tags: data-breachFirst seen on thesecurityblogger.com Jump to article: www.thesecurityblogger.com/meta-fired-about-20-employees-because-they-had-leaked-confidential-information-outside-the-company-with-more-firings-expected/
-
3rd March Threat Intelligence Report
Tags: breach, cyberattack, data, data-breach, email, group, hacker, intelligence, ransomware, threatOrange Group has confirmed a cyberattack on its Romanian branch, in which a hacker linked to the HellCat ransomware group stole 6.5GB of data over a month. The breach exposed 380,000 email […] First seen on research.checkpoint.com Jump to article: research.checkpoint.com/2025/3rd-march-threat-intelligence-report/
-
Top Data Breaches of February 2025
February 2025 saw a series of high-impact data breaches affecting industries ranging from healthcare and finance to cloud services and government agencies. These incidents exposed sensitive data, disrupted operations, and… First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/top-data-breaches-of-february-2025/
-
Indian Stock Broker Angel One Discloses Data Breach
Indian stock broker Angel One says client information was compromised in a data breach involving its AWS account. The post Indian Stock Broker Angel One Discloses Data Breach appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/indian-stock-broker-angel-one-discloses-data-breach/