Data Breach Today

US Pulls Back Curtain on Russian Cyber Operations

Data Breach Today

Foreign Intelligence Service's Techniques, Partners Revealed While the Biden administration is betting that the latest round of sanctions aimed at Russia and its economy will help deter the country's cyber operations, several U.S.

IT 254

Facebook Tries to 'Scrape' Its Way Through Another Breach

Data Breach Today

Social Network Attempts 'Not Hacking' Spin on Theft of 533 Million Users' Details Facebook has been attempting to dismiss the appearance of a massive trove of user data by claiming it wasn't hacked, but scraped.

IT 266
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Payment Card Theft Ring Tech Leader Gets 10-Year Sentence

Data Breach Today

Fedir Hladyr of Ukraine Admitted to Working as System Admin for FIN7 A Ukrainian national who admitted to working as a system administrator and IT manager for the notorious FIN7 cybercriminal gang, which has been involved in the theft of millions of payment cards, has been sentenced to 10 years in federal prison.

533 Million Facebook Account Records Posted to Forum

Data Breach Today

Facebook Says Data Comes from Previously Reported 2019 Incident A security researcher found more than 500 million Facebook records made available for free on the darknet, exposing basic user information including any phone numbers associated with accounts.

Cassandra Data Modeling Guide to Best Practices

Are you a developer, database architect, or database administrator that's new to Cassandra but have been tasked with developing a Cassandra schema design? Learn the basic rules to keep in mind when designing your schema for Cassandra.

XCSSET Malware Can Adapt to Target More Macs

Data Breach Today

Trend Micro Describes the Evolving Threat The XCSSET malware campaign can now adapt to target a wider variety of Macs, including those with the M1 chip, according to Trend Micro researchers

201
201

A Tale of 3 Data 'Leaks': Clubhouse, LinkedIn, Facebook

Data Breach Today

Confusion Over Hacking, Scraping and Amassing Highlights Data Lockdown Imperative Criminals love to amass and sell vast quantities of user data, but not all such data sets necessarily pose a fresh risk to users.

Risk 244

Iranian Nuclear Site Shut Down by Apparent Cyberattack

Data Breach Today

Report: Israeli Government Involved Israeli public media outlet Kan, citing intelligence sources, says an Israeli government cyberattack was responsible for the shutdown of an Iranian nuclear power facility on Sunday in what Iran describes as an act of "sabotage

REvil Ransomware Gang Threatens Stolen Apple Blueprint Leak

Data Breach Today

$50 Million Extortion Demand Issued to Apple and Taiwanese Manufacturer Quanta The REvil - aka Sodinokibi - ransomware gang is threatening to release stolen Apple device blueprints unless it receives a massive payoff.

Biden Seeks to Boost CISA's Budget by $110 Million

Data Breach Today

Additional Money Would Address Range of Cybersecurity Issues President Joe Biden is asking Congress to boost CISA's budget by $110 million in 2021 to allow the agency to address a range of cybersecurity issues following several high-profile incidents that have happened in the past six months

Use It, Save It, Or Lose It: Spring Cleaning for Information Governance

Speaker: Speakers Michelle Kirk of Georgia Pacific, Darla White of Sanofi, & Scott McVeigh of Onna

As an organization’s most valuable asset, data should be cared for and integrated, managed, archived, and deleted as appropriate. Join Onna, Georgia Pacific, and Sanofi for this on-demand webinar as they discuss proactive, practical steps for kicking off your organization's own digital cleanup.

Attackers Using Malicious Doc Builder Called 'EtterSilent'

Data Breach Today

Report: Builder Allows Cybercriminals to Create Specialized Office Documents Cybercriminal gangs are using a newly uncovered malicious document builder called "EtterSilent" to create differentiated and harder-to-discover malicious documents that can be deployed in phishing attacks.

Nation-State Actor Linked to Pulse Secure Attacks

Data Breach Today

Vulnerabilities Exploited Include a Zero-Day in Ivanti's Pulse Connect Secure The U.S. Cybersecurity and Infrastructure Security Agency, Ivanti and FireEye report that U.S.

Unscripted: 3 Security Leaders Dissect Today's Top Trends

Data Breach Today

White House 'Stands Down' SolarWinds, Exchange Response Groups

Data Breach Today

Unified Coordination Groups Were Created to Respond to Cybersecurity Incidents The White House announced Monday that it is "standing down" two Unified Coordination Groups that were created to coordinate the federal response to the SolarWinds supply chain attack and attacks on vulnerable on-premises Microsoft Exchange email servers.

The Next-Generation Cloud Data Lake: An Open, No-Copy Data Architecture

A next-gen cloud data lake architecture has emerged that brings together the best attributes of the data warehouse and the data lake. This new open data architecture is built to maximize data access with minimal data movement and no data copies.

Microsoft Patches 4 Additional Exchange Flaws

Data Breach Today

NSA Calls on Exchange Customers to Update Immediately Microsoft issued patches for its on-premises Exchange Server software, addressing four new critical vulnerabilities discovered by the National Security Agency. A zero-day vulnerability in Desktop Window Manager was also disclosed and patched

100-Day Plan to Enhance Electrical Grid Security Unveiled

Data Breach Today

Biden Administration Plan Is Part of a Broader Critical Infrastructure Protection Effort The Biden administration is rolling out a 100-day plan to improve cybersecurity and address cyberthreats across the nation's electrical grid

Telehealth: Safeguarding Patient Data

Data Breach Today

New Guidance Spells Out Security Precautions Given the surge in the use of telehealth during the COVID-19 pandemic - and expectations for continued growth - the Healthcare and Public Health Sector Coordinating Council has unveiled guidance on safeguarding patient data during remote care encounters

Modern Bank Heists: Attackers Go Beyond Account Takeover

Data Breach Today

Tom Kellermann of VMware Carbon Black on Fraud Trends and Essential Defenses Brokerage account takeover, supply chain attacks, destructive attacks and those that seek to manipulate time or time stamps are among the latest threats uncovered in the new Modern Bank Heists report authored by Tom Kellermann at VMware Carbon Black.

215
215

Open Source & Open Standards: Navigating the Intricacies of a Symbiotic Partnership

Speaker: Guy Martin, Executive Director of OASIS Open

The COVID-19 global pandemic has raised the already bright visibility of technology to an even higher level. Join Guy Martin, Executive Director at OASIS Open, as he presents this webinar that will discuss how we can make open source and open standards even more effective by helping them recapture their strong partnership.

Why Didn't Government Detect SolarWinds Attack?

Data Breach Today

Senators Want to Know Why DHS' Einstein System Did Not Discover the Incident Two senators are pressing the Department of Homeland Security to explain why its Einstein system failed to detect the SolarWinds supply chain breach that affected agencies as well as corporations

600,000 Payment Cards Stolen From Swarmshop Darknet Market

Data Breach Today

Group-IB: Administrator, Seller and Buyer Data Also Stolen For the second time in two years, the contents of the darknet payment card marketplace Swarmshop have been removed and posted to a competing underground forum, Group-IB reports.

Attackers Target Unpatched SAP Applications

Data Breach Today

Exploits Could Lead to System Hijacking, Data Theft, Ransomware Attacks Attackers are targeting unpatched SAP applications, and the exploits could lead to the hijacking of the vulnerable systems, data theft and ransomware attacks, SAP and Onapsis Research Labs report.

Cofense and StrikeForce Announce Acquisitions

Data Breach Today

Meanwhile, OneTrust Receives Additional Funding Email security provider Cofense and data security firm StrikeForce Technologies both have announced strategic acquisitions this pas week. Meanwhile, data protection firm OneTrust received additional funding

Leading Advertising and Analytics Company Outperforms With a Graph Database

Xandr, a division of AT&T, has built an identity graph that connects information on people, households, and more. The company is using this graph to provide advertisers an ability to deliver commercials more successfully than ever before. Learn more.

Capital One Warns of More Data Leaked in 2019 Breach

Data Breach Today

Additional Social Security Numbers May Have Been Exposed Capital One is warning additional customers that their Social Security numbers may have been exposed in a massive 2019 breach. Meanwhile, a suspect in the breach is slated to go to trial in October

What Are the Reasons Behind Health Data Breach Surge?

Data Breach Today

Ransomware Attacks, Vendor Breaches Continue as Leading Causes About 70 major health data breaches have been added to the federal tally in the last four weeks as ransomware attacks have persisted and breaches at vendors have affected clients

Fraudsters Flooding Collaboration Tools With Malware

Data Breach Today

Cisco Talos: Reliance on These Tools Expands Attack Surface The increasing reliance on collaboration tools such as Slack and Discord to support those working remotely during the COVID-19 pandemic has opened up new ways for fraudsters and cybercriminals to bypass security tools and deliver malware, Cisco Talos reports.

FBI and CISA: APT Groups Targeting Government Agencies

Data Breach Today

Three FortiOS Vulnerabilities Being Exploited for the Campaign CISA and the FBI warn in a new alert that unidentified nation-state actors are scanning for three vulnerabilities in Fortinet's operating system, FortiOS, to potentially target government and private sector companies for cyberespionage

Cloud-Scale Monitoring With AWS and Datadog

In this eBook, find out the benefits and complexities of migrating workloads to AWS, and services that AWS offers for containers and serverless computing.

Senators Push for Changes in Wake of SolarWinds Attack

Data Breach Today

Intelligence Hearing Focuses on Need for Federal Breach Notification Law, Fixing 'Blind Spots' The SolarWinds supply chain attack that led to follow-on attacks on nine government agencies and 100 companies points to the need for a federal law requiring prompt breach notification, several senators said at a Wednesday hearing.

FBI Removing Web Shells From Infected Exchange Servers

Data Breach Today

Remediation Effort at Organizations in at Least 8 States May Be First of Its Kind in the US In an unprecedented action, the FBI is removing web shells from on-premises Microsoft Exchange servers at organizations in at least eight states that were infected in a wave of attacks earlier this year.

OnDemand Webinar | Measuring Risk in Self-Service: Data Analysis on Real IVR Traffic

Data Breach Today

Risk 217

Death to 'Fluffy': Please Stop With the Pet Name Passwords

Data Breach Today

Pets, Sports Teams, Notable Dates and Family Member Names Predominate, Experts Warn Loving your pet and creating tough-to-crack passwords should remain two distinctly separate activities.

How to Measure DevSecOps Progress and Ensure Success

Speaker: Shannon Lietz, Director of DevSecOps Team, Intuit

The new DevSecOps team is up and running, and you feel ready to take on rising security threats while delivering quality software updates. But that leaves just one question: how do you monitor your new program as effectively and efficiently as possible? Join Shannon Lietz, Director of DevsecOps at Intuit, and award-winning innovator, to learn the answers to these questions so you can lead your DevSecOps team to the top!

Ubiquiti Acknowledges Extortion Attempt

Data Breach Today

Company Called Out by Whistleblower for Attack Response Internet of things vendor Ubiquiti revealed in a security notice that an attacker had attempted to extort money from the company following a December 2020 cyber incident - a fact not mentioned in the company's earlier notice about the attack

Biden's Infrastructure Plan: 3 Cybersecurity Provisions

Data Breach Today

In Wake of Breaches, Accellion Faces at Least 14 Lawsuits

Data Breach Today

Will the Lawsuits Seeking Class-Action Status Be Consolidated? At least 14 lawsuits seeking class-action status have been filed against Accellion in the wake of breaches of the vendor's 20-year-old File Transfer Appliance. A motion to consolidate the cases has also been filed

213
213

Check Point: 50,000 Attempted Ransomware Attacks Target Exchange

Data Breach Today

New Research Report Tracks Latest Global Trends Check Point Research says it has spotted more than 50,000 ransomware attack attempts worldwide so far against unpatched on-premises Microsoft Exchange email servers

Digital Trends Report 2020

As part of our goal to continue helping our community during these times, we wanted to share with you this critical data on the state of digital products across industries and provide context on how businesses are responding to the changing winds.