Krebs on Security

APRIL 27, 2023

A shocking number of organizations — including banks and healthcare providers — are leaking private and sensitive information from their public Salesforce Community websites, KrebsOnSecurity has learned. city administrators that at least five different public DC Health websites were leaking sensitive information.

Access 278

Access Authentication Information Security Communications 278

Data Breach Today

FEBRUARY 8, 2023

Hackers Actively Scanning for Backups to Steal Access Credentials, Researchers Warn Researchers at Sansec warn that 12% of e-commerce sites they studied publicly expose private backups and that hackers are actively scanning for them.

Passwords 244

Passwords Access 244

Data Breach Today

JUNE 16, 2022

Microsoft's Abbas Kudrati and HCL's Upendra Singh on Zero Trust and Cloud Security Organizations have created significant security challenges by rapidly migrating applications, data and workloads to multiple public clouds over the course of the COVID-19 pandemic, according to Abbas Kudrati of Microsoft and Upendra Singh of HCL.

Cloud 245

Cloud Security 245

CILIP

JANUARY 16, 2024

CILIP welcomes publication of Sanderson Review of Public Libraries CILIP has welcomed the publication of the findings of Baroness Sanderson of Welton’s Independent Review of Public Libraries, announced today at an event at the House of Lords attended by our CEO, Nick Poole.

Libraries 86

Libraries Government Education Communications 86

Data Breach Today

SEPTEMBER 24, 2021

Newcomer Wants Journalists to Publicize Victims, to Pressure Them Into Paying Ransom A new and still little-known ransomware group called Karma has been pursuing a novel strategy to pressure victims into paying: Get journalists to publicize businesses hit by the ransomware operation, adding pressure on victims to pay the ransom demand.

Ransomware 270

Ransomware 270

Data Breach Today

MARCH 15, 2021

public schools faced a record number of cyber incidents in 2020, with over 400 attacks reported. Experts Say Increase Owes to Lack of Funding, Virtual Learning U.S.

Cybersecurity 363

Cybersecurity IT 363

Data Breach Today

APRIL 1, 2022

Tools and methodologies that have been helpful for global public health research might also provide better understanding of the root causes of cybercrime and the motivation of cybercriminals, especially as such crime has surged during the COVID-19 pandemic, says Stanley Mierzwa of Kean University.

260

260

Data Breach Today

JUNE 9, 2022

Kiersten Todt, CISA chief of staff, on Industry Engagement, Workforce Development One of the most important recent developments by CISA has been the creation of the Joint Cyber Defense Collaborative, which is focused on operational private-public collaboration, says Kiersten Todt, CISA chief of staff.

242

242

Data Breach Today

APRIL 26, 2021

As Many as 500,000 Client and Staff Records Possibly Compromised The Office of the Public Defender in southwestern Florida says malware attackers may have compromised the personally identifiable information of its staff and clients.

IT 273

IT 273

Data Breach Today

MARCH 24, 2023

Abundance of Caution' Cited for Move; No System Compromise or Data Breach Detected GitHub has replaced its private RSA SSH host key after discovering it was being inadvertently exposed to the public via a GitHub repository. Used to safeguard SSH access to Git operations, a bad actor could use the key to impersonate GitHub or eavesdrop.

Data breaches 190

Data breaches Access IT 190

Data Breach Today

APRIL 21, 2023

80% Growth & Turning a Profit in 2022 Set Up Yubico Well While SPACs Have Struggled Hardware-based authentication vendor Yubico plans to go public at an $800 million valuation by merging with a special purpose acquisition company.

Authentication 144

Authentication Marketing 144

Data Breach Today

NOVEMBER 26, 2020

Security Incident Affecting School District's Virtual Classes Officials with the Baltimore County Public Schools are investigating a ransomware attack that distributed virtual learning for students this week. Now, the district has been forced to call-off its virtual classes until next Monday.

Ransomware 261

Ransomware Security IT 261

Data Breach Today

MARCH 27, 2024

US Cyber Defense Agency Proposes 72-Hour Reporting Rule for Covered Entities The U.S.

Cybersecurity 270

Cybersecurity Security IT 270

Security Affairs

APRIL 18, 2024

Cisco has addressed a high-severity Integrated Management Controller (IMC) vulnerability and is aware of a public exploit code for this issue. Cisco has addressed a high-severity vulnerability in its Integrated Management Controller (IMC) for which publicly available exploit code exists.

IT 120

IT Authentication Access Information Security 120

Data Breach Today

JUNE 27, 2022

Company Says the 55 Layoffs Will Boost Efficiency, Cut Expenses and Preserve Cash IronNet is laying off 17% of its employees in a cost-cutting effort just 10 months after going public by merging with a special purpose acquisition company.

IT 245

IT 245

Data Breach Today

APRIL 26, 2024

Why Cyber's First IPO Since 2021 Will Fuel Growth, Foster Customer Relationships After Rubrik became the first cybersecurity IPO since September 2021, company co-founder and CTO Arvind Nithrakashyap and CPO Anneka Gupta said Rubrik remain focused on cyber resilience, with investments focused on fostering long-term customer relationships and expanding (..)

Cybersecurity 144

Cybersecurity 144

CILIP

FEBRUARY 20, 2024

Protect funding for public libraries at risk In this election year it is more important than ever to bring libraries into the public and political spotlight as central government cuts council budgets across the country. We need your help to keep the monitor up to date.

Libraries 80

Libraries Risk Government IT 80

Data Breach Today

APRIL 11, 2023

What's the compelling business case, and how does it translate to meet the needs of public sector entities? Rob Lalumondier of Sophos on Questions to Ask When Selecting MDR Provider Gartner says by 2025, 50% of companies will be using MDR.

IT 144

IT 144

Security Affairs

FEBRUARY 12, 2024

Exploring the Risks: Unveiling 9 Potential Techniques Hackers Employ to Exploit Public Wi-Fi and Compromise Your Sensitive Data We’ve all used public Wi-Fi: it’s convenient, saves our data, and speeds up browsing. Always verify the authenticity of Wi-Fi networks before connecting, especially in public places.

Encryption 131

Encryption Passwords Phishing Authentication 131

Data Breach Today

OCTOBER 8, 2020

1 online threat targeting public and private organizations this year. Criminal Innovation and Underreporting by Victims Hampering Response Ransomware has emerged as the No. Seeking maximum returns, more gangs have moved beyond opportunistic attacks to target organizations with "post-intrusion ransomware."

Ransomware 224

Ransomware 224

CILIP

JANUARY 5, 2024

Will ‘Project Hope’ protect public libraries? As in previous election years, when the General Election is announced we will be calling on all parties to pledge their support for stronger public libraries and recognise that libraries have a significant positive impact on local communities, society and the economy.

Libraries 86

Libraries Access 86

Data Breach Today

APRIL 4, 2023

What's the compelling business case, and how does it translate to meet the needs of public sector entities? Rob Lalumondier of Sophos on Questions to Ask When Selecting MDR Provider Gartner says by 2025, 50% of companies will be using MDR.

IT 130

IT 130

Data Breach Today

MARCH 10, 2020

Among the many cybersecurity and privacy risks involving the fast evolving global coronavirus outbreak are potential concerns related to the development of a vaccine, says public health risk management expert Stanley Mierzwa of Kean University in Union, New Jersey.

Cybersecurity 208

Cybersecurity Risk Privacy 208

Data Breach Today

NOVEMBER 24, 2022

Group Hitting Large Victims, Health Sector Cybersecurity Coordination Center Warns Cybersecurity experts warn that large healthcare and public sector organizations are continuing to get hit by "big-game hunting" attackers wielding Lorenz ransomware.

Ransomware 130

Ransomware Risk Cybersecurity 130

Security Affairs

DECEMBER 18, 2023

A cyber attack hit on December 8, 2023 the Italian cloud service provider Westpole, which is specialized in digital services for public administration. PA Digitale provides its service to 1300 public administrations, including 540 municipalities. Threat actors employed the Lockbit 3.0 reported the ACN.

Ransomware 131

Ransomware Cloud Government Privacy 131

Data Breach Today

MAY 3, 2023

Ukraine Links Attacks to Russian Intelligence Sandworm Hackers Ukrainian cyber defenders say they spotted a malicious script used to activate the delete option on a Windows file archiving utility likely planted by the Russian intelligence agency unit Sandworm. CERT-UA says attackers likely used a compromised VPN credential to gain access.

Archiving 264

Archiving Access 264

Data Breach Today

SEPTEMBER 22, 2022

Municipal Water Systems Installing Networked Control Systems Public water systems in the United States will continue connecting control systems to the internet despite the risks, members of the House Homeland Security Committee heard today.

Risk 130

Risk Cybersecurity Security 130

Data Breach Today

AUGUST 31, 2021

Keith Alexander, has gone public without an IPO by merging with LGL Systems Acquisitions Corp.a Meanwhile, Check Point Acquires Email Security Specialist Firm Avanan The cybersecurity firm IronNet, founded and led by retired Army Gen. blank check" shell company formed to handle such mergers.

Cybersecurity 167

Cybersecurity Security 167

Security Affairs

NOVEMBER 17, 2022

Public schools in two Michigan counties were forced to halt their activities, including the lessons, after a ransomware attack. Public schools in Jackson and Hillsdale counties, Michigan, reopen after a closure of two days caused by a ransomware attack that hit its systems. SecurityAffairs – hacking, Public schools).

Ransomware 129

Ransomware Cybersecurity Access Security 129

CILIP

FEBRUARY 1, 2024

New Future Libraries project to support resilience and strategic growth in Public Libraries Future Libraries is a two-part initiative from CILIP to challenge and engage librarians and library leaders to reimagine libraries in a world of evolving living and working patterns in the context of a rapidly changing world.

Libraries 96

Libraries IT 96

Data Breach Today

FEBRUARY 28, 2019

million records of risky businesses and individuals on a public server without password protection. Authorized Third Party' Responsible for Leak, Company Says An "authorized third party" exposed a Dow Jones database with more than 2.4 The incident points to the importance of proper vendor risk management, security experts say.

Passwords 248

Passwords Risk Security 248

Schneier on Security

APRIL 12, 2023

The FBI is warning people against using public phone-charging stations, worrying that the combination power-data port can be used to inject malware onto the devices: Avoid using free charging stations in airports, hotels, or shopping centers.

Risk 116

Risk Access 116

Security Affairs

AUGUST 30, 2021

The Boston Public Library was victim of a cyberattack that crippled its computer network, the library revealed in a statement Friday. The Boston Public Library announced on Friday that it was hit by a cyberattack that compromised its computer network. The affected systems were taken offline to prevent the threat from spreading.

Libraries 121

Libraries Communications Cybersecurity IT 121

Security Affairs

OCTOBER 19, 2022

Nearly two million.git folders containing vital project information are exposed to the public, the Cybernews research team found. Researchers at Cybernews on most common web service ports 80 and 443 revealed 1,931,148 IP addresses with live servers that had.git folder structure accessible to the public. Original Post at [link].

Metadata 123

Metadata Access Risk IT 123

eSecurity Planet

OCTOBER 16, 2023

Public cloud security refers to protections put in place to secure data and resources in cloud environments shared by multiple users or organizations. These safeguards, when combined with adherence to security best practices and standards, establish a strong security architecture for public cloud environments.

Cloud 85

Cloud Security Encryption Compliance 85

Data Breach Today

SEPTEMBER 15, 2021

Critics Say Travis CI's Security Bulletin is Insufficient Travis CI, a Berlin-based continuous integration testing vendor, has patched a serious flaw that exposed signing keys, API keys and access credentials and more, potentially putting thousands of organizations at risk. Those using Travis CI should change their secrets immediately.

Risk 330

Risk Access Security 330

CILIP

FEBRUARY 20, 2024

Urgent appeal: protect funding for public libraries at risk CILIP is the leading industry voice championing and representing library and information professionals across the United Kingdom, guided by our Royal Charter to develop and improve library and information services, and as a Charity to act in the public good.

Libraries 59

Libraries Risk Education Access 59