Data Breach Today

DoorDash Says 4.9 Million Records Breached

Data Breach Today

Unusual Activity' By Third-Party Service Provider to Blame Food delivery startup DoorDash says 4.9 million customer, contractor and merchant records were breached after "unusual activity" by a third-party service provider.

Risk 270

Unpatched VPN Servers Targeted by Nation-State Attackers

Data Breach Today

Zynga's Breach Notification: How to Not Inform Victims

Data Breach Today

Don't Blame Us, Blame Hackers, Mobile Gaming Giant Says "Cyberattacks are one of the unfortunate realities of doing business today," reads gaming company Zynga's data breach notification, thus breaking the first rule of crisis management: Own your mistakes.

How Cybercriminals Continue to Innovate

Data Breach Today

Europol Report: Ransomware, DDoS, Business Email Compromises Are Persistent Threats Online attack threats continue to intensify, with criminals preferring ransomware, DDoS attacks and business email compromises, warns Europol, the EU's law enforcement intelligence agency.

Top 10 industries for monetizing data: Is yours one of them?

Find out which industries, use cases, and business applications are the best opportunities for data monetization. Understand what data is being monetized, who wants it, and why. Use data you already own to create new revenue sources. Download the eBook today!

Supply Chain Attacks: Hackers Hit IT Providers

Data Breach Today

Symantec Sees New Tortoiseshell Gang Hitting Targets in Middle East A hacker group called Tortoiseshell has been hitting targets in the Middle East since at least July 2018, apparently targeting IT service providers to gain access to many potential targets at once.

IT 263

Hackers Hit Unpatched Pulse Secure and Fortinet SSL VPNs

Data Breach Today

Vendors Issued Security Updates to Fix Severe Flaws Several Months Ago Patch or perish redux: Hackers are unleashing automated attacks to find and exploit known flaws in SSL VPNs manufactured by Fortinet and Pulse Secure to steal passwords.

Microsoft Patches 2 Windows Flaws Already Being Exploited

Data Breach Today

September's Patch Tuesday Addresses Elevation of Privileges Flaws As part of its September Patch Tuesday security update, Microsoft issued software fixes for two vulnerabilities in several versions of Windows that it says are being exploited by attackers in the wild.

Emotet Botnet Now Using Snowden's Memoir as a Lure

Data Breach Today

Attackers Sending Emails Promising Copy of 'Permanent Record' A week after the Emotet botnet crept back to life, the attackers behind it are already trying a new way to ensnare victims - using Edward Snowden's newly released memoir as a phishing lure, according to the security firm Malwarebytes

Malware Most Foul: Emotet, Trickbot, Cryptocurrency Miners

Data Breach Today

Researchers: Targeted Crime Attacks Surge, Continue to Blend With Nation-State Campaigns Banking Trojans and cryptocurrency mining malware continue to be among the most-seen types of malicious code used for nontargeted attacks.

Mining 239

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

Attacks Targeting IoT Devices and Windows SMB Surge

Data Breach Today

IoT 260

Cybercrime Black Markets: RDP Access Remains Cheap and Easy

Data Breach Today

Also Hot: Payment Card Numbers, Identity Packets, DDoS Attacks, Shell Companies Cybercrime is surging, thanks in no small part due to the easy availability of inexpensive hacking tools and services.

FBI: Cybercriminals Are Bypassing Multifactor Authentication

Data Breach Today

Threat Actors Using Social Engineering, Other Technical Techniques to Circumvent MFA Protections The FBI is warning banks, businesses and other organizations that cybercriminals are using social engineering and other technical techniques to circumvent multifactor authentication security protections

Texas Pummeled by Coordinated Ransomware Attack

Data Breach Today

Cybercrime Campaign Counts 23 Victims - Mostly Local Government Entities State officials in Texas say that at least 23 local government entities have fallen victim to a coordinated ransomware attack unleashed on Friday morning.

The Key to Strategic HR: Process Automation

Do you want to automate your HR processes, but don’t know where to start? In this eBook, PeopleDoc explores which processes benefit the most from automation, and how an HR Service Delivery platform can help get things off the ground.

FBI Arrests Nigerian Suspect in $11 Million BEC Scheme

Data Breach Today

Scam Targeted UK Affiliate of US Heavy Equipment Firm Caterpillar, Prosecutors Allege The FBI has arrested a Nigerian businessman for allegedly carrying out an $11 million business email compromise scheme that targeted a U.K. affiliate of U.S. heavy equipment manufacturer Caterpillar

Researchers: Emotet Botnet Is Active Again

Data Breach Today

New Surge in Activity Spotted After Four-Month Absence Emotet, one of the most powerful malware-spreading botnets, is active again after a four-month absence, according to several security researchers who noticed a surge in activity primarily against U.S., and German targets starting on Monday

A Ransomware Tale: Mayor Describes City's Decisions

Data Breach Today

Mayor of New Bedford, Mass., Offers Details at a Press Conference The mayor of New Bedford, Massachusetts, took the unusual step this week of holding a press conference to describe a recent ransomware attack and explain why the city decided not to pay the $5.3 million ransom that was demanded

Google Calendar Privacy Concerns Raised

Data Breach Today

Embedded BI and Analytics: Best Practices to Monetize Your Data

Speaker: Azmat Tanauli, Senior Director of Product Strategy at Birst

By creating innovative analytics products and expanding into new markets, more and more companies are discovering new potential revenue streams. Join Azmat Tanauli, Senior Director of Product Strategy at Birst, as he walks you through how data that you're likely already collecting can be transformed into revenue!

Hey Jack, How Was Your Account Hacked?

Data Breach Today

Facebook: 419 Million Scraped User Phone Numbers Exposed

Data Breach Today

Social Network Says Problem Fixed, But Techcrunch Reports Many Still Accurate Facebook has confirmed that unprotected databases containing more than 419 million users' phone numbers contained data scraped from the social network.

251
251

Eight US Cities See Payment Data Card Stolen

Data Breach Today

Vulnerability in Click2Gov Software Has Been Patched, Vendor Says Click2Gov municipal payment portals for eight U.S. cities were compromised after an apparent vulnerability in the software. More than 20,000 payment card records have turned up in underground markets, says Gemini Advisory

Rheinmetall Investigating Malware Attack at Three Plants

Data Breach Today

German Defense Contractor Says Incident Costing $4 Million a Week An unspecified malware attack against the IT systems of Rheinmetall's automotive division in Brazil, Mexico and the U.S. is costing the company an estimated $4 million a week, the company says.

IT 227

Election Security Program Aims to Mitigate Ransomware Risks

Data Breach Today

Department of Homeland Security to Help With Database Protections Within a month, the U.S. Department of Homeland Security hopes to launch a program to help states protect voter registration databases and systems in advance of the 2020 presidential election.

Former Army Contractor Gets Prison Term for Insider Attack

Data Breach Today

Access 226

Security Flaw Exposed Valid Airline Boarding Passes

Data Breach Today

Latest U.S. Healthcare Ransomware Attacks Have Harsh Impact

Data Breach Today

In Worst-Case Scenarios, Patient Care Directly Affected A recent rash of ransomware attacks in the U.S. healthcare sector shows the serious disruptions these assaults can pose - including temporarily, or even permanently, stopping patient care

Senator Demands Answers About Exposed Medical Imaging Data

Data Breach Today

TridentUSA Allegedly Exposed Data on More than 1 Million Patients Sen. Mark Warner, D-Va.,

IT 226

Kaspersky: Dual-Use Dtrack Malware Linked to ATM Thefts

Data Breach Today

Remote Access Trojan Is Capable of Cyberespionage and Financial Fraud A newly discovered remote access Trojan called Dtrack has been targeting banks in India for well over a year, Kaspersky researchers say.

Access 228

JPMorgan Chase's Russian Hacker Pleads Guilty

Data Breach Today

Andrei Tyurin Stole Details of 83 Million Customers During Cybercrime Campaign Russian national Andrei Tyurin pleaded guilty to perpetrating massive hack attacks against leading U.S. financial services firms and others from 2012 to mid-2015.

US Cyber Command Warns of Outlook Vulnerability Exploits

Data Breach Today

Researchers Say Attackers Could Have Ties to Iranian-Backed APT Group The U.S. Cyber Command has issued a warning that attackers are attempting to exploit an older vulnerability in Microsoft Outlook to plant remote access Trojans or other types of malware within government networks.

Access 280

US Government Ban on Kaspersky Formalized

Data Breach Today

Final Rule Includes Ban on Government Contractors Using Russian Firm's Products A final rule published in the Federal Register Tuesday officially bans U.S. government agencies and their contractors from buying or supporting Kaspersky security products

Capital One Hacking Trial Delay Likely

Data Breach Today

Prosecutors, Defense Attorneys Ask Judge for Delay, Citing Massive Amounts of Data to Review Defense and prosecution attorneys are asking for a delay in the trial of alleged Capital One hacker Paige A.

209
209

Compliance: Mississippi State Agencies Have a Long Way to Go

Data Breach Today

CCPA Amendments Signed; Draft Regulations Released

Data Breach Today

Officials Attempt to Clarify Complex California Law's Requirements Gov. Gavin Newsom has signed into law six amendments to the California Consumer Privacy Act as well as another bill updating the state's long-standing data breach law.