Tag: data
-
OpenAI Suspends Mixpanel Use After Analytics Data Breach
ChatGPT Maker Probes Third-Party Data Breach; OpenAI API Users’ Information Exposed. OpenAI has temporarily ceased use of Mixpanel after the analytics firm disclosed a breach affecting profile data of the artificial intelligence giant’s API platform users. The company is notifying impacted organizations and watching for signs of data misuse. First seen on govinfosecurity.com Jump to…
-
Man behind in-flight Evil Twin WiFi attacks gets 7 years in prison
A 44-year-old man was sentenced to seven years and four months in prison for operating an “evil twin” WiFi network to steal the data of unsuspecting travelers at various airports across Australia. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/man-behind-in-flight-evil-twin-wifi-attacks-gets-7-years-in-prison/
-
Japanese beer giant Asahi says ransomware attack may have exposed data of 1.5 million people
The company said the compromised information includes names, gender, addresses and phone numbers, but not credit-card details. First seen on therecord.media Jump to article: therecord.media/asahi-says-ransomware-incident-exposed-data
-
Ransomware Moves: Supply Chain Hits, Credential Harvesting
Innovation Continues, Although Sloppy Coding Can Still Leave Data Unrecoverable. Ransomware groups continue to display more innovation, persistence and planning in their quest to amass ransom-paying victims and maximize profits. This has included repeat supply-chain attacks, harvesting credentials to use in later campaigns, as well as launching their own affiliate programs. First seen on govinfosecurity.com…
-
Japanese beer giant Asahi says ransomware attack may have exposed data of 1.5 million people
The company said the compromised information includes names, gender, addresses and phone numbers, but not credit-card details. First seen on therecord.media Jump to article: therecord.media/asahi-says-ransomware-incident-exposed-data
-
Londoners told to be vigilant with messages after cyber-attack on council
Royal Borough of Kensington and Chelsea says it is checking whether data taken contained residents’s detailsA London council has urged thousands of residents to be “extra vigilant” when receiving calls, emails or text messages after confirming that data had been taken in a cyber-attack.The Royal Borough of Kensington and Chelsea (RBKC), which has 147,500 residents,…
-
Ransomware Moves: Supply Chain Hits, Credential Harvesting
Innovation Continues, Although Sloppy Coding Can Still Leave Data Unrecoverable. Ransomware groups continue to display more innovation, persistence and planning in their quest to amass ransom-paying victims and maximize profits. This has included repeat supply-chain attacks, harvesting credentials to use in later campaigns, as well as launching their own affiliate programs. First seen on govinfosecurity.com…
-
French Football Federation discloses data breach after cyberattack
The French Football Federation (FFF) disclosed a data breach on Friday after attackers used a compromised account to gain access to administrative management software used by football clubs. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/french-football-federation-fff-discloses-data-breach-after-cyberattack/
-
ShinyHunters Develop Sophisticated New Ransomware-as-a-Service Tool
In a significant escalation of the global cyber threat landscape, the notorious threat group ShinyHunters appears to be transitioning from data theft to full-scale ransomware operations. Cybersecurity researchers have identified an early build of a new Ransomware-as-a-Service (RaaS) platform dubbed >>ShinySp1d3r,
-
Comcast Fined $1.5 Million to Settle FCC Probe Tied to Vendor Data Breach
Comcast has agreed to a $1.5 million settlement with the Federal Communications Commission (FCC) following a data breach at a third-party vendor that exposed the personal information of hundreds of thousands of its customers. The breach has raised concerns about the security of customer data when handled by external companies. The incident originated with Financial…
-
California law regulating web browsers could have national data privacy impact, experts say
Tech companies may universally offer an opt-out capability required by California law as a way to avoid having multiple versions of browsers and ask questions about residency. First seen on therecord.media Jump to article: therecord.media/california-web-browser-law-national-implications
-
ISMG Editors: India’s Data Protection Rules Get More Teeth
Also: Prompt Injection Complicates Digital Forensics, Why AI Seems So Deceptive. In this week’s ISMG Editors’ Panel, four editors unpacked India’s new data protection rules, the digital forensic implications of prompt injection attacks and the reasons why artificial intelligence tools so often seem to display deceptive behavior. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/ismg-editors-indias-data-protection-rules-get-more-teeth-a-30163
-
French Football Federation Suffers Data Breach
The personal data of over two million amateur football players registered in France could be exposed First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/french-football-federation-data/
-
Thousands of sensitive secrets published on JSONFormatter and CodeBeautify
Users of JSONFormatter and CodeBeautify leaked thousands of sensitive secrets, including credentials and private keys, WatchTowr warns. WatchTowr’s latest research reveals massive leaks of passwords, secrets, and keys across developer formatting platforms like JSONFormatter and CodeBeautify. Despite past incidents, exposed credentials remain rampant, sometimes even for critical systems. WatchTowr researchers highlight how easily sensitive data…
-
Scattered Lapsus$ Hunters target Zendesk users with fake domains
Tags: access, attack, breach, credentials, data, data-breach, email, government, group, infrastructure, law, service, supply-chainDiscord breach may be connected: The Zendesk campaign may not be an isolated incident. Discord said on October 9 that attackers breached its customer service provider, 5CA, exposing data from about 70,000 users who had submitted government IDs for age verification. The breach also exposed support ticket data for users who had contacted Discord’s customer…
-
Asahi Confirms Cyberattack Exposed Data of 1.5M Customers
The incident occurred in September, and the Japanese firm has now released its full internal investigation results. The post Asahi Confirms Cyberattack Exposed Data of 1.5M Customers appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-asahi-cyberattack-investigation/
-
Empathetic policy engineering: The secret to better security behavior and awareness
Tags: awareness, business, ciso, cyberattack, cybersecurity, data, framework, group, phishing, regulation, risk, risk-assessment, strategy, threat, trainingIn many companies, IT security guidelines encounter resistance because employees perceive them as obstructive or impractical. This makes implementation difficult, undermines effectiveness, and strains collaboration between the security department and business units.As a result, instead of being seen as a partner, cybersecurity is often perceived as a hindrance, a fatal security risk. For CISOs, this…
-
Social data puts user passwords at risk in unexpected ways
Many CISOs already assume that social media creates new openings for password guessing, but new research helps show what that risk looks like in practice. The findings reveal … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/28/research-social-media-password-risk/
-
Empathetic policy engineering: The secret to better security behavior and awareness
Tags: awareness, business, ciso, cyberattack, cybersecurity, data, framework, group, phishing, regulation, risk, risk-assessment, strategy, threat, trainingIn many companies, IT security guidelines encounter resistance because employees perceive them as obstructive or impractical. This makes implementation difficult, undermines effectiveness, and strains collaboration between the security department and business units.As a result, instead of being seen as a partner, cybersecurity is often perceived as a hindrance, a fatal security risk. For CISOs, this…
-
Infosec products of the month: November 2025
Here’s a look at the most interesting products from the past month, featuring releases from: 1touch.io, Action1, Barracuda Networks, Bedrock Data, Bitdefender, Cyware, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/28/infosec-products-of-the-month-november-2025/
-
Fragmented tooling slows vulnerability management
Security leaders know vulnerability backlogs are rising, but new data shows how quickly the gap between exposures and available resources is widening, according to a new … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/28/hackuity-vulnerability-management-trends-report/
-
London Councils Hit by Cyberattack, Disrupts IT and Telephone Lines
The Royal Borough of Kensington and Chelsea (RBKC), Westminster City Council, and Hammersmith and Fulham Council confirmed they were targeted in the incident that began on Monday, November 24. The attack has forced officials to shut down systems as a precautionary measure while they work to restore services and investigate potential data compromise. The first…
-
Security researchers caution app developers about risks in using Google Antigravity
CSOonline that the nature of the flaw makes it difficult to mitigate. “Strong identity would not help mitigate this issue, because the actions undertaken by Antigravity are occurring with the identity of the user running the application,” he said. “As far as the operating system can tell, they are indistinguishable. Access management control could possibly…
-
Security researchers caution app developers about risks in using Google Antigravity
CSOonline that the nature of the flaw makes it difficult to mitigate. “Strong identity would not help mitigate this issue, because the actions undertaken by Antigravity are occurring with the identity of the user running the application,” he said. “As far as the operating system can tell, they are indistinguishable. Access management control could possibly…
-
Security researchers caution app developers about risks in using Google Antigravity
CSOonline that the nature of the flaw makes it difficult to mitigate. “Strong identity would not help mitigate this issue, because the actions undertaken by Antigravity are occurring with the identity of the user running the application,” he said. “As far as the operating system can tell, they are indistinguishable. Access management control could possibly…
-
Security researchers caution app developers about risks in using Google Antigravity
CSOonline that the nature of the flaw makes it difficult to mitigate. “Strong identity would not help mitigate this issue, because the actions undertaken by Antigravity are occurring with the identity of the user running the application,” he said. “As far as the operating system can tell, they are indistinguishable. Access management control could possibly…
-
Security researchers caution app developers about risks in using Google Antigravity
CSOonline that the nature of the flaw makes it difficult to mitigate. “Strong identity would not help mitigate this issue, because the actions undertaken by Antigravity are occurring with the identity of the user running the application,” he said. “As far as the operating system can tell, they are indistinguishable. Access management control could possibly…
-
Asahi says crooks stole data of approximately 2M customers and employees
Asahi says hackers stole data of approximately 2M customers and employees before a ransomware attack crippled its Japan operations. Threat actors hit Asahi with a ransomware attack in September, stealing personal data on about 2 million customers and employees and severely disrupting the company’s operations in Japan. Asahi Group Holdings, Ltd (commonly called Asahi) is…
-
OpenAI data may have been exposed after a cyberattack on analytics firm Mixpanel
OpenAI warns some users that a cyberattack on analytics firm Mixpanel may have exposed their data. Mixpanel is a product analytics platform that companies use to understand how people interact with their apps or websites. Many tech companies use Mixpanel to make data-driven decisions about features, performance, and customer journeys. OpenAI is alerting some users about…
-
Gainsight Cyber-Attack Affects More Salesforce Customers
The CEO of the customer support platform said “a handful of customers” saw their data exposed after the breach First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/gainsight-cyberattack-more/