IT Governance

OCTOBER 31, 2023

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Data has been exfiltrated, but we don’t know how much. The data controller of the breached data is currently unclear. Records breached: Unknown.

Data Privacy 52

Data Privacy Privacy Data breaches Security 52

Security Affairs

OCTOBER 31, 2023

Researchers publicly released the exploit code for the critical Cisco IOS XE vulnerability tracked as CVE-2023-20198. ai publicly released the exploit code for the critical Cisco IOS XE vulnerability tracked as CVE-2023-20198. We’ve developed a Proof of Concept for CVE-2023-20198 in #Cisco IOS XE.

Honeypots 123

Honeypots Authentication Access Security 123

Security Affairs

NOVEMBER 13, 2023

The LockBit ransomware group published data allegedly stolen from the aerospace giant Boeing in a recent attack. The gang claims to have stolen a huge amount of sensitive data from the company and threatens to publish it if Boeing does not contact them within the initial deadline (02 Nov, 2023 13:25:39 UTC, later postponed to 10 Nov, 2023).

Ransomware 115

Ransomware Authentication Manufacturing Sales 115

Security Affairs

DECEMBER 19, 2023

Comcast’s Xfinity discloses a data breach after a cyber attack hit the company by exploiting the CitrixBleed vulnerability. Comcast’s Xfinity is notifying its customers about the compromise of their data in a cyberattack that involved the exploitation of the CitrixBleed flaw. ” reads the notice of a security incident.

Authentication 105

Authentication Passwords Data breaches Communications 105

Krebs on Security

MARCH 12, 2024

Apple and Microsoft recently released software updates to fix dozens of security holes in their operating systems. Meanwhile, Apple’s new macOS Sonoma addresses at least 68 security weaknesses, and its latest update for iOS fixes two zero-day flaws. The security updates are available in iOS 17.4 , iPadOS 17.4 , and iOS 16.7.6.

Authentication 247

Authentication Phishing Passwords Security 247

IT Governance

JUNE 21, 2023

According to a Digital Guardian report , 90% of data breaches are caused by phishing, while Venari Security found that organisations lose approximately $181 (£150) for each piece of personal information stolen in online scams. In this example, seen by MailGuard , the message appears to be a security alert from Netflix.

Phishing 52

Phishing Passwords Authentication Data breaches 52

Security Affairs

MARCH 16, 2024

Unemployment agency France Travail (Pôle Emploi) recently suffered a data breach that could impact 43 million people. On August 2023, the French government employment agency Pôle emploi suffered a data breach and notified 10 million individuals impacted by the security breach.

Data breaches 107

Data breaches Personal data Ransomware GDPR 107

Security Affairs

OCTOBER 18, 2023

Experts reported that the vulnerability CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices has been exploited in attacks since late August. On October 10, Citrix published a security bulletin related to a critical vulnerability, tracked as CVE-2023-4966, in Citrix NetScaler ADC/Gateway devices. ” reported Citrix.

Authentication 94

Authentication Access Cloud Risk 94

Security Affairs

MARCH 14, 2024

The ransomware attack that hit the systems of Nissan Oceania in December 2023 impacted roughly 100,000 individuals. Nissan Oceania, the regional division of the multinational carmaker, announced in December 2023 that it had suffered a cyber attack and launched an investigation into the incident.

Data breaches 92

Data breaches Financial Services Ransomware Government 92

IT Governance

APRIL 29, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Data scraping or web scraping is a typically automated process that extracts information from websites, allowing criminals to compile datasets containing personal information.

Data Privacy 94

Data Privacy Privacy Manufacturing Security 94

Security Affairs

OCTOBER 26, 2023

On August 10, 2023, the Japanese maker of watches Seiko disclosed a data breach following a cyber attack. Seiko Group Corporation (hereinafter referred to as “the Company” or “we”) has confirmed that on July 28th of this year, the Company suffered a possible data breach.

Data breaches 124

Data breaches Ransomware Personal data Cybersecurity 124

Security Affairs

NOVEMBER 12, 2023

The State of Maine disclosed a data breach that impacted about 1.3 The Government organization disclosed a data breach that impacted about 1.3 The Government organization disclosed a data breach that impacted about 1.3 The security breach took place in the State between May 28, 2023, and May 29, 2023.

Data breaches 107

Data breaches Insurance Education Cybersecurity 107

IT Governance

FEBRUARY 5, 2024

29,530,829,012 known records breached so far in 4,645 publicly disclosed incidents Welcome to our 2024 data breaches and cyber attacks page, where you can find an overview of the year’s top security incidents, the most breached sectors of 2024, month-on-month trends, links to our monthly reports, and much more. Where ‘up to’, etc.

Data breaches 112

Data breaches Security Government Personal data 112

Security Affairs

JUNE 18, 2023

government announced up to a $10 million bounty for information linking the Clop ransomware gang to a foreign government. The US goverment is offering up to a $10 million bounty for information linking CL0P Ransomware Gang or any other threat actors targeting U.S. critical infrastructure to a foreign government.

Ransomware 87

Ransomware Government Encryption Access 87

Security Affairs

AUGUST 24, 2023

The FBI warned that patches for a critical Barracuda ESG flaw CVE-2023-2868 are “ineffective” and patched appliances are still being hacked. The Federal Bureau of Investigation warned that security patches for critical vulnerability CVE-2023-2868 in Barracuda Email Security Gateway (ESG) are “ineffective.”

Access 79

Access Phishing Security Cybersecurity 79

Security Affairs

NOVEMBER 10, 2023

McLaren Health Care (McLaren) experienced a data breach that compromised the sensitive personal information of approximately 2.2 McLaren Health Care (McLaren) disclosed a data breach that occurred between late July and August. The security breach exposed the sensitive personal information of 2,192,515 people.

Data breaches 106

Data breaches Ransomware Insurance Manufacturing 106

Security Affairs

MAY 14, 2024

The Singing River Health System revealed that the ransomware attack that hit the organization in August 2023 impacted 895,204 people. At the end of August 2023, the systems at three hospitals and other medical facilities operated by Singing River Health System (SRHS) were hit by a Rhysida ransomware attack.

Ransomware 92

Ransomware Data breaches Insurance Paper 92

Hunton Privacy

NOVEMBER 15, 2023

Patrick Gunning from King & Wood Mallesons reports that, on November 2, 2023, the Australian Information Commissioner filed proceedings in the Federal Court of Australia against Australian Clinical Labs Limited seeking a civil penalty ( i.e. , a fine) in connection with the company’s response to a data breach that occurred in February 2022.

Data breaches 128

Data breaches Privacy Risk Information Security 128

Security Affairs

NOVEMBER 23, 2023

Healthcare services provider Welltok disclosed a data breach that impacted nearly 8.5 It provides a platform that leverages data-driven insights to engage individuals in their health and well-being. The company disclosed a data breach that exposed the personal data of nearly 8.5 million patients in the U.S.

Data breaches 91

Data breaches Insurance Ransomware Education 91

IT Governance

JUNE 8, 2023

We’ve looked at sources such as IBM’s Cost of a Data Breach Report , Verizon’s 2023 DBIR (Data Breaches and Investigations Report) and Proofpoint’s The State of Phishing report , and found 50 essential stats to reveal the threat that phishing plays – plus we have an extra statistic to explain how you can prevent attacks.

Phishing 111

Phishing Data breaches Communications Government 111

Security Affairs

JUNE 25, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security 89

Security Military Ransomware Cybersecurity 89

Security Affairs

MAY 21, 2024

CISA adds NextGen Healthcare Mirth Connect deserialization of untrusted data vulnerability to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added a NextGen Healthcare Mirth Connect vulnerability to its Known Exploited Vulnerabilities (KEV) catalog.

IT 94

IT Data structuring Cybersecurity Risk 94

Security Affairs

JUNE 12, 2023

The attack took place earlier this year, the attackers have exploited the GoAnywhere zero-day vulnerability tracked as CVE-2023-0669. On March 24, 2023, ITx completed its initial review of the logs provided to it by Fortra. ITx began notifying potentially affected data owners on April 11, 2023.”

Data breaches 86

Data breaches Ransomware Insurance Data Privacy 86

Security Affairs

DECEMBER 17, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security 80

Security Data breaches Ransomware Artificial Intelligence 80

Security Affairs

MAY 9, 2023

Sysco, the global food distribution giant, disclosed a data breach, the compromised data includes customer and employee data. BleepingComputer, who has seen an internal memo sent to employees on May 3, first reported that threat actors may have had access to customer and supplier data in the U.S. We are in the final!

Data breaches 80

Data breaches Cybersecurity Personal data Marketing 80

Security Affairs

JUNE 11, 2023

Every week the best security articles from Security Affairs are free for you in your email box. Experts found new MOVEit Transfer SQL Injection flaws The University of Manchester suffered a cyber attack and suspects a data breach Russians charged with hacking Mt. A new round of the weekly SecurityAffairs newsletter arrived!

Healthcare 90

Healthcare Security Ransomware Data breaches 90

Thales Cloud Protection & Licensing

JANUARY 10, 2024

Navigating the EU-US Data Protection Framework sparsh Thu, 01/11/2024 - 05:26 On 10 July 2023, the European Commission adopted a new adequacy decision regarding the Data Privacy Framework (“DPF”). However, European organizations need to dive with eyes wide open when transferring personal data to the US under the DPF.

Data Privacy 83

Data Privacy Personal data Privacy Cloud 83

Security Affairs

DECEMBER 6, 2023

Atlassian released security patches to address four critical remote code execution vulnerabilities in its products. Multiple Atlassian Data Center and Server Products use the SnakeYAML library for Java, which is susceptible to a deserialization flaw that can lead to RCE (Remote Code Execution). and later.

IT 105

IT Libraries Security Information Security 105

Security Affairs

APRIL 28, 2024

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security 95

Security Data breaches Ransomware Mining 95

Security Affairs

NOVEMBER 23, 2023

American retailer and distributor of automotive parts and accessories AutoZone discloses a data breach after a MOVEit attack. AutoZone disclosed a data breach resulting from the hack of their MOVEit Transfer installation. Based on that analysis, we have determined that certain of your information was included in those files.”

Data breaches 108

Data breaches Retail Education Ransomware 108

Security Affairs

OCTOBER 15, 2023

The gang also published a sample as proof of the stolen data. The popular researcher Brett Callow states that far this year, 29 US health systems with 90 hospitals between them have been impacted by #ransomware, and at least 23/29 had data stolen. Stats for 2022 in the link. Other ransomware attacks recently hit US hospitals.

Ransomware 121

Ransomware Encryption Data breaches IT 121

Security Affairs

OCTOBER 23, 2023

Cisco found a second IOS XE zero-day vulnerability, tracked as CVE-2023-20273, which is actively exploited in attacks in the wild. Cisco last week warned customers of a zero-day vulnerability, tracked as CVE-2023-20198 (CVSS score 10), in its IOS XE Software that is actively exploited in attacks.

Access 113

Access Passwords IT Security 113

Data Protection Report

APRIL 30, 2024

The claims related to the company’s sharing personal data without consumer consent and making it very difficult for consumers to cancel their subscriptions to this telehealth service. As indicated in the paragraph quoted above, the company collected some very sensitive personal information.

Personal data 85

Personal data Privacy Information governance Compliance 85

Security Affairs

AUGUST 6, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security 78

Security Military Phishing Sales 78

Security Affairs

MARCH 4, 2023

The Play ransomware gang has finally begun to leak the data stolen from the City of Oakland in a recent attack. The Play ransomware gang has begun to leak data they have stolen from the City of Oakland (California) in a recent cyberattack. “Private and personal confidential data, financial information.

Ransomware 85

Ransomware Archiving Security IT 85

Security Affairs

MAY 14, 2023

Every week the best security articles from Security Affairs are free for you in your email box. Nominate Pierluigi Paganini and Security Affairs here here: [link] Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. We are in the final !

Security 89

Security Data breaches Ransomware Artificial Intelligence 89

The Last Watchdog

AUGUST 1, 2023

1, 2023– AppViewX , a leader in automated machine identity management (MIM) and application infrastructure security, today announced the results of a research study conducted by Enterprise Management Associates (EMA) on SSL/TLS Certificate Security. New York, NY, Aug.

Risk 100

Risk Compliance Security Information Security 100