Malwarebytes

APRIL 23, 2024

In the update, the company revealed the scale of the breach, saying: “Based on initial targeted data sampling to date, the company has found files containing protected health information (PHI) or personally identifiable information (PII), which could cover a substantial proportion of people in America.” Watch out for fake vendors.

Healthcare 83

Healthcare Identity Theft Passwords Data breaches 83

Adam Levin

APRIL 18, 2019

Facebook announced that it “unintentionally” harvested the email contacts of 1.5 The social media company automatically uploaded the information from users who had registered with the site after 2016 and provided their email addresses and passwords. million people’s email contacts may have been uploaded.

Passwords 205

Passwords Accountability Media Identity Theft 205

Krebs on Security

DECEMBER 13, 2022

Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. InfraGard , a program run by the U.S.

Hacking 359

Hacking Energy and Utilities Cybercrime Accountability 359

Security Affairs

JANUARY 25, 2024

Cisco addressed a critical flaw in its Unified Communications and Contact Center Solutions products that could lead to remote code execution. Cisco released security patches to address a critical vulnerability, tracked as CVE-2024-20253 (CVSS score of 9.9), impacting multiple Unified Communications and Contact Center Solutions products.

Hacking 124

Hacking Information Security 124

Krebs on Security

SEPTEMBER 20, 2021

In a bid to minimize these scenarios, a growing number of major companies are adopting “ Security.txt ,” a proposed new Internet standard that helps organizations describe their vulnerability disclosure practices and preferences. An example of a security.txt file. well-known/security.txt. ” GET READY TO BE DELUGED.

Retail 298

Retail Healthcare Internet Internet 298

Security Affairs

JANUARY 10, 2024

The company immediately launched an investigation into the incident and discovered that threat actors in August gained access to a company server and stolen unencrypted files. The company recommends that impacted individuals monitor account statements, explanations of benefits, and credit bureau reports.

Data breaches 110

Data breaches Healthcare Hacking Accountability 110

Security Affairs

OCTOBER 27, 2023

The Boeing Company, commonly known as Boeing, is one of the world’s largest aerospace manufacturers and defense contractors. The gang claims to have stolen a huge amount of sensitive data from the company and threatens to publish it if Boeing does not contact them within the deadline (02 Nov, 2023 13:25:39 UTC).

Ransomware 135

Ransomware Manufacturing InfoSec Hacking 135

Security Affairs

SEPTEMBER 17, 2023

According to the statement published on the CardX official website on September 15th, the company experienced a cybersecurity incident that exposed personal information related to personal loan and cash card applications. The company assures that this information cannot be used for financial transactions.

Banking 131

Banking Cybersecurity Accountability Hacking 131

The Hacker News

SEPTEMBER 29, 2023

The North Korea-linked Lazarus Group has been linked to a cyber espionage attack targeting an unnamed aerospace company in Spain in which employees of the firm were approached by the threat actor posing as a recruiter for Meta.

107

107

Security Affairs

MARCH 12, 2024

In practice, fake insurance operators contact victims through calls, messages, or sponsorships on social networks, offering policies at advantageous prices. After the first contact via instant messaging channels, further documents are then requested and a quote is provided.

Insurance 106

Insurance Scams Education Engineering 106

Krebs on Security

MARCH 23, 2021

The phishers had access for more than 24 hours, and sources tell KrebsOnSecurity the intruders used that time to steal Social Security numbers and sensitive files on thousands of state workers, and to send targeted phishing messages to at least 9,000 other workers and their contacts. Source: sco.ca.gov. .

Phishing 270

Phishing Data breaches Accountability Technology 270

Joseph Steinberg

OCTOBER 24, 2022

million customers; the hacker has even offered to show the stolen data pertaining to 100 customers as evidence of their successfully having breached the company. million customers; the hacker has even offered to show the stolen data pertaining to 100 customers as evidence of their successfully having breached the company.

Cybersecurity 338

Cybersecurity Social Engineering Artificial Intelligence Scams 338

Malwarebytes

NOVEMBER 16, 2023

An alarm system company that allows those in need to ask for help at the touch of a button has suffered a cyberattack, causing serious disruption. It has engaged a specialized cybersecurity company to investigate the situation. Some Android phones offer the option to add emergency contacts. This will need to be done first.

Healthcare 116

Healthcare Risk Mobile Cybersecurity 116

Security Affairs

APRIL 10, 2024

A ransomware group contacted the organization claiming the theft of data. Our discovery was confirmed when the attacker, a foreign ransomware gang, contacted GHC-SCW claiming responsibility for the attack and stealing our data,” continues the notification letter.

Data breaches 120

Data breaches Ransomware Insurance Encryption 120

Krebs on Security

MARCH 20, 2024

The site offers to sell a report containing photos, police records, background checks, civil judgments, contact information “and much more!” ” Imagine that: Two different people-search companies mentioned in the same story about fantasy football. How many more fake companies and profiles are connected to this scheme?

Marketing 240

Marketing Technology Data privacy Advertising 240

The Hacker News

DECEMBER 16, 2023

MongoDB on Saturday disclosed it's actively investigating a security incident that has led to unauthorized access to "certain" corporate systems, resulting in the exposure of customer account metadata and contact information.

Accountability 100

Accountability Software 100

Malwarebytes

MARCH 25, 2024

In a filing with the Securities and Exchanges Commission (SEC) , parent company V.F. It is unclear whether VF Corporation was able to use the decryptor made available after law enforcement seized control of ALPHV’s infrastructure, even though ALPHV reportedly claimed that the company tried to obtain a decryptor from law enforcement.

Data breaches 110

Data breaches Phishing Identity Theft Passwords 110

CyberSecurity Insiders

MARCH 20, 2023

The company immediately pulled down the compromised servers from the corporate computer network and began remediation efforts. However, the company did not find any evidence that the leaked info accessed, stolen or misused by the threat actors were being misused. that’s great! Ferrari S.p.A

Ransomware 116

Ransomware Scams Data breaches Banking 116

Security Affairs

APRIL 8, 2024

The company announced that it deleted DOJ data from its systems after the incident. According to the data breach notification sent by Greylock McKinnon Associates to the Main Attorney General, the company was the victim of a sophisticated cyberattack. The data breach occurred on May 30, 2023, and was discovered on February 7, 2024.

Data breaches 118

Data breaches Identity Theft Insurance Hacking 118

Security Affairs

OCTOBER 27, 2023

Cybernews contacted the company for an official comment but received no reply at the time of writing. In 2018, business magazine Fast Company selected the company as one of the Top 50 Most Innovative Companies in the World. Launched nine years ago, the New York-based platform has publicly raised $56.5

Authentication 112

Authentication Engineering Passwords Software 112

Malwarebytes

APRIL 2, 2024

In its latest statement, the company confirmed that the leak contained “AT&T data-specific fields,” but said it had not yet determined the source of that data. In a separate statement, the company also said it is reaching out to the people affected by the breach. The thieves may contact you posing as the vendor.

Data breaches 144

Data breaches Passwords Phishing Accountability 144

Security Boulevard

FEBRUARY 8, 2022

A contact form for customer inquiries is one of the most common features present on the websites of most companies. It provides an easy way for prospective customers to get in touch with the company. The post How contact forms can be exploited to conduct large scale phishing activity?

Phishing 98

Phishing 98

Malwarebytes

APRIL 18, 2024

The UK’s Metropolitan Police (“The Met”), which spearheaded the operation, says it has already contacted the criminals who used the site : Shortly after the platform was disrupted, 800 users received a message telling them we know who they are and what they’ve been doing.

Phishing 67

Phishing Passwords Authentication Cybercrime 67

Malwarebytes

JANUARY 15, 2024

In November 2023, real estate services company Fidelity National Financial (FNF) got its systems knocked offline for a week after a cyberincident. Form 8-K is known as a “current report” and it is the report that companies must file with the SEC to announce major events that shareholders should know about. Watch out for fake vendors.

Data breaches 97

Data breaches Identity Theft Passwords Ransomware 97

Security Affairs

NOVEMBER 2, 2023

Boeing confirmed it is facing a cyber incident that hit its global services division, the company pointed out that flight safety isn’t affected. The Boeing Company, commonly known as Boeing, is one of the world’s largest aerospace manufacturers and defense contractors. In 2022, Boeing recorded $66.61

Manufacturing 111

Manufacturing Ransomware Cybercrime Hacking 111

Malwarebytes

DECEMBER 19, 2023

A major mortgage and loan company based in Dallas, working under the name Mr. Cooper Group Inc. In a data breach notification , the company didn’t say what type of cyberattack caused the compromise of customer data, calling it a rather non-descriptive “External system breach (hacking).” Watch out for fake vendors.

Data breaches 116

Data breaches Identity Theft Passwords Phishing 116

Malwarebytes

DECEMBER 21, 2023

For some customers, other personal information may have been exposed, such as names, contact information, the last four digits of social security numbers, dates of birth, and secret questions combined with answers. Although you would expect a large company like Comcast to have some type of vulnerability and patch management deployed.

Data breaches 104

Data breaches Passwords Identity Theft Phishing 104

Security Affairs

JANUARY 30, 2024

Schneider Electric is a multinational company that specializes in energy management, industrial automation, and digital transformation. BleepingComputer first reported the attack that hit the Sustainability Business division of the company on January 17th. BleepingComputer contacted Schneider Electric which confirmed the data breach.

Ransomware 129

Ransomware Hacking Data breaches Digital transformation 129

Security Affairs

SEPTEMBER 30, 2023

Exposed records include customers’ names, addresses, dates of reservation, payment method, and contact information. TB) containing names, addresses, dates of reservation, payment method, and contact information. We are giving you 5 days before a catastrophe occurs for your company.”

Hacking 121

Hacking Ransomware Manufacturing Media 121

The Hacker News

AUGUST 25, 2023

The incident, which took place on August 19, 2023, targeted the employee's T-Mobile account, the company said. Specifically, T-Mobile, without any authority from or contact with Kroll or its employee, transferred that employee's phone

Data breaches 93

Data breaches Mobile Accountability Risk 93

Malwarebytes

MARCH 20, 2024

Data breaches are great for scammers because they can contact you pretending to be from the (in this case alleged) breached company. If you receive an email, phone call or something similar from someone claiming to be from AT&T be cautious and contact AT&T directly to check it’s real. Take your time.

Identity Theft 138

Identity Theft Data breaches Cybercrime Mobile 138

Malwarebytes

MARCH 19, 2024

A 42-year-old manager at an unnamed telecommunications company has admitted SIM swapping customers at his store. Contact the account provider if you find you no longer have access yourself. If you notice irregular transactions, contact your bank to have your account blocked and avoid further fraud.

Social Engineering 135

Social Engineering Computers and Electronics Mobile Identity Theft 135

Security Affairs

DECEMBER 30, 2023

The researcher contacted the company about the leak, and the misconfiguration was promptly fixed. The company has yet to respond to a Cybernews request for an official comment on the matter. The company is registered in Hong Kong. Total exposure time was no longer than 24 hours.

Risk 118

Risk IoT Engineering Hacking 118

Security Affairs

JANUARY 28, 2024

As of 2022, the company reported an annual ridership of 10,572,100. The company disclosed that attack on January 24, it immediately launched an investigation into the incident and notified appropriate authorities. The company hired external experts to restore impacted systems. ” reads the notice published by the company.

Ransomware 108

Ransomware Data breaches Cyber Attacks Cybercrime 108

Malwarebytes

APRIL 12, 2023

Companies which can supposedly help you remove sextortion content or shut down blackmailers, offer to help those in need of assistance. These organisations may be contacted by the victims directly (for example, via adverts or search engine results) or they may make contact by another method.

Scams 85

Scams Advertising Media Engineering 85

Security Affairs

NOVEMBER 22, 2023

TmaxSoft, a Korean IT company developing and selling enterprise software has leaked over 50 million sensitive records. Our team attributed the dashboard to tmax.co.kr – a website owned by TmaxSoft, one of the Tmax brand companies. The 2 TB-strong Kibana dashboard has been exposed for over two years.

Software 112

Software Engineering Hacking Data breaches 112

Malwarebytes

MARCH 5, 2024

The company also told BleepingComputer that if a card member’s credit card is used to make fraudulent purchases, customers won’t be responsible for the charges. Make sure American Express has your correct mobile phone number and email address so the company can contact you if needed. Watch out for fake vendors.

Data breaches 103

Data breaches Passwords Accountability Identity Theft 103