Tag: data-breach
-
Data breach disclosed by UrbanOne following Cactus ransomware claims
First seen on scworld.com Jump to article: www.scworld.com/brief/data-breach-disclosed-by-urbanone-following-cactus-ransomware-claims
-
VeriSource cops to 4 million accounts lost in 2024 data breach
First seen on scworld.com Jump to article: www.scworld.com/news/verisource-cops-to-4-million-accounts-lost-in-2024-data-breach
-
Hackers ramp up scans for leaked Git tokens and secrets
Threat actors are intensifying internet-wide scanning for Git configuration files that can reveal sensitive secrets and authentication tokens used to compromise cloud services and source code repositories. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-ramp-up-scans-for-leaked-git-tokens-and-secrets/
-
Apple ‘AirBorne’ flaws can lead to zero-click AirPlay RCE attacks
Tags: apple, attack, data-breach, flaw, programming, rce, remote-code-execution, software, vulnerabilityA set of security vulnerabilities in Apple’s AirPlay Protocol and AirPlay Software Development Kit (SDK) exposed unpatched third-party and Apple devices to various attacks, including remote code execution. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/apple-airborne-flaws-can-lead-to-zero-click-airplay-rce-attacks/
-
SK Telecom cyberattack: Free SIM replacements for 25 million customers
South Korean mobile provider SK Telecom has announced free SIM card replacements to its 25 million mobile customers following a recent USIM data breach, but only 6 million cards are available through May. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/sk-telecom-cyberattack-free-sim-replacements-for-25-million-customers/
-
Verizon 2025 Report Highlights Surge in Cyberattacks Through Third Parties
Verizon Business unveiled its 2025 Data Breach Investigations Report (DBIR) today, painting a stark picture of the escalating cyber threat landscape. Analyzing over 22,000 security incidents, including 12,195 confirmed data breaches, the report reveals a alarming 30% involvement of third parties in breaches-a figure that has doubled from previous years. This underscores the growing risks…
-
GPUAF: Two Methods to Root Qualcomm-Based Android Phones
Security researchers have exposed critical vulnerabilities in Qualcomm GPU drivers, impacting a vast array of Android devices from brands like Samsung, Honor, Xiaomi, and Vivo. These exploits, centered around the GPU Address Fault (GPUAF) primitive, target the kgsl_mem_entry and Virtual Buffer Object (VBO) structures. By leveraging race conditions and memory management flaws, attackers can achieve…
-
Threat Actors Accelerate Transition from Reconnaissance to Compromise New Report Finds
Tags: api, attack, automation, cloud, cyber, cybercrime, data, data-breach, identity, technology, threat, tool, voipCybercriminals are leveraging automation across the entire attack chain, drastically reducing the time from reconnaissance to compromise. The data shows a staggering 16.7% global increase in scans, with over 36,000 scans per second targeting not just exposed ports but delving into operational technology (OT), cloud APIs, and identity layers. Sophisticated tools probe SIP-based VoIP systems,…
-
21 million employee screenshots leaked in bossware breach blunder
If you thought only your boss was peeking at your work screen, think again. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/21-million-employee-screenshots-leaked-in-bossware-breach-blunder
-
VeriSource data breach impacted 4M individuals
VeriSource breach exposed data of 4M people in Feb 2024; stolen info includes personal details from an employee benefits services provider. VeriSource is alerting 4 million people after a February 2024 breach that exposed personal information. The data was stolen on February 27, 2024, and the incident was discovered on February 28, 2024. The company…
-
Unbefugter Zugriff bei einem Medienunternehmen aus den USA
Media firm Urban One confirms data breach after cybercriminals claim February attack First seen on therecord.media Jump to article: therecord.media/urban-one-data-breach-african-amercian-media
-
Weaponized Uyghur Language Software: Citizen Lab Uncovers Targeted Malware Campaign
In a new report, researchers at Citizen Lab have exposed a spearphishing campaign targeting senior members of the First seen on securityonline.info Jump to article: securityonline.info/weaponized-uyghur-language-software-citizen-lab-uncovers-targeted-malware-campaign/
-
Earth Kurma APT is actively targeting government and telecommunications orgs in Southeast Asia
Tags: apt, business, cloud, credentials, data, data-breach, espionage, government, malware, risk, theft, threatEarth Kurma APT carried out a sophisticated campaign against government and telecommunications sectors in Southeast Asia. Trend Research exposed the Earth Kurma APT campaign targeting Southeast Asia’s government and telecom sectors. Threat actors use custom malware, rootkits, and cloud storage for espionage, credential theft, and data exfiltration, posing a high business risk with advanced evasion…
-
TikTok user database purportedly compromised, over 900K users’ info exposed
Tags: data-breachFirst seen on scworld.com Jump to article: www.scworld.com/brief/tiktok-user-database-purportedly-compromised-over-900k-users-info-exposed
-
VeriSource now says February data breach impacts 4 million people
Employee benefits administration firm VeriSource Services is warning that a data breach exposed the personal information of four million people. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/verisource-now-says-february-data-breach-impacts-4-million-people/
-
Media firm Urban One confirms data breach after cybercriminals claim February attack
Urban One, the largest media company primarily serving African Americans, disclosed a data breach to regulators. A ransomware group said it had attacked the company. First seen on therecord.media Jump to article: therecord.media/urban-one-data-breach-african-amercian-media
-
Verizon’s Data Breach Report Findings ‘Underscore the Importance of a Multi-Layered Defense Strategy’
Verizon surveyed about 22,000 security incidents and 12,000 data breaches. Ransomware incidents increased, while the median ransom payment dropped. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-verizon-data-breach-investigations-report-2025/
-
Over 1,200 SAP NetWeaver servers vulnerable to actively exploited flaw
Over 1,200 internet-exposed SAP NetWeaver instances are vulnerable to an actively exploited maximum severity unauthenticated file upload vulnerability that allows attackers to hijack servers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/over-1-200-sap-netweaver-servers-vulnerable-to-actively-exploited-flaw/
-
Rack Ruby Framework Vulnerabilities Let Attackers Inject and Manipulate Log Content
Researchers Thai Do and Minh Pham have exposed multiple critical vulnerabilities in the Rack Ruby framework, a cornerstone of Ruby-based web applications with over a billion global downloads. Identified as CVE-2025-25184, CVE-2025-27111, and CVE-2025-27610, these flaws pose significant risks to applications built on frameworks like Ruby on Rails and Sinatra. Rack, acting as a modular…
-
Exposure Management Works When the CIO and CSO Are in Sync
Tags: access, ai, attack, business, cio, ciso, cloud, control, cyber, cybersecurity, data, data-breach, endpoint, finance, infrastructure, jobs, office, risk, strategy, technology, threat, tool, update, vulnerability, vulnerability-management, zero-dayEach Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In this post, Tenable CIO Patricia Grant looks at how the CIO/CSO relationship is key to a successful exposure management program. You can read the entire Exposure Management Academy series here. When I…
-
Blue Shield of California Data Breach Exposes 4.7M Members’ Info
Discover the Blue Shield of California data breach affecting 4.7M members. Learn about the risks and essential security measures to protect your data. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/blue-shield-of-california-data-breach-exposes-4-7m-members-info/
-
Threat actors are scanning your environment, even if you’re not
In a world where organizations’ digital footprint is constantly changing and attackers regularly capitalize on security failings in exposed IT assets, making the effort to … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/28/outpost24-easm-sweepatic/
-
Datenleck bei einem Finanzdienstleister in Brasilien
Tags: data-breachXP Investimentos sofre acesso não-autorizado e alerta clientes que estão seguros First seen on tecmundo.com.br Jump to article: www.tecmundo.com.br/seguranca/404138-xp-investimentos-sofre-ataque-cibernetico-e-alerta-clientes.htm
-
4chan is back online, says it’s been ‘starved of money’
4chan is partly back online after a hack took the infamous image-sharing site down for nearly two weeks. The site first went down on April 14, with the person responsible for the hack apparently leaking data including a list of moderators and “janitors” (one janitor told TechCrunch they were “confident” that the leaked data was…
-
GDPR Data Breach Notification Template With Examples [Download]
The GDPR is a law developed by the European Union (EU) to protect individuals’ personal data. Although it originated in the EU, several countries and organisations outside Europe have to date also adopted this regulation, which shows how detailed and well-thought-out it is. Among many of the GDPR’s guidelines, the data breach notification letter is……
-
Security Affairs newsletter Round 521 by Pierluigi Paganini INTERNATIONAL EDITION
Tags: breach, ceo, cybersecurity, data, data-breach, email, group, international, malware, WeeklyReviewA new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. African multinational telco giant MTN Group disclosed a data breach CEO of cybersecurity firm charged with installing malware…
-
African multinational telco giant MTN Group disclosed a data breach
African multinational telecommunications company MTN Group disclosed a data breach that exposed subscribers’ personal information. MTN Group Limited is a South African multinational telecommunications company headquartered in Johannesburg. Founded in 1994, it has grown to become Africa’s largest mobile network operator, serving over 290 million subscribers across 18 countries in Africa and the Middle East.…
-
ISMG Editors: Top 2025 Breach Trends From Verizon
Also: Supply Chain Security in Wake of US Tariffs, AI’s Role in the SOC. In this week’s update, ISMG editors discussed takeaways from Verizon’s annual Data Breach Investigations Report, the cybersecurity ripple effects of the disruptive U.S. tariff policy, and why artificial intelligence tools still aren’t ready to take over the security operations center. First…
-
Baltimore City Public Schools data breach affects over 31,000 people
Baltimore City Public Schools notified tens of thousands of employees and students of a data breach following an incident in February when unknown attackers hacked into its network. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/baltimore-city-public-schools-data-breach-affects-over-31-000-people/
-
Data breach at Connecticut’s Yale New Haven Health affects over 5 million
Yale New Haven Health is Connecticut’s largest healthcare provider. First seen on techcrunch.com Jump to article: techcrunch.com/2025/04/25/data-breach-at-connecticut-yale-new-haven-health-affects-over-5-million/