Security Affairs

NOVEMBER 18, 2024

telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures. The US agencies confirmed that Chinese threat actors had compromised the private communications of a “limited number” of government officials following the compromise of multiple U.S.

Mobile 112

Mobile Telecommunications Data breaches Hacking 112

BH Consulting

MARCH 26, 2025

In a presentation titled Digital governance for boards and senior executives: AI, cybersecurity, and privacy , she called on her extensive experience advising boards on these areas. Boards and senior executives face several questions about how best to approach the challenges of cybersecurity, privacy, and AI governance.

Government 52

Government Artificial Intelligence Risk Digital transformation 52

Security Affairs

MARCH 21, 2025

The company exclusively sells exploits to the Russian government and local firms. Strategic Cyber Warfare In geopolitical conflicts, access to Telegram accounts and devices could provide military and intelligence advantages, such as intercepting sensitive communications, and identifying informants. continues the announcement.

Government 144

Government Surveillance Hacking Mobile 144

Security Affairs

DECEMBER 23, 2024

Will Cathcart of WhatsApp called the ruling a major privacy victory, emphasizing accountability for spyware firms after a five-year legal battle. We spent five years presenting our case because we firmly believe that spyware companies could not hide behind immunity or avoid accountability for their unlawful actions.

Spyware 108

Spyware Surveillance Hacking Software 108

Security Affairs

NOVEMBER 15, 2024

The hackers stole 120,000 Bitcoin, and the Bitcoin value significantly dropped after the discovery of the security breach. Since the arrest of the couple, the government has seized another approximately $475 million tied to the cyber heist. Lichtenstein’s wife, Morgan, helped the man in laundering the stolen funds.

Cryptocurrency 105

Cryptocurrency Hacking Government Accountability 105

The Last Watchdog

DECEMBER 18, 2024

state privacy laws, the EUs governance of ethical AI deployment, and updated regulations in India and Japan. Similarly, software bills of materials (SBOMs) underscore the need for better accountability in third-party software. The SEC Cybersecurity Disclosure Rule highlights transparency in governance.

Cybersecurity 130

Cybersecurity CISO Risk Government 130

Malwarebytes

NOVEMBER 12, 2024

All the company’s social media accounts haven’t been updated since 2023 at the latest. Only share the personal information you absolutely have to provide with the genetic testing company. Lie if you must and create a separate free email account so the information can’t be tied to your main account.

Insurance 145

Insurance Accountability Risk Data breaches 145

Security Affairs

JUNE 24, 2025

Russia-linked cyberespionage group APT28 is targeting Ukrainian government officials using Signal chats to deliver two new types of malware, tracked as BeardShell and SlimAgent. While Signal itself remains secure, attackers are exploiting its growing popularity in official communications to make their phishing attempts more convincing.

Malware 86

Malware Encryption Phishing Government 86

Jane Frankland

JUNE 8, 2025

For decades, the Chief Information Officer (CIO) was the central authority on IT, overseeing infrastructure, systems, and digital initiatives. All three roles are now vying for ownership of overlapping domains: infrastructure, innovation, data governance, and cybersecurity. But that dominance is fading.

CISO 130

CISO Digital transformation Technology Risk 130

Security Affairs

JUNE 17, 2025

State-sponsored hackers compromised the email accounts of several journalists working at the Washington Post. A cyberattack, likely carried out by state-sponsored hackers, compromised the Microsoft email accounts of Washington Post journalists, including reporters covering China and national security.

Accountability 103

Accountability Cyber Attacks Media Hacking 103

Security Affairs

JUNE 19, 2025

With over 16 billion login records exposed, cybercriminals now have unprecedented access to personal credentials that can be used for account takeover, identity theft, and highly targeted phishing. The data, structured by URL, login, and password, targets services like Apple, Google, Facebook, Telegram, GitHub, and even government portals.

Data breaches 113

Data breaches Identity Theft Passwords Malware 113

Security Affairs

JUNE 6, 2025

The bounty is part of the US DoS’s Rewards for Justice program , which offers payouts for tips on foreign government hackers targeting U.S. The cybersecurity firm’s recommendations for malware victims are: Consult an expert : For thorough malware removal and system security, seek professional help if needed.

Malware 86

Malware Passwords Identity Theft Accountability 86

Security Affairs

MARCH 10, 2025

The governments latest action officially secures the recovered funds. Bax and Monahan found another common theme with these robberies: They all followed a similar pattern of cashing out, rapidly moving stolen funds to a dizzying number of drop accounts scattered across various cryptocurrency exchanges.” ” However.

Password Management 86

Password Management Cryptocurrency Passwords Data breaches 86

Security Affairs

JANUARY 3, 2025

“We discovered unauthorized access to our network that resulted in the unauthorized access to, or acquisition of, certain files by an unauthorized actor.

Data breaches 75

Data breaches Ransomware Insurance Healthcare 75

Webroot

MARCH 3, 2025

During this time, many government agencies and consumer protection organizations come together to help educate consumers on how to keep their personal and financial information secure. Secure payment methods Ensure safe processing of financial transactions.

Consumer Protection 99

Consumer Protection Identity Theft Scams Social Engineering 99

SecureList

FEBRUARY 20, 2025

Kaspersky MDR customers by region Distribution of incidents by industry In 2024, the MDR team observed the highest number of incidents in the industrial (25.7%), financial (14.1%), and government (11.7%) sectors. in government, 17.8% However, if we consider only high-severity incidents, the distribution is somewhat different: 22.8%

Social Engineering 101

Social Engineering Phishing Government Threat Detection 101

Security Affairs

JANUARY 11, 2025

After discovering the security breach, the company investigated the incident and notified law enforcement. “On November 20, 2024, we were notified by a vendor of point-of-sale processing services for some of our retail locations that accounts with their organization had been compromised by an organized cybercrime group.”

Data breaches 111

Data breaches Retail Cybercrime Government 111

Security Affairs

OCTOBER 20, 2024

CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog North Korea-linked APT37 exploited IE zero-day in a recent attack Omni Family Health data breach impacts 468,344 individuals Iran-linked actors target critical infrastructure organizations macOS HM Surf flaw in TCC allows bypass Safari privacy settings Two Sudanese (..)

Data breaches 116

Data breaches Cybercrime Cyber Insurance Marketing 116

Security Affairs

OCTOBER 23, 2024

As organizations deal with such high volumes of dark and unstructured data, most of this data contains sensitive information , making it a primary target for data breach attacks. Consequently, organizations face various security, governance, privacy, and compliance risks. Today, data is not limited to on-premise or data stores.

Data privacy 124

Data privacy Unstructured Data Risk Data breaches 124

Security Affairs

DECEMBER 17, 2024

One of these virtual private servers was exclusively employed in attacks against entities across Taiwan, including commercial firms and at least one municipal government organization. The threat actor hosted newly compiled malware on different procured virtual private servers (VPSs). Another VPS node was used to target a U.S.

Architecture 107

Architecture Malware IoT Internet 107

Security Affairs

DECEMBER 10, 2024

A month earlier, Dubai and Abu Dhabi Police warned citizens not to share their confidential information, including their account, card details or online banking credentials. The actors became more creative.

Phishing 110

Phishing Social Engineering Banking DNS 110

The Last Watchdog

MAY 13, 2025

Related: How real people are really using GenAI Todays Chief Information Security Officers (CISOs) operate in a pressure cooker: responsible for protecting critical assets, expected to show up in the boardroom with fluency, yet rarely granted the authority, resources or organizational alignment to succeed. Its not a people problem.

CISO 130

CISO Risk Cybersecurity Government 130

Security Affairs

MARCH 25, 2025

Ukrzaliznytsia is investigating the attack and restoring the affected systems with the help of the Cyber Department of the Security Service of Ukraine. Source: Daryna Antoniuk’s X account “The online systems of Ukrzaliznytsia suffered a large-scale targeted cyberattack. ” reads the statement published by the company.

Backups 116

Backups Cyber Attacks Media Hacking 116

Security Affairs

OCTOBER 13, 2024

Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches 115

Data breaches Cryptocurrency Cybercrime Artificial Intelligence 115

Security Affairs

APRIL 11, 2025

“The specific information involved is not the same for everyone.” Health Insurance Information: This may encompass plan name, plan type, insurance companies, and member/group ID numbers. For LSC workers, the breach may also include information about their dependents or beneficiaries, if such details were provided to LSC.

Data breaches 95

Data breaches Insurance Banking Accountability 95

Security Affairs

NOVEMBER 18, 2024

government surveillance. Amazon: €746 Million ($781 Million), 2021 In 2021, Amazon received a hefty fine for failing to secure proper consent for advertising cookies. Continuous Monitoring : Keep track of your data flows and security measures to ensure compliance. After the invalidation of the EU-U.S.

Data privacy 127

Data privacy Risk Surveillance Government 127

Security Affairs

DECEMBER 29, 2024

” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,data breach)

Data breaches 80

Data breaches Computers and Electronics Hacking Wireless 80

SecureWorld News

JULY 9, 2025

State Department employees and reported by The Washington Post , the impersonator used a Signal account with the display name "Marco.Rubio@state.gov," reaching out to diplomats and high-ranking government officials. The imposter was able to use publicly available information to create realistic messages.

Government 72

Government Authentication Risk Technology 72

Security Affairs

APRIL 4, 2025

. “The Ukrainian government’s computer emergency response team, CERT-UA, is taking systematic measures to accumulate and analyze data on cyber incidents in order to provide up-to-date information on cyber threats.” ” Since fall 2024, threat actor used compromised accounts to send emails with links (e.g.,

Malware 72

Malware Cyber threats Government Hacking 72

Security Affairs

APRIL 22, 2025

Card systems at government offices are down, so only cash, checks, or online card payments are accepted. “Due to system issues, we will not shut off past-due accounts.“ The City confirmed the security incident and worked to recover from the ransomware attack that impacted its services, including the police department.

Ransomware 106

Ransomware Government Hacking Accountability 106

Security Affairs

MARCH 26, 2025

Victims included organizations from different segments, including electronics, academia, religious organizations, defense, healthcare, technology, IT/MSP vendors, and government agencies. Resecurity identified 8 associated MEGA accounts used by the group to manage stolen victims data.

Ransomware 76

Ransomware Cybersecurity Healthcare Accountability 76

Security Boulevard

FEBRUARY 14, 2025

government is urging software makers to adopt secure application-development practices that help prevent buffer overflow attacks. Source: 138 webinar attendees polled by Tenable, February 2025) Interested in learning how Tenables security team uses Tenable Cloud Security to safeguard our cloud environments?

Banking 65

Banking Cybercrime Cybersecurity Ransomware 65

Centraleyes

DECEMBER 11, 2024

Governments and regulatory authorities may also mandate compliance with IATA standards to align with broader cybersecurity strategies. Implementation of Security Controls: Controls based on standards such as ISO 27001 or NIST Cybersecurity Framework 2.0 Background and Relevance Who Requires It? and the EU Cybersecurity Act.

Risk 52

Risk Penetration Testing Cybersecurity Digital transformation 52

Security Affairs

MAY 21, 2025

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. Threat actors also used voice phishing to target privileged accounts.

Technology 75

Technology Malware Phishing Government 75

SecureWorld News

NOVEMBER 14, 2024

The 99% do not have the resources and funding to be able to protect themselves," said Rick Doten , VP, Information Security, Centene Corporation, a publicly traded managed care company based in St. Legal consequences: Data breaches involving health-related information can result in legal consequences for healthcare organizations.

Healthcare 120

Healthcare Ransomware Identity Theft Data breaches 120

Lenny Zeltser

FEBRUARY 10, 2025

Outcomes, Automation, and AI Experimentation As CISOs, we feel more personally responsible, accountable, and liable than ever, considering the government's treatment of data breaches in the recent years. Below are three specific trends to keep in mind as we manage the complexities, challenges, and opportunities of the CISO role.

CISO 58

CISO Technology Risk Data breaches 58

Security Affairs

MARCH 3, 2025

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the frames buffer in uvc_parse_streaming. reads the advisory.

Hacking 67

Hacking Spyware Technology Surveillance 67