Attacks against U.S. companies spike in Q1 2022 with patchable and preventable external vulnerabilities responsible for bulk of attacks.
Tag: Breach
Europe, North America
Travel-related Cybercrime Takes Off as Industry Rebounds
by Sagar Tiwari •
Upsurge in the tourism industry after the COVID-19 pandemic grabs the attention of cybercriminals to scam the tourists.
Europe, North America
Kaiser Permanente Exposes Nearly 70K Medical Records in Data Breach
by Elizabeth Montalbano •
Attackers gained access to private account details through an email compromise incident that occurred in April.
Europe, North America, Vulnerabilities
Attackers Use Public Exploits to Throttle Atlassian Confluence Flaw
by Elizabeth Montalbano •
The vulnerability remains unpatched on many versions of the collaboration tool and has potential to create a SolarWinds-type scenario.
Europe, Global Security News, North America
Removing Secrets From Your Source Code
by Gabor •
Scripts, applications, and CI/CD pipelines all require secrets to operate. These secrets include API keys, tokens, passwords, certificates, private keys or similar sensitive pieces of information. Unfortunately, these secrets may lead to data breaches…
Europe, North America, Vulnerabilities
Verizon Report: Ransomware, Human Error Among Top Security Risks
by Elizabeth Montalbano •
2022’s DBIR also highlighted the far-reaching impact of supply-chain breaches and how organizations and their employees are the reasons why incidents occur.
North America
Privacy watchdog examining dossier City of Toronto compiled on homeless
by The Canadian Press •
Ontario’s privacy watchdog is looking into the dossier of…
Europe, North America
380K Kubernetes API Servers Exposed to Public Internet
by Elizabeth Montalbano •
More than 380,000 of the 450,000-plus servers hosting the open-source container-orchestration engine for managing cloud deployments allow some form of access.
Europe, North America
Low-rent RAT Worries Researchers
by Nate Nelson •
Researchers say a hacker is selling access to quality malware for chump change.
Europe, North America, Vulnerabilities
Attacker Breach ‘Dozens’ of GitHub Repos Using Stolen OAuth Tokens
by Threatpost •
GitHub shared the timeline of breaches in April 2022, this timeline encompasses the information related to when a threat actor gained access and stole private repositories belonging to dozens of organizations.
Europe, North America
Lapsus$ Hackers Target T-Mobile
by Threatpost •
No government and customer data was accessed.
Europe, Global Security News, North America
An Internet of Things Future Means Securing Entire Supply-Chains
by News team •
By Nils Gerhardt, Chief Technology Officer for Utimaco The ‘Internet of Things’ (or IoT) is far more than […]
The post An Internet of Things Future Means Securing Entire Supply-Chains appeared first on Cyber Defense Magazine.
Europe, Global Security News, North America
Improve Data Security Through Automation
by News team •
Human error is endemic to data breaches. Process automation can minimize the risk. By Gregory Hoffer, CEO, Coviant […]
The post Improve Data Security Through Automation appeared first on Cyber Defense Magazine.
Europe, Global Security News, North America
Top 10 Node.Js Security Best Practices
by News team •
Best Security Practices in Nodejs By Harikrishna Kundariya, CEO, eSparkBiz Node.js is one of the most popular frameworks […]
The post Top 10 Node.Js Security Best Practices appeared first on Cyber Defense Magazine.
Europe, North America
Menswear Brand Zegna Reveals Ransomware Attack
by Elizabeth Montalbano •
Accounting materials from the Italy-based luxury fashion house were leaked online by RansomExx because the company refused to pay.
Europe, Global Security News, North America
The Truth About Data Privacy in Healthcare
by News team •
Realizing the value of personal data and the risk of connected healthcare as bad actors prevail in their […]
The post The Truth About Data Privacy in Healthcare appeared first on Cyber Defense Magazine.
Europe, Global Security News, North America
The Seven Deadly Sins of Blockchain Security
by News team •
By Professor Ronghui Gu, Co-Founder, CertiK Blockchain is, at heart, a security technology. Distributed Ledger Technology (DLT) is […]
The post The Seven Deadly Sins of Blockchain Security appeared first on Cyber Defense Magazine.
Europe, Global Security News, North America
There’s No Place for Guesswork in Cyber-Attack Investigations
by News team •
Accelerating Incident Response with Digital Forensics By Harsh Behl, Director of Product Management, Exterro Responding To Today’s Threat […]
The post There’s No Place for Guesswork in Cyber-Attack Investigations appeared first on Cyber Defense M…
Europe, Global Security News, North America
Fighting The International Cyber War with Ai
by News team •
As Ukraine fights to maintain a stronghold on its besieged capital, cyberattacks are escalating. Governments on both sides […]
The post Fighting The International Cyber War with Ai appeared first on Cyber Defense Magazine.
Europe, Global Security News, North America
4 Ways to Improve Azure Active Directory Security
by News team •
Why identity has emerged as the security perimeter in hybrid deployments By Guido Grillenmeier, Chief Technologist at Semperis […]
The post 4 Ways to Improve Azure Active Directory Security appeared first on Cyber Defense Magazine.
Europe, North America
Authorities Fully Behead Hydra Dark Marketplace
by Tara Seals •
The popular underground market traded in drugs, stolen data, forged documents and more — raking in billions in Bitcoin.
Europe, Global Security News, North America
The Quantum Tipping Point
by News team •
Fixing Cryptography Before It Is Broken By Carmen Kempka, Head of Corporate Technology, WIBU-SYSTEMS AG Ever since Peter […]
The post The Quantum Tipping Point appeared first on Cyber Defense Magazine.
North America
Conservative party says membership data is safe after reports of alleged hack
by The Canadian Press •
Party executive director Wayne Benson said in a statement the Conservatives take the matter seriously and would investigate any possible misuse of party data.
Europe, Global Security News, North America
Half of Organizations Have Experienced a Cyber Attack on Their Critical IT Assets
by News team •
By Diem Shin, Product Marketing Lead at Telos Corporation Today’s organizations are cloud-centric and are more connected than […]
The post Half of Organizations Have Experienced a Cyber Attack on Their Critical IT Assets appeared first on Cyber D…
Europe, Global Security News, North America
Three Ways IP Data Enhances Cyber Security
by News team •
By Jonathan Tomek, VP of Research and Development, Digital Envoy Cyber security professionals were never worry-free; there are […]
The post Three Ways IP Data Enhances Cyber Security appeared first on Cyber Defense Magazine.
Europe, Global Security News, North America
Log4j Showed Us That Public Disclosure Still Helps Attackers.
by News team •
Public disclosure is still a bit of a mess By Alex Haynes, CISO, CDL At 2:25 pm on […]
The post Log4j Showed Us That Public Disclosure Still Helps Attackers. appeared first on Cyber Defense Magazine.
Europe, North America
Lapsus$ ‘Back from Vacation’
by Lisa Vaas •
Lapsus$ added IT giant Globant plus 70GB of leaked data – including admin credentials for scads of customers’ DevOps platforms – to its hit list.
Europe, Global Security News, North America
Executive Order Instructs Certain Organizations to Improve Their Cybersecurity Stance
by News team •
Financial Institutions Should Boost Their Efforts to Thwart Cyberattacks By Bob Thibodeaux, Chief Information Security Officer, DefenseStorm Consumer […]
The post Executive Order Instructs Certain Organizations to Improve Their Cybersecurity Stan…
Europe, North America
Okta Says It Goofed in Handling the Lapsus$ Attack
by Lisa Vaas •
“We made a mistake,” Okta said, owning up to its responsibility for security incidents that hit its service providers and potentially its own customers.
Europe, Global Security News, North America
Lessons Learned: In the Principle Of “Least Privilege,” Where Do Companies Fall Short?
by News team •
By Raj Dodhiawala, President, Remediant Lateral movement using compromised admin credentials is integral to almost all ransomware and […]
The post Lessons Learned: In the Principle Of “Least Privilege,” Where Do Companies Fall Short? appeared fir…
Europe, Global Security News, North America
Redefining Resilience in The New World of Work
by News team •
By Andrew Lawton, CEO of Reskube Ltd We are entering a new world of work. The Covid-19 pandemic […]
The post Redefining Resilience in The New World of Work appeared first on Cyber Defense Magazine.
Europe, North America
HubSpot Data Breach Ripples Through Crytocurrency Industry
by Lisa Vaas •
~30 crypto companies were affected, including BlockFi, Swan Bitcoin and NYDIG, providing an uncomfortable reminder about how much data CRM systems snarf up.
Europe, North America
HubSpot Data Breach Ripples Through Crytocurrency Industry
by Lisa Vaas •
~30 crypto companies were affected, including BlockFi, Swan Bitcoin and NYDIG, providing an uncomfortable reminder about how much data CRM systems snarf up.
Europe, Global Security News, North America
On The Frontline in The War Against Hackers
by News team •
By Damien Fortune, Chief Operations Officer of Secured Communications In the wake of a global shift toward remote […]
The post On The Frontline in The War Against Hackers appeared first on Cyber Defense Magazine.
Europe, North America
Microsoft: Lapsus$ Used Employee Account to Steal Source Code
by Lisa Vaas •
The data-extortion gang got at Microsoft’s Azure DevOps server. Meanwhile, fellow Lapsus$ victim and authentication firm Okta said 2.5 percent of customers were affected in its own Lapsus$ attack.
Exploits
Lapsus$ Data Kidnappers Claim Snatches From Microsoft, Okta
by Lisa Vaas •
Lapsus$ shared screenshots of internal Okta systems and 40Gb of purportedly stolen Microsoft data on Bing, Bing Maps and Cortana.
Europe, Global Security News, North America
Okta Breach Mitigation and Updates
by Gabriel Avner •
According to reports, authentication and Identity and Access Management (IAM) solutions provider Okta was breached by the Lapsus$ hacking group…
The post Okta Breach Mitigation and Updates appeared first on Authomize.
The post Okta Breach Mitigation …
Europe, North America
Conti Ransomware V. 3, Including Decryptor, Leaked
by Lisa Vaas •
The latest is a fresher version of the ransomware pro-Ukraine researcher ContiLeaks already released, but it’s reportedly clunkier code.
Europe, Global Security News, North America
Directed Analytics – The Future of Data Management
by News team •
By Simon Rolph, CEO & Founder of Such Sweet Thunder The world as we know it has changed […]
The post Directed Analytics – The Future of Data Management appeared first on Cyber Defense Magazine.
Exploits
Google Blows Lid Off Conti, Diavol Ransomware Access-Broker Ops
by Elizabeth Montalbano •
Researchers have exposed the work of Exotic Lily, a full-time cybercriminal initial-access group that uses phishing to infiltrate organizations’ networks for further malicious activity.