Tag: data
-
LeakBase marketplace unplugged by cops in 14 countries
Tags: banking, breach, credentials, cybercrime, data, germany, infrastructure, international, Internet, law, marketplace, phishing, service, theftGlobal effort: Thanks to international co-operation, a number of criminal marketplaces have been seized in recent years, including BreachForums and RaidForums.Law enforcement agencies involved in various ways in this week’s takedown came from Australia, Belgium, Canada, Germany, Greece, Kosovo, Malaysia, Netherlands, Poland, Portugal, Romania, Spain, the United Kingdom and the US.News of the seizure comes…
-
Why Your Data Protection Program Should Be Policy-Based
Traditionally, data protection programs have been complex and difficult to manage. Without a consistent approach, gaps arise that can lead to data exposure or non-compliance. A more modern option is to centralize policy-based security. This strategy standardizes protections across environments. It also maintains productivity and reduces reliance on users to make the right security decisions.…
-
The Hidden Cyber Risks of Remote Work Infrastructure
Hidden cyber risks in remote work include insecure home Wi-Fi, phishing attacks, and data exposure, leaving businesses and employees vulnerable to breaches. First seen on hackread.com Jump to article: hackread.com/hidden-cyber-risks-remote-work-infrastructure/
-
New OneTrust CEO on Why AI Governance Market Is Set to Surge
New CEO John Heyman Says Enterprises Need Tools to Manage Thousands of AI Agents. New OneTrust CEO John Heyman said enterprises rapidly deploying generative AI will soon manage hundreds or thousands of AI agents across their organizations. They must monitor AI agents’ data flows and third-party technologies as privacy risk and security oversight increasingly converge.…
-
The Top 5 Questions: How DSPM Illuminates the Murky World of Multi-Cloud Data Security
Tags: access, ai, api, attack, breach, cloud, compliance, computing, container, control, corporate, cryptography, cyber, data, data-breach, detection, encryption, exploit, firewall, intelligence, mitigation, monitoring, PCI, resilience, risk, risk-assessment, service, software, strategy, tactics, threat, tool, vulnerabilityThe Top 5 Questions: How DSPM Illuminates the Murky World of Multi-Cloud Data Security andrew.gertz@t“¦ Thu, 03/05/2026 – 16:09 Multi-cloud data security threats are escalating at an unprecedented rate. According to Forrester and the 2025 Thales Global Cloud Data Security Study, the primary drivers of multi-cloud risks are: growing complexity, insufficient access controls, and the…
-
Patch, track, repeat: The 2025 CVE retrospective
Thor analyzes CVE data from 2025 and provides recommendations for where and how organizations should strengthen their defenses. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/patch-track-repeat-the-2025-cve-retrospective/
-
Cryptohack Roundup: Ariomex Leak Flags Iran Sanction Risks
Also: US’ Multi-Million Dollar Scam Funds Seizure. Iran exchange leak raises sanctions risks, $580M frozen in scam crackdown, $61M romance scam funds seized, feds seek $327K in dating scam case, Russia exploit broker sanctioned, South Korean wallet recovery phrase exposure and arrest in custody bitcoin theft, Axiom data misuse and Uniswap lawsuit ends. First seen…
-
Invisible Lifelines: DCIM Empowers Healthcare Teams
Hospital system downtime puts patient lives at immediate risk. Every second of network failure delays critical care and halts emergency operations. Data Center Infrastructure Management (DCIM) software stops these dangerous outages before they happen. Healthcare teams rely on DCIM tools to monitor infrastructure health, predict system failures, and secure vital patient records. Real-time visibility into…
-
Invisible Lifelines: DCIM Empowers Healthcare Teams
Hospital system downtime puts patient lives at immediate risk. Every second of network failure delays critical care and halts emergency operations. Data Center Infrastructure Management (DCIM) software stops these dangerous outages before they happen. Healthcare teams rely on DCIM tools to monitor infrastructure health, predict system failures, and secure vital patient records. Real-time visibility into…
-
3 Data-Based Shifts Defining AI-Native Cybersecurity Stacks
The SOC is changing faster than you realize. Discover the 3 data-based shifts defining the AI-native cybersecurity era: from upstream detection to AI-powered triage and enrichment. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/3-data-based-shifts-defining-ai-native-cybersecurity-stacks/
-
3 Data-Based Shifts Defining AI-Native Cybersecurity Stacks
The SOC is changing faster than you realize. Discover the 3 data-based shifts defining the AI-native cybersecurity era: from upstream detection to AI-powered triage and enrichment. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/3-data-based-shifts-defining-ai-native-cybersecurity-stacks/
-
Common ecommerce security vulnerabilities and testing strategies
Ecommerce platforms represent one of the most consistently targeted areas of the modern digital estate. They process payment data, store personal information, integrate with logistics and marketing systems, and underpin revenue for many large businesses. The combination of financial value and sensitive data makes ecommerce security vulnerabilities an attractive target for attackers. From a security”¦…
-
Police do not have to explain to lawyer Fahad Ansari why they seized his phone data, says court
A high court judge has ruled that police do not have to give reasons to lawyer, who acts for Hamas, why they seized his mobile phone data First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366639704/Police-do-not-have-to-explain-to-lawyer-Fahad-Ansari-why-they-seized-his-phone-data-says-court
-
‘We’re not trying to remake the economy’: FTC’s Mufarrige charts new course on tech enforcement
The FTC’s Bureau of Consumer Protection chief discussed the agency’s embrace of age verification and how industry should think about data privacy enforcement under his watch. First seen on therecord.media Jump to article: therecord.media/ftc-mufarrige-interview-chart-new-course-on-tech-enforcement
-
LeakBase Cybercrime and Hacker Forum Seized
Europol seizes LeakBase cybercrime and hacker forum used to trade stolen data, disrupting a global platform with over 140,000 members. First seen on hackread.com Jump to article: hackread.com/leakbase-cybercrime-hacker-forum-seized/
-
Preparing for the Quantum Era: Post-Quantum Cryptography Webinar for Security Leaders
Most organizations assume encrypted data is safe.But many attackers are already preparing for a future where today’s encryption can be broken. Instead of trying to decrypt information now, they are collecting encrypted data and storing it so it can be decrypted later using quantum computers.This tactic”, known as “harvest now, decrypt later””, means sensitive data…
-
Should Cloud Be Classed as Critical Infrastructure?
Tags: access, authentication, banking, breach, business, cloud, compliance, computing, container, control, cyber, cybersecurity, data, dora, encryption, fido, finance, framework, governance, Hardware, healthcare, identity, incident, infrastructure, mfa, network, nis-2, radius, regulation, resilience, risk, saas, service, strategy, supply-chain, technologyShould Cloud Be Classed as Critical Infrastructure? madhav Thu, 03/05/2026 – 09:53 Over the past few years, large-scale cloud outages have demonstrated just how deeply digital services are woven into the fabric of modern society. When widely used cloud platforms experience disruption, the impact extends far beyond individual applications; banking services stall, transport systems falter,…
-
New MongoDB Vulnerability Allows Attackers to Crash Servers, Exposing Critical Data
Cato CTRL’s senior security researcher, Vitaly Simonovich, has uncovered a high-severity dos vulnerability in MongoDB, tracked as CVE-2026-25611, that lets unauthenticated attackers crash any exposed MongoDB server.”‹ CVE-2026-25611 is rooted in MongoDB’sOP_COMPRESSED wire protocol, a compression feature introduced in version 3.4 and enabled by default since version 3.6. The flaw is classified underCWE-405 (Asymmetric Resource Consumption),…
-
Coruna Exploit Kit Targets Older iPhones in Multi-Stage Campaigns
Exploit kit Coruna targets iPhones running iOS 13.0 to 17.2.1, focusing on financial data theft First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/coruna-exploit-older-iphones/
-
How a Music Streaming CEO Built an Open-Source Global Threat Map in His Spare Time
Frustrated by fragmented war news, Anghami’s Elie Habib built World Monitor, a platform that fuses global data, like aircraft signals and satellite detections, to track conflicts as they unfold. First seen on wired.com Jump to article: www.wired.com/story/world-monitor-elie-habib/
-
Europol Operation Seizes LeakBase Data Breach Site
A global operation has resulted in the takedown of popular cybercrime forum LeakBase First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/europol-seizes-leakbase-data/
-
RedAlert Mobile Espionage Campaign Exploits Trojanized Rocket Alert App to Spy on Civilians
A newly discovered mobile espionage operation dubbed “RedAlert” has surfaced amid the ongoing IsraelIran conflict, exploiting wartime fear and dependency on early-warning systems. The campaign targets civilians by distributing a trojanized version of the Israeli Home Front Command’s official Rocket Alert application, aiming to harvest sensitive personal and geolocation data under the guise of legitimate security notifications. Researchers…
-
State-affiliated hackers set up for critical OT attacks that operators may not detect
Tags: access, antivirus, attack, conference, control, credentials, cyberattack, cybersecurity, data, data-breach, defense, detection, exploit, firmware, fortinet, group, hacker, incident response, infrastructure, Internet, Intruder, lessons-learned, malware, mfa, monitoring, network, password, penetration-testing, phishing, regulation, russia, service, spear-phishing, supply-chain, threat, tool, ukraine, update, vulnerabilityRussia’s OT attack teams expand beyond Ukraine: The Russia-linked pair Kamacite and Electrum, which Dragos has tracked since the mid-2010s and is responsible for the 2015 and 2016 cyberattacks that took down parts of Ukraine’s power grid, expanded operations into NATO territory in 2025 after years focused almost exclusively on Ukrainian targets.Kamacite, which serves as…
-
State-affiliated hackers set up for critical OT attacks that operators may not detect
Tags: access, antivirus, attack, conference, control, credentials, cyberattack, cybersecurity, data, data-breach, defense, detection, exploit, firmware, fortinet, group, hacker, incident response, infrastructure, Internet, Intruder, lessons-learned, malware, mfa, monitoring, network, password, penetration-testing, phishing, regulation, russia, service, spear-phishing, supply-chain, threat, tool, ukraine, update, vulnerabilityRussia’s OT attack teams expand beyond Ukraine: The Russia-linked pair Kamacite and Electrum, which Dragos has tracked since the mid-2010s and is responsible for the 2015 and 2016 cyberattacks that took down parts of Ukraine’s power grid, expanded operations into NATO territory in 2025 after years focused almost exclusively on Ukrainian targets.Kamacite, which serves as…
-
14 old software bugs that took way too long to squash
Tags: access, api, attack, authentication, automation, bug-bounty, communications, computer, control, credentials, cve, cvss, cyber, data, data-breach, dns, dos, encryption, exploit, flaw, hacker, Hardware, infosec, infrastructure, Internet, kaspersky, linux, malicious, malware, microsoft, mitigation, network, nist, open-source, password, programming, remote-code-execution, risk, service, software, stuxnet, supply-chain, technology, theft, threat, tool, update, usa, vulnerability, windows, zero-dayAge: 30 yearsDate introduced: 1995Date fixed: February 2026Researchers unearthed a legacy flaw in the widely used libpng open-source library that had existed since the technology was first released more than 30 years ago.The heap buffer overflow vulnerability (CVE-2026-25646) meant that applications using the flawed software would crash when presented with a maliciously constructed PNG raster…
-
14 old software bugs that took way too long to squash
Tags: access, api, attack, authentication, automation, bug-bounty, communications, computer, control, credentials, cve, cvss, cyber, data, data-breach, dns, dos, encryption, exploit, flaw, hacker, Hardware, infosec, infrastructure, Internet, kaspersky, linux, malicious, malware, microsoft, mitigation, network, nist, open-source, password, programming, remote-code-execution, risk, service, software, stuxnet, supply-chain, technology, theft, threat, tool, update, usa, vulnerability, windows, zero-dayAge: 30 yearsDate introduced: 1995Date fixed: February 2026Researchers unearthed a legacy flaw in the widely used libpng open-source library that had existed since the technology was first released more than 30 years ago.The heap buffer overflow vulnerability (CVE-2026-25646) meant that applications using the flawed software would crash when presented with a maliciously constructed PNG raster…
-
FBI and Europol Seize LeakBase Forum Used to Trade Stolen Credentials
A joint law enforcement operation has dismantled LeakBase, one of the world’s largest online forums for cybercriminals to buy and sell stolen data and cybercrime tools.The LeakBase forum, per the U.S. Department of Justice (DoJ), had over 142,000 members and more than 215,000 messages between members as of December 2025. Those attempting to access the…
-
Operation Leak: Authorities Dismantle LeakBase Forum, Secure User Data and IP Logs
The FBI, working alongside international law enforcement agencies, has successfully dismantled the notorious cybercriminal forum LeakBase. Dubbed >>Operation Leak,<< this coordinated global effort resulted in the seizure of the platform's domains and its underlying infrastructure. LeakBase was a prominent online destination where cybercriminals gathered to buy, sell, and trade stolen databases, corporate data, and personal…