Tag: data-breach
-
The Zero-Detection PHP Backdoor Glutton Exposed
A discovery by XLab has detailed Glutton, a stealthy PHP backdoor targeting both traditional organizations and the cybercrime ecosystem itself. According to XLab’s analysis, Glutton represents a new generation of... First seen on securityonline.info Jump to article: securityonline.info/the-zero-detection-php-backdoor-glutton-exposed/
-
Time of Reckoning Reviewing My 2024 Cybersecurity Predictions
Tags: ai, attack, automation, awareness, breach, business, chatgpt, china, compliance, cyber, cyberattack, cybercrime, cybersecurity, data, data-breach, disinformation, election, espionage, exploit, healthcare, incident response, infrastructure, jobs, law, linkedin, malware, monitoring, moveIT, phishing, privacy, ransomware, regulation, risk, russia, service, software, supply-chain, technology, threat, tool, ukraine, update, vulnerability, warfare, zero-dayThe brutal reality is that cybersecurity predictions are only as valuable as their accuracy. As 2024 comes to a close, I revisit my forecasts to assess their utility in guiding meaningful decisions. Anyone can make predictions (and far too many do), but actually being correct is another matter altogether. It is commonplace for security companies…
-
UnitedHealth’s Optum left an AI chatbot, used by employees to ask questions about claims, exposed to the internet
Optum’s AI chatbot was found exposed online at a time when the healthcare giant faces scrutiny for its use of AI to allegedly deny patient claims. First seen on techcrunch.com Jump to article: techcrunch.com/2024/12/13/unitedhealthcares-optum-left-an-ai-chatbot-used-by-employees-to-ask-questions-about-claims-exposed-to-the-internet/
-
UnitedHealthcare’s Optum left an AI chatbot, used by employees to ask questions about claims, exposed to the internet
Optum’s AI chatbot was found exposed online at a time when the healthcare giant faces scrutiny for its use of AI to allegedly deny patient claims. First seen on techcrunch.com Jump to article: techcrunch.com/2024/12/13/unitedhealthcares-optum-left-an-ai-chatbot-used-by-employees-to-ask-questions-about-claims-exposed-to-the-internet/
-
Krispy Kreme hit with a bellyache of a data breach
First seen on scworld.com Jump to article: www.scworld.com/news/krispy-kreme-hit-with-a-bellyache-of-a-data-breach
-
CISA warns water facilities to secure HMI systems exposed online
CISA and the Environmental Protection Agency (EPA) warned water facilities today to secure Internet-exposed Human Machine Interfaces (HMIs) from cyberattacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-warns-water-facilities-to-secure-hmi-systems-exposed-online/
-
Schutzmechanismen gegen Datenlecks und Angriffe – Datensicherheit in der Cloud Verschlüsselung, Zugriffskontrolle und Compliance
First seen on security-insider.de Jump to article: www.security-insider.de/sicherheit-compliance-cloud-optimierung-a-289717c72e17848b632639ca9434a4ab/
-
336K Prometheus Instances Exposed to DoS, ‘Repojacking’
Open source Prometheus servers and exporters are leaking plaintext passwords and tokens, along with API addresses of internal locations. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/336k-prometheus-instances-exposed-dos-repojacking
-
Professions That Are the Most Exposed to Cybersecurity Threats
Explore the professions most vulnerable to cybersecurity threats in 2025, from IT pros to crypto investors. Learn how… First seen on hackread.com Jump to article: hackread.com/professions-most-exposed-to-cybersecurity-threats/
-
Krispy Kreme Cyberattack Disrupts Online Orders; Company Responds to Data Breach
Krispy Kreme disclosed a cyberattack impacting its operations, most notably disrupting online ordering services in parts of the United States. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/krispy-kreme-cyberattack/
-
Screen Actors Guild Health Plan sued after September data breach exposes healthcare info
SAG-AFTRA Health Plan said investigators traced the breach back to a phishing email that compromised the account. Law enforcement has been notified and the investigation is ongoing. ]]> First seen on therecord.media Jump to article: therecord.media/screen-actors-guild-health-plan-sued-over-data-breach
-
Trump FTC pick seen as mixed bag for data privacy enforcement
Ferguson has voted in favor of every privacy-related enforcement since he began his tenure as a commissioner in April, but a leaked memo he wrote to Trump suggest he will diverge from the current approach in important ways.]]> First seen on therecord.media Jump to article: therecord.media/trump-ftc-pick-ferguson-seen-as-mixed-bag-on-privacy
-
Bitcoin ATM firm Byte Federal hacked via GitLab flaw, 58K users exposed
US Bitcoin ATM operator Byte Federal has disclosed a data breach that exposed the data of 58,000 customers after its systems were breached using a GitLab vulnerability. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/bitcoin-atm-firm-byte-federal-hacked-via-gitlab-flaw-58k-users-exposed/
-
Over 300K Prometheus Instances Exposed: Credentials and API Keys Leaking Online
Cybersecurity researchers are warning that thousands of servers hosting the Prometheus monitoring and alerting toolkit are at risk of information leakage and exposure to denial-of-service (DoS) as well as remote code execution (RCE) attacks.”Prometheus servers or exporters, often lacking proper authentication, allowed attackers to easily gather sensitive information, such as credentials and API First seen…
-
Krispy Kreme Faces Cyberattack Disrupting Online Orders; Company Responds to Data Breach
Krispy Kreme disclosed a cyberattack impacting its operations, most notably disrupting online ordering services in parts of the United States. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/krispy-kreme-cyberattack/
-
Clearinghouse Pays $250K Settlement in Web Exposure Breach
Inmediata Health Group Has Paid $2.7M in Fines, Civil Claims for 2019 HIPAA Breach. A breach that exposed the personal information of nearly 1.6 million patients of a Puerto Rico-based clearinghouse has led to a $250,000 financial settlement with federal regulations for multiple HIPAA violations. The 2019 leak has cost Inmediata Health $2.7 million in…
-
iOS vuln leaves user data dangerously exposed
Jamf threat researchers detail an exploit chain for a recently patched iOS vulnerability that enables a threat actor to steal sensitive data, warning that many organisations are still neglecting mobile updates. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366616985/iOS-vuln-leaves-user-data-dangerously-exposed
-
Ongoing widespread AWS customer credential theft exposed by open S3 bucket
First seen on scworld.com Jump to article: www.scworld.com/news/ongoing-widespread-aws-customer-credential-theft-exposed-by-open-s3-bucket
-
OpenWrt Update Flaw Exposed Devices to Malicious Firmware
Embedded Device Operating Sytem Had Flaw Allowing Hacers to Bypass Integrity Check. A critical flaw in the updating service of a popular Linux operating system for embedded devices could enable hackers to compromise firmware with malicious images. OpenWrt developers patched the vulnerability, with a CVSS core of 9.3 and tracked as CVE-2024-54143. First seen on…
-
Cleo File Transfer Vulnerability Under Exploitation Patch Pending, Mitigation Urged
Users of Cleo-managed file transfer software are being urged to ensure that their instances are not exposed to the internet following reports of mass exploitation of a vulnerability affecting fully patched systems.Cybersecurity company Huntress said it discovered evidence of threat actors exploiting the issue en masse on December 3, 2024. The vulnerability, which impacts Cleo’s…
-
Hackers Exploit AWS Misconfigurations in Massive Data Breach
Hackers exploited AWS misconfigurations, leaking 2TB of sensitive data, including customer information, credentials and proprietary source code First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/hackers-exploit-aws/
-
Blue Yonder investigating data leak claim following ransomware attack
The software supply chain company is widening its investigation after Termite ransomware leaked data it claims is linked to the attack. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/blue-yonder-data-leak-ransomware/734987/
-
Verbraucherzentrale reicht nach BGH-Urteil zu facebook-Datenleck Sammelklage ein
Tags: data-breachFirst seen on datensicherheit.de Jump to article: www.datensicherheit.de/verbraucherzentrale-einreichung-nachgang-bgh-urteil-facebook-datenleck-sammelklage