Blog - Cyber Security Informer

Microsoft Data Breach Exposes Customers’ Sensitive Information

Heimadal Security

OCTOBER 20, 2022

Microsoft confirms that they have been the victim of a data breach, which allowed threat actors to gain access to the personal information of some customers. The cause of the breach seems to be a misconfigured Microsoft server accessible over the Internet, security researchers claim.

Data breaches

Data breaches Internet Internet Cybersecurity

Hackers can hack organizations using data found on their discarded enterprise network equipment

Security Affairs

APRIL 24, 2023

The experts pointed out that the data they found on the devices could be used to identify the prior owners, this information can be used by threat actors to breach their networks. Exposed corporate data and sensitive data include the maps of sensitive applications hosted locally or in the cloud.

Hacking

Hacking VPN Marketing Authentication

Kaseya Left Customer Portal Vulnerable to 2015 Flaw in its Own Software

Krebs on Security

JULY 8, 2021

Now it appears Kaseya’s customer service portal was left vulnerable until last week to a data-leaking security flaw that was first identified in the same software six years ago. Six years later, Kaseya’s customer portal was still exposed to the data-leaking weakness. Image: Archive.org.

Software

Software Ransomware System Administration Authentication

Cyber News Rundown: Italian Banks Hit with Ursnif

Webroot

MARCH 5, 2021

Telemarketer leaves thousands of records exposed. A California-based telemarketing firm was recently alerted to an exposed Amazon AWS bucket containing over 100,000 records and requiring no authentication to access. Among the records were hours of customer phone calls and text-based communications.

Banking

Banking Social Engineering Engineering Backups

Unveiling the Threat Landscape: Exploring the Security Risks of Cloud Computing

Centraleyes

FEBRUARY 25, 2024

This blog aims to dissect the nuances of cloud security risks , shedding light on the challenges commonly faced when securing digital assets in the cloud. The CSP secures the underlying infrastructure, including the physical data centers, networking, and hypervisors. Who’s Responsible for Security in the Cloud?

Risk

Risk Encryption Social Engineering Authentication

Leaky Buckets in a Multi-Cloud World

Thales Cloud Protection & Licensing

APRIL 16, 2018

The past year has seen a number of high profile security breaches tied to leaky storage servers. Specifically, the leakage of sensitive files connected to misconfigured security protocols on Amazon Simple Storage Service (S3) buckets. If they don’t, they are at risk of becoming the next headline.

Encryption

Encryption Big data Backups Threat Reports

Researchers say enterprise password manager hit in supply chain attack

SC Magazine

APRIL 23, 2021

In an April 23 blog , the firm claimed to have digital evidence that Australian company ClickStudios suffered a breach, sometime between April 20 and April 22, which resulted in the attacker dropping a corrupted update to its password manager Passwordstate.

Password Management

Password Management Passwords Media Malware

Cyber Security Roundup for May 2021

Security Boulevard

MAY 3, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, April 2021. MI5 said the faked LinkedIn accounts are created and operation by nation-state spy agencies, with an intent to recruit individuals or gather sensitive information.

Ransomware

Ransomware Passwords Scams Government

Why We Still Haven’t Learned From the Target Data Breach a Decade Later

Security Boulevard

MAY 17, 2023

But even as companies race to increase cybersecurity spending and awareness, data breaches have actually become much more (not less) likely. Tales From the Breach: What Organizations Are (and Aren’t) Doing The 2013 Target data breach was a watershed moment within the cybersecurity landscape.

Data breaches

Data breaches DNS Malware Phishing

How MVISION CNAPP Helps Protect Against ChaosDB

McAfee

SEPTEMBER 9, 2021

Attackers have made it known that Microsoft is clearly in their cross hairs when it comes to potential targets. Just last month the US Justice Department disclosed that Solorigate continues to comprise security when they confirmed over 80% of Microsoft email accounts were breached across four different federal prosecutors offices.

Firewall

Firewall Marketing Risk Accountability

Write Code That Protects Sensitive User Data

Veracode Security

SEPTEMBER 15, 2020

Sensitive data exposure is currently at number 3 in the??? In this blog post, we will describe common scenarios of incorrect sensitive data handling and suggest ways to protect sensitive data. What is sensitive data? What vulnerabilities can lead to sensitive data exposure?

Passwords

Passwords Encryption Authentication Risk

A Pandora's Box: Unpacking 5 Risks in Generative AI

Thales Cloud Protection & Licensing

APRIL 17, 2024

These hallucinations can occur for various reasons, such as errors in the AI's algorithms, biases in the training data, or limitations in the AI's understanding of the context or task. Data Poisoning: The integrity of AI systems relies heavily on the quality and reliability of the data they are trained on.

Risk

Risk Data collection Artificial Intelligence Accountability

A Pandora’s Box: Unpacking 5 Risks in Generative AI

Security Boulevard

APRIL 17, 2024

These hallucinations can occur for various reasons, such as errors in the AI's algorithms, biases in the training data, or limitations in the AI's understanding of the context or task. Data Poisoning: The integrity of AI systems relies heavily on the quality and reliability of the data they are trained on.

Risk

Risk Data collection Artificial Intelligence Accountability

GUEST ESSAY: Why CISOs absolutely must take authentication secrets much more seriously

The Last Watchdog

MARCH 1, 2023

Managing this sensitive information while avoiding pitfalls has become extremely difficult due to the growing number of services in recent years. Even the most experienced developers can inadvertently publish this extremely sensitive information, giving access to the resources of the companies they work for.

Authentication

Authentication CISO Passwords Software

Cyber Security Roundup for June 2021

Security Boulevard

JUNE 1, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, May 2021. The NCSC said critical public services must be protected from disruption, while sensitive data also needs to be secured from being stolen in large volumes.

Ransomware

Ransomware Passwords Scams Cyber Attacks

A guide to OWASP’s secure coding

CyberSecurity Insiders

SEPTEMBER 21, 2021

This blog was written by an independent guest blogger. Input validation ensures that only correctly formatted input enters a database and averts erroneous data from staying in the database and causing subsequent elements to fail. When the user inputs data, software must encode it before output. Input validation. Output encoding.

Authentication

Authentication Passwords Software Accountability

Cyber Security Roundup for March 2021

Security Boulevard

FEBRUARY 28, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, February 2021. I wrote a blog post about my concerns given Linux is embedded everywhere, yet many of these systems are rarely, and even never updated with security updates.

Energy and Utilities

Energy and Utilities Ransomware DDOS Accountability

How to Track Your Kids (and Other People's Kids) With the TicTocTrack Watch

Troy Hunt

APRIL 15, 2019

Not to mention the various spyware apps often installed on kids' phones to track them which then subsequently leak their data all over the internet. mSpy leaked data. SpyFone leaked data. Mobiispy leaked data. And that's just a small slice of them. And then there's kids' smart watches themselves.

Spyware

Spyware Passwords Manufacturing Marketing

Cyber Security Informer

Microsoft Data Breach Exposes Customers’ Sensitive Information

Hackers can hack organizations using data found on their discarded enterprise network equipment

Trending Sources

Kaseya Left Customer Portal Vulnerable to 2015 Flaw in its Own Software

Cyber News Rundown: Italian Banks Hit with Ursnif

Unveiling the Threat Landscape: Exploring the Security Risks of Cloud Computing

Leaky Buckets in a Multi-Cloud World

Researchers say enterprise password manager hit in supply chain attack

Cyber Security Roundup for May 2021

Why We Still Haven’t Learned From the Target Data Breach a Decade Later

How MVISION CNAPP Helps Protect Against ChaosDB

Write Code That Protects Sensitive User Data

A Pandora's Box: Unpacking 5 Risks in Generative AI

A Pandora’s Box: Unpacking 5 Risks in Generative AI

GUEST ESSAY: Why CISOs absolutely must take authentication secrets much more seriously

Cyber Security Roundup for June 2021

A guide to OWASP’s secure coding

Cyber Security Roundup for March 2021

How to Track Your Kids (and Other People's Kids) With the TicTocTrack Watch

Stay Connected