Tag: data-breach
-
North Korean Kimsuky Hackers Use GitHub to Target Foreign Embassies with XenoRAT Malware
Tags: cyber, data-breach, email, espionage, github, group, hacker, malware, north-korea, password, phishing, spear-phishingThe Trellix Advanced Research Center exposed a DPRK-linked espionage operation attributed to the Kimsuky group (APT43), targeting diplomatic missions in South Korea. Between March and July, at least 19 spear-phishing emails impersonated trusted diplomatic contacts, delivering malware via password-protected ZIP archives hosted on Dropbox and Daum. These emails lured embassy staff with credible invitations to…
-
Microsoft Defender AI Can Detect Plaintext Credentials in Active Directory
Tags: ai, attack, credentials, cyber, cybersecurity, data-breach, intelligence, microsoft, vulnerabilityMicrosoft has unveiled a new AI-powered security capability that addresses one of cybersecurity’s most persistent vulnerabilities: plaintext credentials stored in Active Directory systems. The enhanced Microsoft Defender feature uses sophisticated artificial intelligence to detect exposed credentials with unprecedented precision, helping organizations eliminate a critical attack vector that has plagued enterprise environments. Widespread Credential Exposure Problem…
-
Australian ISP iiNet Suffers Breach of 280,000+ Records
Over 280,000 customers of Australian ISP iiNet have been impacted by a data breach First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/aussie-isp-iinet-breach-280000/
-
Allianz Life security breach impacted 1.1 million customers
Allianz Life breach exposed data of most of its 1.4M customers; HIBP lists 1.1M impacted, though the insurer hasn’t confirmed exact figures. In July, Allianz Life disclosed a breach where hackers stole data from a cloud database, affecting most of its 1.4M customers and staff. Now, the data breach notification site Have I Been Pwned…
-
7 signs it’s time for a managed security service provider
Tags: access, best-practice, breach, business, ciso, compliance, cyber, cybersecurity, data, data-breach, defense, detection, edr, incident, incident response, intelligence, mitigation, monitoring, mssp, ransomware, risk, service, siem, soc, software, supply-chain, threat, tool, update, vulnerability, vulnerability-management2. Your security team is wasting time addressing and evaluating alerts: When your SOC team is ignoring 300 daily alerts and manually triaging what should be automated, that’s your cue to consider an MSSP, says Toby Basalla, founder and principal data consultant at data consulting firm Synthelize.When confusion reigns, who in the SOC team knows…
-
Massive Allianz Life data breach impacts 1.1 million people
Hackers have stolen the personal information of 1.1 million individuals in a Salesforce data theft attack, which impacted U.S. insurance giant Allianz Life in July. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/massive-allianz-life-data-breach-impacts-11-million-people/
-
Intel Websites Compromised, Allowing Hackers Access to Employee and Confidential Data
A series of critical security flaws in Intel’s internal web infrastructure exposed the personal details of more than 270,000 employees and potentially provided attackers with access to sensitive corporate and supplier information. The discoveries highlight severe weaknesses across multiple Intel-owned websites, raising broader concerns about the company’s handling of web application security. According to security…
-
Workday Confirms Data Breach Tied to Salesforce Attacks
A New Corporate Victim in a Broader CRM Exploitation Campaign Workday, one of the world’s leading human capital management (HCM) software providers, has confirmed it was impacted in a recent string of coordinated cyberattacks targeting Salesforce CRM instances through sophisticated social engineering. While the company says no customer tenants or internal systems were compromised, attackers……
-
Allianz Life data breach affects 1.1 million customers
Data breach notification site Have I Been Pwned notified 1.1 million customers of a July data breach, a number not previously reported. First seen on techcrunch.com Jump to article: techcrunch.com/2025/08/18/allianz-life-data-breach-affects-1-1-million-customers/
-
Casino gaming company Bragg says hackers accessed ‘internal computer environment’
Bragg Gaming Group said on Monday that it “believes that the data breach was limited to Bragg’s internal computer environment” based on its preliminary investigation. First seen on therecord.media Jump to article: therecord.media/casino-gaming-company-cyber-incident-bragg
-
ERMAC Android malware source code leak exposes banking trojan infrastructure
The source code for version 3 of the ERMAC Android banking trojan has been leaked online, exposing the internals of the malware-as-a-service platform and the operator’s infrastructure. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ermac-android-malware-source-code-leak-exposes-banking-trojan-infrastructure/
-
Manpower Data Breach Hits 144K, Workday Confirms 3rd-Party CRM Hack
A cyberattack on Manpower’s Michigan office compromised data for 144,000 people. Meanwhile, Workday reveals a data breach in… First seen on hackread.com Jump to article: hackread.com/manpower-data-breach-workday-3rd-party-crm-hack/
-
UK’s Colt hit by cyberattack, support systems offline amid ransom threat
Tags: api, attack, china, communications, cve, cyberattack, data, data-breach, exploit, finance, flaw, group, infrastructure, Internet, microsoft, network, programming, ransom, rce, remote-code-execution, russia, service, software, threat, update, vulnerabilitywith samples on a Russian Tor site.”We’ve seen already this year that telecom is particularly vulnerable to attacks, and I think this WarLock attack highlights some recurring issues that telecom and large-scale network service providers are starting to see,” said Gabrielle Hempel, Security Operations Strategist at Exabeam. “There’s this operational ripple effect when you’re a…
-
Human resources firm Workday disclosed a data breach
Human resources firm Workday disclosed a data breach after attackers accessed a third-party CRM platform via social engineering. Workday is a cloud-based software company that specializes in enterprise applications for human capital management (HCM), financial management, and planning. The company provides services to over 11,000 organizations, including over 60% of Fortune 500 firms. The HR…
-
The Tea App Hack: How a “Safe” Space Leaked 13,000 ID Photos 1.1M Messages
In this episode we’re discussing the alarming breach of the Tea app, a platform intended for women to share dating experiences. The hack resulted in the exposure of over 13,000 government ID photos, 72,000 user images, and over a million private messages due to poor security practices. We’ll discuss the role of sloppy coding, an……
-
Unbefugter Zugriff bei einem Bodenabfertigungsunternehmen in Großbritannien
Afghans resettled in UK hit by new data breach First seen on bbc.com Jump to article: www.bbc.com/news/articles/ce87nyr3evro
-
Black Hat news: Exposed vaults, firmware flaws, AI hacks
Check out the latest security news from the Informa TechTarget team. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366628833/Black-Hat-news-Exposed-vaults-firmware-flaws-AI-hacks
-
Black Hat news: Exposed vaults, firmware flaws, AI hacks
Check out the latest security news from the Informa TechTarget team. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366628833/Black-Hat-news-Exposed-vaults-firmware-flaws-AI-hacks
-
IBM’s Cost of a Data Breach Report 2025
IBM’s 2025 Cost of a Data Breach Report drives home that point: attackers today are often “logging in rather than hacking in”. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/ibms-cost-of-a-data-breach-report-2025/
-
Hackers breach and expose a major North Korean spying operation
Two hackers broke into the computer of a North Korean government hacker and leaked its contents, offering a rare glimpse inside the secretive nation’s spying operations. First seen on techcrunch.com Jump to article: techcrunch.com/2025/08/12/hackers-breach-and-expose-a-major-north-korean-spying-operation/
-
Executive PII Exposure: Why You Need Ongoing Monitoring
Nisos Executive PII Exposure: Why You Need Ongoing Monitoring Exposed personal data is fueling executive impersonation, fraud, and social engineering. Here’s what enterprise leaders need to know… First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/executive-pii-exposure-why-you-need-ongoing-monitoring/
-
MagentaTV – 324 Millionen Einträge von Telekom-Kunden geleakt
Tags: data-breachFirst seen on security-insider.de Jump to article: www.security-insider.de/datenleck-magentatv-warnung-cyberangriffe-a-cd79074f25614ad3b560a9cfb6b86110/
-
275M patient records breached”, How to meet HIPAA password manager requirements
Healthcare led all industries in 2024 breaches”, over 275M patient records exposed, mostly via weak or stolen passwords. See how the self-hosted password manager by Passwork helps providers meet HIPAA requirements, protect ePHI, and keep care running. Try it free for 1 month. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/275m-patient-records-breached-how-to-meet-hipaa-password-manager-requirements/
-
Interlock Ransomware Group Leaks 43GB of Data in City of St. Paul Cyberattack
St. Paul hit by Interlock ransomware attack, 43GB of sensitive data leaked, city refuses ransom, launches Operation Secure… First seen on hackread.com Jump to article: hackread.com/interlock-ransomware-leaks-st-paul-city-cyberattack-data/
-
Manpower discloses data breach affecting nearly 145,000 people
Manpower, one of the world’s largest staffing companies, is notifying nearly 145,000 individuals that their information was stolen by attackers who breached the company’s systems in December 2024. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/manpower-staffing-agency-discloses-data-breach-after-attack-claimed-by-ransomhub/