Tag: data-breach
-
Clinical Trial Database Exposes 1.6M Records to Web
Researcher Says Firm Failed to Secure Sensitive Health Data From Survey Forms. An unsecured database containing 2 terabytes of data allegedly exposed more than 1.6 million clinical research records to the internet, including sensitive personal and medical information of patients, said the security researcher who discovered the lapse. Why does this keep happening? First seen…
-
DarkMind: A Novel Backdoor Attack Exploiting Customized LLMs’ Reasoning Capabilities
The rise of customized large language models (LLMs) has revolutionized artificial intelligence applications, enabling businesses and individuals to leverage advanced reasoning capabilities for complex tasks. However, this rapid adoption has also exposed critical vulnerabilities. A groundbreaking study by Zhen Guo and Reza Tourani introduces DarkMind, a novel backdoor attack targeting the reasoning processes of customized…
-
Finastra Starts Notifying People Impacted by Recent Data Breach
Financial software firm Finastra is notifying individuals whose personal information was stolen in a recent data breach. The post Finastra Starts Notifying People Impacted by Recent Data Breach appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/finastra-starts-notifying-people-impacted-by-recent-data-breach/
-
Zacks Investment Data Breach Exposes 12 Million Emails and Phone Numbers
Tags: breach, credentials, cyber, cybersecurity, data, data-breach, email, finance, identity, password, phone, service, theftA cybersecurity incident at Zacks Investment Research has exposed sensitive data belonging to 12 million users, marking the second major breach for the financial services firm since 2022. The compromised information includes email addresses, phone numbers, names, IP addresses, physical addresses, and weakly protected password hashes, raising concerns about identity theft and credential-stuffing attacks. Breach…
-
BitConnect Scam Exposed as Indian Authorities Seize Illicit Gains
The Directorate of Enforcement (ED) in Ahmedabad has dealt a significant blow to one of history’s largest cryptocurrency frauds, recovering Rs. 1,646 crore (approx. $219 million) in illicit crypto assets linked to the BitConnect Ponzi scheme during coordinated raids on 11 and 15 February. The operation”, part of a years-long probe into the multi-billion-rupee scam”, also seized…
-
Password managers under increasing threat as infostealers triple and adapt
Tags: access, attack, authentication, automation, breach, ceo, cloud, credentials, crypto, cyber, cybercrime, cybersecurity, dark-web, data, data-breach, defense, email, encryption, exploit, finance, hacker, identity, intelligence, least-privilege, login, malicious, malware, mfa, password, phishing, ransomware, risk, service, switch, tactics, theft, threat, tool, vulnerability, zero-trustMalware-as-a-service infostealers: For example, RedLine Stealer is specifically designed to target and steal sensitive information, including credentials stored in web browsers and other applications. It is often distributed through phishing emails or by tricking prospective marks into visiting booby-trapped websites laced with malicious downloaders.Another threat comes from Lumma stealer, offered for sale as a malware-as-a-service,…
-
Privacy Roundup: Week 7 of Year 2025
Tags: access, antivirus, api, apple, attack, breach, business, cctv, cve, cybersecurity, data, data-breach, detection, email, exploit, firmware, flaw, google, group, law, leak, malware, microsoft, military, network, password, phishing, privacy, router, scam, service, software, technology, threat, tool, update, virus, vpn, vulnerability, windows, zero-dayThis is a news item roundup of privacy or privacy-related news items for 9 FEB 2025 – 15 FEB 2025. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things may overlap;…
-
Thermomix-Datenleck: Millionen Nutzerdaten der Web-Plattform Rezeptwelt.de gestohlen
Tags: data-breachFirst seen on datensicherheit.de Jump to article: www.datensicherheit.de/thermomix-datenleck-millionen-nutzerdaten-web-plattform-rezeptwelt-de-diebstahl
-
Fintech giant Finastra notifies victims of October data breach
Financial technology giant Finastra is notifying victims of a data breach after their personal information was stolen by unknown attackers who first breached its systems in October 2024. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fintech-giant-finastra-notifies-victims-of-october-data-breach/
-
Mars Hydro Datenleck 2025: Fast 3 Milliarden Datensätze offen im Netz
Massives Leak bei Mars Hydro: Fast 3 Milliarden Datensätze standen ungeschützt im Netz. Außerdem: Leak-News zu Storenvy, Zacks und Doxbin. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/datenschutz/mars-hydro-datenleck-2025-fast-3-milliarden-datensaetze-offen-im-netz-310422.html
-
CVE-2024-1709 and CVE-2023-48788: Exploits Fueling Russia’s BadPilot Campaign
Microsoft Threat Intelligence has exposed a multiyear cyber espionage campaign conducted by a subgroup of the Russian state-sponsored First seen on securityonline.info Jump to article: securityonline.info/cve-2024-1709-and-cve-2023-48788-exploits-fueling-russias-badpilot-campaign/
-
Online-Investitionsrecherche: Daten von Millionen Zacks-Nutzern geleakt
Tags: data-breachIn einem Untergrundforum stehen persönliche Daten von Millionen Zacks-Kunden zum Verkauf. First seen on heise.de Jump to article: www.heise.de/news/Online-Investitionsrecherche-Daten-von-Millionen-Zacks-Nutzern-geleakt-10283931.html
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 33
Tags: breach, credit-card, cyber, data, data-breach, google, india, international, malware, mobile, north-korea, usaSecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Mobile Indian Cyber Heist: FatBoyPanel And His Massive Data Breach Google Tag Manager Skimmer Steals Credit Card Info From Magento Site From South America to Southeast Asia: The Fragile Web of REF7707 Analyzing DEEP#DRIVE: North Korean…
-
Pennsylvania utility says MOVEit breach at vendor exposed some customer data
A Pennsylvania utility company says that basic customer data stolen from one of its vendors in 2023 was recently exposed online, but the incident did not affect its core systems. First seen on therecord.media Jump to article: therecord.media/pennsylvania-utility-says-moveit-vendor-breach-exposed-some-data
-
Almost 12M Zacks Investment Research Accounts Exposed
Tags: data-breachFirst seen on scworld.com Jump to article: www.scworld.com/brief/almost-12m-zacks-investment-research-accounts-exposed
-
South Korean CSOs Under Cyberattack: 3-Year Study
A three-year study conducted by independent security researcher Ovie (Ovi) has exposed the scale and sophistication of digital First seen on securityonline.info Jump to article: securityonline.info/south-korean-csos-under-cyberattack-3-year-study/
-
Inconsistent security strategies fuel third-party threats
47% of organizations have experienced a data breach or cyberattack over the past 12 months that involved a third-party accessing their network, according to Imprivata and the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/14/third-party-data-breach-risks/
-
Breach Roundup: Microsoft Patches Two Zero-Days in February
Also: Google Fixes YouTube Vulnerabilities That Could Have Exposed User Emails. This week: Microsoft, Ivanti and Google release fixes for critical vulnerabilities and urge priority patching; Lee Enterprises confirms a cyberattack disrupted newspaper operations; and thousands of KerioControl Firewalls exposed to critical remote code execution flaws. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/breach-roundup-microsoft-patches-two-zero-days-in-february-a-27515
-
Doxbin Data Breach: Hackers Leak 136K User Records and Blacklist File
Doxbin Data Breach: Hackers leak 136,000+ user records, emails, and a ‘blacklist’ file, exposing those who paid to… First seen on hackread.com Jump to article: hackread.com/doxbin-data-breach-hackers-leak-user-records-blacklist-file/
-
Hacker leaks account data of 12 million Zacks Investment users
Zacks Investment Research (Zacks) last year reportedly suffered another data breach that exposed sensitive information related to roughly 12 million accounts. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hacker-leaks-account-data-of-12-million-zacks-investment-users/
-
30,000 WordPress Sites Exposed to Exploitation via File Upload Vulnerability
A critical security vulnerability in the >>Security & Malware scan by CleanTalk
-
Thermomix-Datenleck: Was Betroffene jetzt tun können
Ein massives Datenleck hat die Rezeptplattform Rezeptwelt.de getroffen, die von Thermomix-Hersteller Vorwerk betrieben wird. Laut Unternehmensangaben haben Hacker die persönlichen Daten von mehr als 3,1 Millionen Nutzern gestohlen und bieten diese nun im Darknet zum Verkauf an für gerade einmal 1.500 US-Dollar. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/thermomix-datenleck-was-betroffene-jetzt-tun-koennen
-
Doxbin erneut gehackt: Hackergruppe Tooda schlägt zurück
Tags: data-breachEin massives Datenleck erschüttert Doxbin! Tooda rächt sich und veröffentlicht sensible Nutzerdaten. Darunter auch die “Blacklist”. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/szene/deepweb/doxbin-erneut-gehackt-hackergruppe-tooda-schlaegt-zurueck-310152.html
-
Sarcoma ransomware gang claims the theft of sensitive data from PCB maker Unimicron
The Sarcoma ransomware group announced a breach of the Taiwanese printed circuit board (PCB) manufacturing giant Unimicron. The Sarcoma ransomware group claims to have breached Taiwanese PCB manufacturer Unimicron, leaked sample files, and threatened a full data release if no ransom is paid by Tuesday, February 20, 2025. Unimicron Technology Corporation is a Taiwanese company…
-
Mental Health Provider Settles Fortra Hack Lawsuit for $7M
Breach of GoAnywhere File Transfer App at Brightline Affected 1 Million Patients. Virtual mental health provider Brightline has agreed to pay $7 million to settle a proposed class action lawsuit involving a data breach affecting about 1 million individuals stemming from the 2023 hack by ransomware gang Clop on software vendor Fortra’s GoAnywhere managed file…