Security Affairs

DECEMBER 26, 2023

Researchers at NCC Group reported that in November they observed the return of the infamous banking malware Carbanak in ransomware attacks. The cybersecurity firm NCC Group reported that in November the banking malware Carbanak was observed in ransomware attacks. ” reads the report published by NCC Group.

Ransomware 124

Ransomware Phishing Cybersecurity Access 124

Security Affairs

OCTOBER 23, 2023

billion Aadhaars issued by the UIDAI since this ID service launched in 2009, this system represents one of the largest biometric ID programs on the planet, according to a report published by think tank Brookings Institution. The PIB also said that “no breach has been reported from Aadhaar database” to date. With roughly 1.4

Sales 131

Sales e-Discovery Data breaches Risk 131

Security Affairs

JANUARY 22, 2024

Resecurity has detected a noticeable increase in data leaks from consumer-focused platforms in Thailand, confirming that threat actors are actively targeting the personal data of citizens now at the beginning of 2024. But as we step into 2024, this trend might see a change.

Data breaches 125

Data breaches Personal data Communications Government 125

Thales Cloud Protection & Licensing

NOVEMBER 20, 2023

Black Friday and Cyber Weekend: Navigating the Tumultuous Waters of Retail Cybersecurity sparsh Tue, 11/21/2023 - 05:01 As global consumers gear up for the much-anticipated shopping bonanza that is Black Friday and Cyber Weekend, retailers brace themselves for the frenzied onslaught of shoppers and the deluge of cyber threats lurking in the shadows.

Retail 83

Retail Cybersecurity Financial Services Encryption 83

Thales Cloud Protection & Licensing

APRIL 29, 2024

The Thales 2024 Trust Index report indicates that 87% of consumers expect vendors to respect their digital rights, which leads to trusted relationships. However, a relentless barrage of data breaches, ransomware attacks, and sophisticated cyber threats steadily erodes this trust.

Compliance 71

Compliance Cybersecurity Risk Manufacturing 71

Security Affairs

JULY 5, 2023

The European Union Agency for Cybersecurity (ENISA) releases its first cyber threat landscape report for the health sector. The European Union Agency for Cybersecurity (ENISA) releases today its first cyber threat landscape report for the health sector. ” reads the report.

Ransomware 94

Ransomware Healthcare Cybersecurity Risk 94

Security Affairs

SEPTEMBER 14, 2023

UK Greater Manchester Police (GMP) disclosed a data breach, threat actors had access to some of its employees’ personal information. The GMP reported that the impacted company provides its services to various UK organizations, including Greater Manchester Police.

Data breaches 118

Data breaches Ransomware Access Security 118

Security Affairs

OCTOBER 18, 2023

Google TAG reported that both Russia and China-linked threat actors are weaponizing the a high-severity vulnerability in WinRAR. Google’s Threat Analysis Group (TAG) reported that in recent weeks multiple nation-state actors were spotted exploiting the vulnerability CVE-2023-38831 in WinRAR.

Archiving 129

Archiving Security IT Data breaches 129

Security Affairs

NOVEMBER 10, 2023

Treasury market and impacted some fixed income and equities transactions “The Securities Industry and Financial Markets Association first told members on Wednesday that ICBC Financial Services had been hit by ransomware software, which paralyses computer systems unless a payment is made, several people familiar with the discussions said.”

Ransomware 109

Ransomware Financial Services Marketing Authentication 109

Krebs on Security

AUGUST 14, 2020

The company has access to a wealth of personal, financial and medical information on tens of millions of patients, including names, dates of birth, Social Security numbers, billing information and medical diagnostic data. R1 RCM declined to discuss the strain of ransomware it is battling or how it was compromised.

Ransomware 360

Ransomware Insurance Phishing IT 360

Security Affairs

MAY 4, 2024

Since April 18, Synlab Italia, a major provider of medical diagnosis services, has been experiencing disruptions due to a cyber attack. The company initially cited technical issues as the cause leading to “temporary interruption of access to computer and telephone systems and related services.” The group claimed the theft of 1.5

Ransomware 100

Ransomware Data breaches Personal data Phishing 100

Thales Cloud Protection & Licensing

JANUARY 16, 2024

Key recommendations for Financial Services to improve cybersecurity and resilience in multi-clouds madhav Wed, 01/17/2024 - 05:46 The Digital Operational Resilience Act (DORA) will apply to the EU financial sector from 17 January 2025. As set out in its Article 2, DORA applies to the entire financial services sector.

Financial Services 83

Financial Services Cloud Cybersecurity Encryption 83

The Last Watchdog

SEPTEMBER 21, 2023

Ransomware is a significant threat to businesses worldwide. Related: How Putin has weaponized ransomware In mid-March 2020, representatives from the cybersecurity website BleepingComputer contacted numerous ransomware gangs to ask if they’d continue targeting hospitals during the unprecedented COVID-19 public health threat.

Ransomware 214

Ransomware Cybersecurity Risk IT 214

Security Affairs

MARCH 11, 2024

The financially motivated hacking group Magnet Goblin uses various 1-day flaws to deploy custom malware on Windows and Linux systems. A financially motivated threat actor named Magnet Goblin made the headlines for rapidly adopting and exploiting 1-day vulnerabilities, CheckPoint warned. ” concludes the report.

Communications 111

Communications Encryption IT Security 111

IT Governance

DECEMBER 22, 2023

It can be challenging to secure your supply chain – organisations tend to simply trust that the products and services they use are safe. As a recent Trustwave report pointed out, the businesses in this sector are extremely interconnected, even by the modern world’s standards. What can financial entities do to secure their supply chain?

Risk 114

Risk Information Security Compliance GDPR 114

Security Affairs

FEBRUARY 28, 2024

Analyzing the Email Security Landscape and exploring Emerging Threats and Trends. In the ever-shifting digital arena, staying ahead of evolving threat trends is paramount for organizations aiming to safeguard their assets. Key Findings from the “Email Security in 2024” Report In an exhaustive review, VIPRE processed 7.2

Security 127

Security Phishing Communications Financial Services 127

Security Affairs

OCTOBER 1, 2023

Experts warn that the recent attack on building automation giant Johnson Controls may have exposed data of the Department of Homeland Security (DHS). Johnson Controls International plc is a multinational conglomerate with a diversified portfolio of products and services primarily focused on building technologies and solutions.

Ransomware 135

Ransomware Insurance Cybersecurity Encryption 135

Thales Cloud Protection & Licensing

MARCH 6, 2024

API Security in 2024: Imperva Report Uncovers Rising Threats and the Urgent Need for Action madhav Thu, 03/07/2024 - 04:56 APIs (Application Programming Interfaces) are the backbone of modern digital innovation. Yet, amidst this accelerated adoption of APIs comes a significant change in the threat landscape.

Security 87

Security Authentication Risk Cybersecurity 87

Security Affairs

APRIL 6, 2023

Its services are used by companies and financial institutions including BMW, Vodafone, the Australian government, Westpac, ANZ, HSBC, and Virgin Money. Data leak affected QBANK, Defence Bank, Bloom Money, Admiral Money, MA Money, and Reed. Among the leaked data, researchers found Google and Liveness API keys.

IT 93

IT Financial Services Access Risk 93

Data Matters

JANUARY 28, 2022

Within a few days, data security experts at Microsoft , Palo Alto Networks (“PANW”), and Mandiant confirmed reports of increasing Russian cyberactivity and offered their own recommendations for hardening measures (many of which overlap with the Advisory). Key Takeaways. Best Practices to Minimize Disruptions.

Cybersecurity 157

Cybersecurity Financial Services Authentication Government 157

Thales Cloud Protection & Licensing

AUGUST 31, 2022

Financial services continue to lead in cybersecurity preparedness, but chinks appear in the armor. It highlights the leadership of financial services in cybersecurity relative to other industries, but it also uncovers some surprising chinks in their cybersecurity armor. Thu, 09/01/2022 - 05:15.

Financial Services 62

Financial Services Cybersecurity Computer and Electronics Cloud 62

Security Affairs

MARCH 22, 2023

The European Union Agency for Cybersecurity (ENISA) published its first cyber threat landscape report for the transport sector. A new report published by the European Union Agency for Cybersecurity (ENISA) analyzes threats and incidents in the transport sector. ” states the report.

Ransomware 92

Ransomware Phishing Cybersecurity IT 92

Security Affairs

APRIL 5, 2023

Resecurity has recently identified the STYX Marketplace, a new cybercriminal e-commerce platform with a specialized focus on financial fraud and money laundering. This discovery illustrates the post-pandemic menace of cyber-enabled financial crime and the threat it poses to financial institutions (FIs) and their customers.

e-Discovery 89

e-Discovery Cybersecurity Compliance Risk 89

Thales Cloud Protection & Licensing

OCTOBER 2, 2023

Though significant, the early days' threats vastly differed from today's sophisticated cyberattacks. Cyber threats have evolved from poorly-written scam emails to state-sponsored attacks, ransomware onslaughts, and deepfake technologies. These methods offer greater protection against cyber threats and can be more convenient for users.

Cybersecurity 148

Cybersecurity IT Authentication Phishing 148

Security Affairs

NOVEMBER 2, 2023

Data leaks containing Aadhaar IDs in India was caused by the insecurity of 3rd parties while aggregating such information for KYC. According to experts, the leak of PII data containing Aadhaar information (and other such details) related to Indian citizens on the Dark Web creates a significant risk of digital identity theft.

Data breaches 113

Data breaches Risk Government Cloud 113

Thales Cloud Protection & Licensing

JANUARY 11, 2023

The Most Popular Data Security Webinars of 2022: Sovereignty, Cloud Security and Compliance Top the List. Throughout 2022, Thales hosted more than 40 webinars on a wide variety of cybersecurity topics, including, cloud security, data sovereignty, compliance, data threat trends, and rethinking approaches to role-based authentication.

Compliance 83

Compliance Cloud Security Financial Services 83

Security Affairs

DECEMBER 20, 2023

The investigators used INTERPOL’s Global Rapid Intervention of Payments (I-GRIP) to detect online fraudulent transactions, and then froze the associated bank and virtual asset service provider (VASP) accounts. ” said Stephen Kavanagh, INTERPOL’s Executive Director of Police Services.

Sales 107

Sales Phishing Marketing Security 107

Security Affairs

DECEMBER 26, 2023

Cybersecurity company Resecurity has published the 2024 Cyber Threat Landscape Forecast. Resecurity, a Los Angeles-based cybersecurity company protecting Fortune 100 and government agencies worldwide, has compiled a comprehensive forecast outlining the imminent threats and novel security challenges anticipated in the upcoming year.

Energy and Utilities 125

Energy and Utilities Artificial Intelligence Ransomware Data breaches 125

eSecurity Planet

JUNE 27, 2023

Security information and event management (SIEM) systems only have detections for 24 percent of the 196 techniques in MITRE ATT&CK v13, according to a new report. “This implies that adversaries can execute around 150 different techniques that will be undetected by the SIEM,” says the CardinalOps report.

Metadata 109

Metadata Financial Services Insurance Manufacturing 109

IT Governance

APRIL 3, 2023

Welcome to our March 2023 list of data breaches and cyber attacks. You can find the full list of data breaches and cyber attacks below, including our new feature in which we delve into the month’s biggest incidents in a little more detail. This suggests that it had a poor understanding of the attack and rushed to disclose the breach.

Data breaches 119

Data breaches Ransomware Phishing Government 119

Security Affairs

JUNE 13, 2023

The availability of the archive was reported by the data breach notification service Have I Been Pwned , which notified Zecks. The company attempted to downplay the security breach by telling Have I Been Pwned that threat actors only had access to encrypted passwords. ” reported HIBP. ” reported HIBP.

Data breaches 94

Data breaches Passwords Encryption Archiving 94

Thales Cloud Protection & Licensing

SEPTEMBER 18, 2023

Compliance madhav Tue, 09/19/2023 - 05:17 It is essential for any business that stores, processes, and transmits payment card information to comply with the Payment Card Industry Data Security Standard (PCI DSS). Consumers’ payment data is a compelling target for criminals who continue to circumvent IT security defenses. Requirement 3.2

Compliance 77

Compliance Financial Services Data breaches Encryption 77

Security Affairs

OCTOBER 23, 2023

The City of Philadelphia discloses a data breach that resulted from a cyber attack that took place on May 24 and that compromised City email accounts. The City of Philadelphia announced it is investigating a data breach after attackers that threat actors broke some of City email accounts containing personal and protected health information.

Data breaches 118

Data breaches Phishing Access Cybersecurity 118

Security Affairs

DECEMBER 9, 2023

Kentucky health system Norton Healthcare disclosed a data breach after it was a victim of a ransomware attack in May. Norton Healthcare disclosed a data breach after a ransomware attack that hit the organization on May 9, 2023. It is a leading provider of health services and medical care in the region.

Data breaches 124

Data breaches Ransomware Insurance Access 124

Security Affairs

SEPTEMBER 22, 2023

Air Canada, the flag carrier and largest airline of Canada, announced that threat actors had access to the personal information of some employees during a recent cyberattack. The Canada Border Services Agency (CBSA) confirmed that the attack impacted check-in kiosks and electronic gates at airports. reads the alert.

Data breaches 122

Data breaches Access Government Security 122

Security Affairs

AUGUST 5, 2022

A threat actor, tracked as TAC-040, exploited Atlassian Confluence flaw CVE-2022-26134 to deploy previously undetected Ljl Backdoor. The attackers exploited the flaw in an attack against an unnamed organization in the research and technical services sector. ” continues the report. ” continues the report.

Manufacturing 138

Manufacturing Cybersecurity IT Access 138

Security Affairs

DECEMBER 17, 2023

CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6

Security 89

Security Data breaches Ransomware Artificial Intelligence 89