Security Affairs

SEPTEMBER 26, 2019

Airbus Hit by Series of Cyber Attacks on Suppliers: Security Sources. The news was reported by security sources to the AFP agency, the experts suspected that the attacks were carried out by China-linked hackers. The experts reported that Airbus suppliers were hit by at least four major attack in the last 12 months.

Manufacturing 75

Manufacturing Military Data breaches Security 75

IT Governance

NOVEMBER 20, 2023

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. According to OPB, the district didn’t provide details, but said that “our student credentials may have been compromised as part of a security incident”.

Data Privacy 52

Data Privacy Privacy Data breaches Security 52

Security Affairs

JULY 21, 2021

Experts found a DB containing sensitive health insurance data belonging to customers of US insurance giant Humana. An SQL database containing what appears to be highly sensitive health insurance data of more than 6,000 patients has been leaked on a popular hacker forum. What was leaked? Drug prescription listings).

Insurance 115

Insurance Passwords Libraries Access 115

Security Affairs

JANUARY 18, 2023

has exposed the personal information of hundreds of thousands of employees and millions of job candidates. Researchers warn that such data leaks are hazardous as they might help threat actors craft targeted phishing campaigns, assist in forgery and identity theft, and trick companies into making payments. Treasure trove of data.

Privacy 92

Privacy Insurance Personal data Access 92

Security Affairs

JANUARY 21, 2020

The US-based children’s clothing maker Hanna Andersson has disclosed a data breach that affected its customers. The US-based children’s clothing maker and online retailer Hanna Andersson discloses a data breach, attackers planted an e-skimmer on its e-commerce platform. Hannah Anderson was breached.

Data breaches 108

Data breaches Retail Cloud Insurance 108

Security Affairs

NOVEMBER 1, 2019

One of the two flaws in Chrome addressed by Google, CVE-2019-13720, was exploited in a campaign that experts attribute to Korea-linked threat actors. Reported by banananapenguin on 2019-10-12[$TBD][ 1019226 ] High CVE-2019-13720: Use-after-free in audio. SecurityAffairs – CVE-2019-13720, Lazarus).

Libraries 60

Libraries Encryption Security IT 60

Hunton Privacy

JUNE 11, 2019

On June 6, 2019, the French Data Protection Authority (the “CNIL”) announced that it levied a fine of €400,000 on SERGIC, a French real estate service provider, for failure to (1) implement appropriate security measures and (2) define data retention periods for the personal data of unsuccessful rental candidates.

Personal data 104

Personal data Security GDPR Archiving 104

Security Affairs

DECEMBER 20, 2019

Wawa convenience store chain disclosed a payment card breach that may have exposed debit and credit card data from thousands of customers. Wawa convenience store chain disclosed a payment card breach, its security team discovered a PoS malware on its payment processing systems. SecurityAffairs – Wawa, data breach).

Data breaches 65

Data breaches Retail Information Security Security 65

Hunton Privacy

APRIL 5, 2019

On January 25, 2019, Nigeria’s National Information Technology Development Agency (“NITDA”) issued the Nigeria Data Protection Regulation 2019 (the “Regulation”). Many concepts of the Regulation mirror the EU General Data Protection Regulation (“GDPR”).

Personal data 101

Personal data Privacy Compliance GDPR 101

Security Affairs

JUNE 5, 2019

Recovery agency for patient collections American Medical Collection Agency (AMCA) suffered a data breach that could impact many of its customers. American Medical Collection Agency (AMCA) suffered a data breach that could impact many of its customers, the company still hasn’t disclosed details. A filing with the U.S.

Data breaches 75

Data breaches Insurance Sales Security 75

IT Governance

NOVEMBER 23, 2023

The financial sector is quite heavily regulated, and involves a lot of confidential data. You’d therefore expect that the sector fares better at data security than your average organisation. So to account for seasonality, we’ve only looked at Q2–Q4 for all four years (2019–2022). What do the statistics say?

Risk 85

Risk Data breaches Authentication Financial Services 85

IT Governance

DECEMBER 27, 2019

A royal baby, a fire at Notre-Dame, the highest grossing film of all time and more than 12 billion breached data records: 2019 has been quite a year. IT Governance is closing out the year by rounding up 2019’s biggest information security stories.

Data breaches 55

Data breaches GDPR Passwords Personal data 55

Security Affairs

JANUARY 25, 2022

The online store of Segway was compromised as a result of a Magecart attack, threat actors planted a malicious script to steal credit card data and customer information while visitors were making a purchase. The analysis of urlscanio data revealed that the site of Segway was compromised at least since January 6th.

CMS 95

CMS IT Security Data breaches 95

Security Affairs

JUNE 19, 2019

Retrieval-Masters Creditors Bureau, the company that operates healthcare billing services provider AMCA, has filed for Chapter 11 bankruptcy due to a recent data breach. The news is disconcerting and demonstrates the potential effects of a data breach on an organization. The incident impacted millions of users, a filing with the U.S.

Security 77

Security Data breaches IT Information Security 77

Security Affairs

MARCH 17, 2021

In March 2020, CERT France cyber-security agency warned about a new wave of ransomware attack that was targeting the networks of local government authorities. According to the experts, the first infections were observed in late 2019, victims reported their files were encrypted by a strain of malware. This new version used the.

Education 104

Education Ransomware Encryption Government 104

Security Affairs

JUNE 20, 2019

Oregon Department of Human Services announced it was a victim of a data breach in January, roughly 645,000 potentially impacted. Oregon Department of Human Services officials confirmed that the organization has suffered a data breach that has exposed personal details and health information of 645,000 clients. Pierluigi Paganini.

Data breaches 76

Data breaches Phishing Insurance Risk 76

Security Affairs

JUNE 6, 2024

The FBI is informing victims of LockBit ransomware it has obtained over 7,000 LockBit decryption keys that could allow some of them to decrypt their data. “Additionally, from our ongoing disruption of LockBit, we now have over 7,000 decryption keys and can help victims reclaim their data and get back online.”

Energy and Utilities 118

Energy and Utilities Ransomware Agriculture Encryption 118

Security Affairs

JANUARY 29, 2020

N ew revelations on the Wawa card data breach suggests that the incident might have exposed 30 million customers’ data that are now available online for sale. In December 2019, Wawa convenience store chain disclosed a payment card breach, its security team discovered a PoS malware on its payment processing systems.

Sales 118

Sales Data breaches Retail Security 118

Security Affairs

JUNE 24, 2019

Malware researchers at Cybaze-Yoroi ZLAB observed many attack attempts trying to spread malware abusing the CVE-2019-10149 issue. EW N030619 , CVE-2019-10149 ). Sigurdsson (Security Researcher), which abuses ToR network to distribute its payload, or also the 9th June wave which tried to download a particular Linux agent.

IT 96

IT Ransomware Cloud Security 96

Security Affairs

NOVEMBER 12, 2019

The ransom amount for Pemex is 565 BTC currently… Also, DoppelPaymer's TOR site's text was updated sometimes & now have this: "Also, we have gathered all your private sensitive data. " pic.twitter.com/BoHi1lVigF — MalwareHunterTeam (@malwrhunterteam) November 12, 2019. Threat actors demanded a $4.9

Ransomware 92

Ransomware Government Security IT 92

Security Affairs

MAY 12, 2020

Trojan Lampion is a malware observed at the end of the year 2019 impacting Portuguese users using template emails from the Portuguese Government Finance & Tax and EDP. According to the first appearance of this banking trojan in December 2019, the modus operandi remains as documented here. com/team-modulosp/P-12-9.]dll–

Cloud 116

Cloud Government Access Phishing 116

Security Affairs

APRIL 22, 2020

Security researchers from Volexity discovered a new Insomnia iOS exploit that was being used to spy on China’s Uyghur minority. in July 2019. The exploits used targeted Apple iOS operating systems leveraging a vulnerability in WebKit that appears to have been patched in the summer of 2019. and 12.3.2, release.

Government 112

Government Communications IT Security 112

Data Protection Report

FEBRUARY 8, 2022

In total, information for approximately 2.1 million individuals was exposed, including approximately 98,632 New Yorkers.The AG began an investigation based on New York’s Executive Law § 63(12) [deception] and General Business Law §§ 349 [deception] and 899-bb. EyeMed neither admitted nor denied the AG’s findings in the settlement.

Passwords 98

Passwords Financial Services Authentication Insurance 98

Security Affairs

OCTOBER 20, 2020

The US National Security Agency (NSA) has shared the list of top 25 vulnerabilities exploited by Chinese state-sponsored hacking groups in attacks in the wild. The knowledge of these vulnerabilities could allow IT and security staffs at organizations worldwide to protect their infrastructure against Chinese state-sponsored hacking campaigns.

MDM 111

MDM Access Security Passwords 111

Security Affairs

JUNE 29, 2022

Often easy to find and exploit, these can lead to exploitable vulnerabilities that allow adversaries to completely take over a system, steal data, or prevent applications from working.” 0 +4 12 CWE-502 Deserialization of Untrusted Data 6.68 ” reads the announcement published by Mitre. Pierluigi Paganini.

Authentication 98

Authentication Education Cybersecurity Security 98

Security Affairs

MARCH 12, 2020

Microsoft released security updates to fix a recently disclosed CVE-2020-0796 vulnerability in SMBv3 protocol that could be abused by wormable malware. Microsoft has released security updates to address the CVE-2020-0796 vulnerability in SMBv3 protocol that could be exploited by vxers to implement “ wormable ” malware.

Communications 116

Communications Security IT Information Security 116

Security Affairs

AUGUST 13, 2023

“The discovery of these vulnerabilities highlights the critical importance of ensuring the security of industrial control systems and underscores the need for continuous monitoring and protection of these environments.” “We were able to apply 12 of the buffer overflow vulnerabilities to gain RCE of PLCs.

Authentication 94

Authentication Passwords Manufacturing Risk 94

Security Affairs

OCTOBER 16, 2020

The huge trove of payment card data was spotted by researchers from the cyber-security firm Gemini Advisory. JokerStash originally claimed that the breach would be available in August, then again in September, and finally it was posted online on October 12. The compromise took place between July 2019 and August 2020.

Sales 124

Sales Authentication Security IT 124

Data Protection Report

APRIL 22, 2021

On April 14, 2021, the New York Department of Financial Services (NYDFS) announced a $3 million settlement with insurance company National Securities Corp. According to the consent order, the matter began when NSC reported a cybersecurity event to NYDFS on October 23, 2019. The second incident occurred in March of 2019.

Cybersecurity 94

Cybersecurity Financial Services Phishing Compliance 94

Security Affairs

FEBRUARY 21, 2024

Law enforcement also had access to data stolen from the victims of the ransomware operation, a circumstance that highlights the fact that even when a ransom is paid, the ransomware gang often fails to delete the stolen information. LockBit is a prominent ransomware operation that first emerged in September 2019.

Energy and Utilities 99

Energy and Utilities Ransomware Agriculture Manufacturing 99

Security Affairs

DECEMBER 19, 2019

Security researcher Bob Diachenko discovered more than 267 million Facebook user IDs, phone numbers and names in an unsecured database. Security expert Bob Diachenko, along with Comparitech, has discovered more than 267 million Facebook user IDs, phone numbers and names in an unsecured database. Friends list, photos, and groups).

Archiving 92

Archiving Phishing Passwords Authentication 92

Security Affairs

MAY 19, 2022

The attacks were first discovered by researchers at Positive Technologies in 2019, the phishing messages contained a link to previously undetected malware. In the first case, the attackers gained access to 20 servers for ten months and stole over 1,500 internal documents containing sensitive data. Pierluigi Paganini.

Phishing 135

Phishing Archiving Government Access 135

Security Affairs

OCTOBER 31, 2020

XSS vulnerabilities can be exploited by threat actors for multiple malicious activities, including account takeover and data theft. “XSS vulnerabilities are extremely common and hard to eliminate, even for organizations with the most mature application security. ” reads The 4th Hacker-Powered Security Report.

Metadata 127

Metadata Cloud Access Security 127

Info Source

FEBRUARY 13, 2019

12, 2019 /PRNewswire/ — Canon Solutions America, Inc., today announced the addition of enhanced security capabilities through EventSentry, a hybrid Security Information and Event Management (SIEM) solution that provides event monitoring for businesses of all sizes. MELVILLE, N.Y., ” Tweet.

Security 40

Security Authentication Compliance Cloud 40

Security Affairs

MARCH 21, 2021

A group of US hackers recently claimed to have gained access to footage from 150,000 security cameras at banks, jails, schools, healthcare clinics, and prominent organizations. The DoJ announced this week that Till Kottmann was indicted for computer intrusion and identity and data theft activities spanning 2019 to the present. .

Computer and Electronics 81

Computer and Electronics Access Communications Cybersecurity 81

Security Affairs

AUGUST 30, 2019

The attackers targeted devices running from iOS 10 through to iOS 12. The Project Zero researcher Ian Beer explained that only two of the 14 security flaws were zero-days , CVE-2019-7287 and CVE-2019-7286, he also revealed that the campaign remained under the radar for at least two years. on 7 Feb 2019.

Encryption 94

Encryption Access Authentication IT 94

Security Affairs

FEBRUARY 20, 2024

Law enforcement also had access to data stolen from the victims of the ransomware operation, a circumstance that highlights the fact that even when a ransom is paid, the ransomware gang often fails to delete the stolen information. LockBit is a prominent ransomware operation that first emerged in September 2019.

Energy and Utilities 111

Energy and Utilities Ransomware Manufacturing Agriculture 111