Security Affairs

AUGUST 6, 2023

The Colorado Department of Higher Education (CDHE) finally disclosed a data breach impacting students, past students, and teachers after the June attack. In June a ransomware attack hit the Colorado Department of Higher Education (CDHE), now the organization disclosed a data breach.

Education 84

Education Data breaches Ransomware Access 84

Security Affairs

JULY 8, 2020

Early June, researchers at F5 Networks have addressed a critical remote code execution (RCE) vulnerability, tracked as CVE-2020-5902, that resides in undisclosed pages of Traffic Management User Interface (TMUI) of the BIG-IP product. This issue is not exposed on the data plane; only the control plane is affected.”.

Education 117

Education Government Authentication Passwords 117

Security Affairs

OCTOBER 31, 2020

XSS vulnerabilities can be exploited by threat actors for multiple malicious activities, including account takeover and data theft. “XSS vulnerabilities are extremely common and hard to eliminate, even for organizations with the most mature application security. ” reads The 4th Hacker-Powered Security Report.

Metadata 121

Metadata Cloud Access Security 121

Data Protection Report

JANUARY 20, 2020

2019 saw continued growth and change in data protection and cyber-security across the Asia-Pacific. Following the implementation of the GDPR in May, 2018, many jurisdictions moved to review and strengthen existing data privacy and cyber-security laws. million patients.

Personal data 128

Personal data Security Data Privacy GDPR 128

The Last Watchdog

NOVEMBER 7, 2023

7, 2023 — Organisations have been laser focussed on protecting their own networks, applications, physical premises and people against cyber security attacks but have neglected their exposure to suppliers. Indeed, over the past 3 years, a staggering 73% of organisations have been affected by a third-party security breach.

Risk 100

Risk Security Financial Services Information Security 100

Security Affairs

JULY 28, 2021

The ‘Cost of a Data Breach’ report commissioned by IBM Security states that the cost of a data breach exceeded $4.2 The study highlights the significant impact of the ongoing pandemic on the cost of data breaches and the effort to contain them. ” states IBM Security. ” states IBM Security.

Data breaches 136

Data breaches Ransomware Security Cloud 136

IT Governance

NOVEMBER 20, 2023

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. According to OPB, the district didn’t provide details, but said that “our student credentials may have been compromised as part of a security incident”.

Data Privacy 52

Data Privacy Privacy Data breaches Security 52

Security Affairs

MARCH 16, 2020

Last week, Open Exchange Rates disclosed a data breach that exposed the personal information and hashed passwords for customers of its API service. Last week, the currency data provider Open Exchange Rates has disclosed a data breach that exposed the personal information and salted and hashed passwords for customers of its API service.

Data breaches 105

Data breaches Security Passwords Phishing 105

Security Affairs

APRIL 14, 2021

FireEye published its M-Trend 2021 report based on the data collected during the investigation, 650 new threat groups were tracked in 2020. FireEye published its annual report, titled M-Trend 2021, which is based on the data collected during the investigation on security incidents it managed. “Just 3.4%

Data collection 61

Data collection Ransomware IT Security 61

Security Affairs

OCTOBER 15, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security 94

Security Ransomware Data breaches Military 94

Hunton Privacy

AUGUST 13, 2020

Earlier this year, The Retail Equation, a loss prevention service provider, and Sephora were hit with a class action lawsuit in which the plaintiff claimed Sephora improperly shared consumer data with The Retail Equation without consumers’ knowledge or consent. 5:20-cv-02155-LHK, is due on September 14, 2020. Code § 1798.150).

Retail 144

Retail Privacy Data breaches Communications 144

Security Affairs

OCTOBER 27, 2020

Immigration law firm Fragomen has disclosed a data breach that exposed current and former Google employees’ personal information. Immigration law firm Fragomen, Del Rey, Bernsen & Loewy, LLP, one of the most prominent US law firms covering immigration law, disclosed a data breach. Pierluigi Paganini.

Data breaches 111

Data breaches Insurance Access Security 111

Security Affairs

FEBRUARY 12, 2020

Microsoft February 2020 Patch Tuesday updates address a total of 99 new vulnerabilities, including an Internet Explorer zero-day exploited in the wild. In January, Microsoft has published a security advisory ( ADV200001 ) that includes mitigations for the CVE-2020-0674 zero-day remote code execution (RCE) flaw.

Sales 71

Sales Security Marketing Cybersecurity 71

Security Affairs

JULY 5, 2023

Swedish data protection watchdog warns companies against using Google Analytics due to the risk of surveillance operated by the US government. The Swedish data protection watchdog warned businesses against using Google Analytics due to the risk of surveillance carried out by the US government.

Analytics 80

Analytics Personal data GDPR Privacy 80

Security Affairs

JULY 21, 2021

Experts found a DB containing sensitive health insurance data belonging to customers of US insurance giant Humana. An SQL database containing what appears to be highly sensitive health insurance data of more than 6,000 patients has been leaked on a popular hacker forum. Who had access to the data? What was leaked?

Insurance 112

Insurance Passwords Libraries Access 112

Hunton Privacy

NOVEMBER 16, 2020

On November 12, 2020, somewhat in the shadow of the new standard contractual clauses for data transfers to recipients outside the European Economic Area (“EEA”), the European Commission also adopted draft standard contractual clauses to be used between controllers and processors in the EEA (“EEA Controller-Processor SCCs”).

GDPR 88

GDPR Personal data Data breaches Information Security 88

Security Affairs

JANUARY 4, 2022

UScellular, one of the largest wireless carriers in the US, has disclosed a data breach after the hack suffered in December 2021. UScellular has disclosed a data breach after the attack that compromised the company’s billing system in December 2021. million customers in 426 markets in 23 states as of the second quarter of 2020.

Data breaches 108

Data breaches Retail Access Communications 108

Security Affairs

SEPTEMBER 18, 2020

Singapore, 09/18/2020 — Group-IB , a global threat hunting and intelligence company headquartered in Singapore, evidenced the transformation of the threat portfolio over the first half of 2020. Secure web- phishing. Opened email lets spy in.

Phishing 102

Phishing Ransomware Data collection Sales 102

Security Affairs

DECEMBER 13, 2020

Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 293 appeared first on Security Affairs. A new round of the weekly SecurityAffairs newsletter arrived! Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

Security 89

Security Computer and Electronics Ransomware Education 89

Security Affairs

JUNE 15, 2023

organizations since 2020. organizations since 2020. The group targeted municipal governments, county governments, public higher education and K-12 schools, and emergency services (e.g., The date of data publication on the leak sites may be months after LockBit affiliates actually executed ransomware attacks.

Ransomware 87

Ransomware Cybersecurity Agriculture Education 87

Security Affairs

NOVEMBER 26, 2020

discloses a ransomware attack that took place in September 2020. revealed that a ransomware attack hit its systems in September 2020. “On September 14, 2020, USF experienced an IT security event [.] “On September 14, 2020, USF experienced an IT security event [.] Pierluigi Paganini.

Ransomware 140

Ransomware Data breaches Encryption Security 140

Hunton Privacy

OCTOBER 19, 2022

On October 12, 2022, New York Attorney General Letitia James announced that her office had secured a $1.9 million penalty from e-commerce retailer Zoetop, owner of SHEIN and ROMWE, following an improperly handled data breach. In addition, in 2020, Zoetop learned ROMWE login credentials were available on the dark web.

Data breaches 64

Data breaches Passwords Retail Cybersecurity 64

IT Governance

JUNE 1, 2023

Welcome to our new-look list of data breaches and cyber attacks. On this page, you will find all our usual information breaking down the month’s security incidents. So, each month, we’ll update this page with the latest figures and links, so be sure to bookmark it to keep an eye out for the latest data breach news.

Data breaches 122

Data breaches Insurance Personal data Ransomware 122

Security Affairs

APRIL 26, 2020

The best news of the week with Security Affairs. The post Security Affairs newsletter Round 261 appeared first on Security Affairs. A new round of the weekly newsletter arrived! Please give me your vote for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERS [link]. Pierluigi Paganini.

Security 92

Security Ransomware Sales Government 92

Security Affairs

MAY 27, 2020

The updated Grandoreiro Malware equipped with latenbot-C2 features in Q2 2020 now extended to Portuguese banks. Cybercriminals attempt to compromise computers to generate revenue by exfiltrating information from victims’ devices, typically banking-related information. Figure 1: Grandoreiro email template Q2 2020 (Portugal).

Communications 66

Communications Archiving Access IT 66

Security Affairs

MAY 13, 2020

“On May 12, 2020, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Defense (DoD) released three Malware Analysis Reports (MARs) on malware variants used by the North Korean government.” May 12, 2020: Malware Analysis Report (1028834-1.v1)

Analytics 115

Analytics Government Cybersecurity Authentication 115

Hunton Privacy

SEPTEMBER 22, 2023

On September 15, 2023, the Irish Data Protection Commission (the “DPC”) announced a fine of 345 million Euros against TikTok Technology Limited (“TikTok”) for non-compliance with GDPR rules regarding the processing of personal data of child users.

GDPR 72

GDPR Privacy Personal data Compliance 72

Security Affairs

JANUARY 12, 2021

Security firm Bitdefender released a tool that allows victims of the Darkside ransomware to recover their files without paying the ransom. Good news for the victims of the Darkside ransomware , they could recover their files for free using a tool that was released by the security firm Bitdefender. Pierluigi Paganini.

Ransomware 114

Ransomware Encryption Security IT 114

Security Affairs

JANUARY 25, 2024

The group is known for the SolarWinds supply chain attack that in 2020 hit more than 18,000 customer organizations, including Microsoft. HPE became aware of the intrusion on December 2023 and immediately launched an investigation into the security breach with the help of external cybersecurity experts. reads the document.

Passwords 110

Passwords Cybersecurity Access Marketing 110

Security Affairs

JUNE 11, 2021

Experts spotted a new mysterious malware that was used to collect a huge amount of data, including sensitive files, credentials, and cookies. terabyte of stolen data. Threat actors used custom malware to steal data from 3.2 million Windows systems between 2018 and 2020. “The data was collected from 3.25

Computer and Electronics 111

Computer and Electronics Archiving Encryption Passwords 111

Security Affairs

NOVEMBER 27, 2020

The compilation contains 49,577 IP addresses vulnerable to Fortinet SSL VPN CVE-2018-13379 , according to Bank Security, who first noticed the leak on Twitter. link] — Bank Security (@Bank_Security) November 20, 2020. link] pic.twitter.com/YYWpI1NUaC — Bank Security (@Bank_Security) November 24, 2020.

Passwords 139

Passwords Access Security Information Security 139

IT Governance

NOVEMBER 23, 2023

The financial sector is quite heavily regulated, and involves a lot of confidential data. You’d therefore expect that the sector fares better at data security than your average organisation. In fact, in 2020–2022, the financial sector was the second-most attacked sector, topped only by the retail and manufacturing sector.

Risk 104

Risk Data breaches Authentication Financial Services 104

Security Affairs

JANUARY 21, 2020

The US-based children’s clothing maker Hanna Andersson has disclosed a data breach that affected its customers. The US-based children’s clothing maker and online retailer Hanna Andersson discloses a data breach, attackers planted an e-skimmer on its e-commerce platform. Hannah Anderson was breached.

Data breaches 104

Data breaches Retail Cloud Insurance 104

IT Governance

DECEMBER 18, 2017

With the number of data breaches increasing every year, they are now a huge issue for organisations. 46% of all UK businesses identified at least one cyber breach in the past 12 months and it’s been predicted that a quarter of the world’s population will have been affected by a data breach by 2020.

Data breaches 85

Data breaches Information Security GDPR Risk 85

eSecurity Planet

DECEMBER 3, 2021

Here are the top Twitter accounts to follow for the latest commentary, research, and much-needed humor in the ever-evolving information security space. Security enthusiast and Linux evangelist Binni Shah consistently offers valuable tutorials, guides, and insights for the cybersecurity community. Binni Shah | @binitamshah.

Cybersecurity 139

Cybersecurity e-Discovery Passwords Information Security 139

Security Affairs

FEBRUARY 21, 2024

According to the press release published by the Department of State , the Lockbit ransomware operators carried out over 2,000 attacks against victims worldwide since January 2020. LockBit had a bespoke data exfiltration tool, known as Stealbit, which was used by affiliates to steal victim data. reads the NCA’s announcement. “The

Energy and Utilities 88

Energy and Utilities Ransomware Agriculture Manufacturing 88

Security Affairs

SEPTEMBER 17, 2023

According to a report published by blockchain cyber security firm Elliptic, in the past 104 days, the North Korea-linked APT group Lazarus has stolen most of $240 million in crypto assets from multiple businesses, including Atomic Wallet ($100m), CoinsPaid ($37.3M), Alphapo ($60M), and Stake.com ($41M). . ” reads the report.

Blockchain 113

Blockchain Phishing Security IT 113