Security Affairs

APRIL 9, 2025

The confidentiality and integrity of the OCCs information security systems are paramount to fulfilling its mission, said Acting Comptroller of the Currency Rodney E. security team the day before had notified OCC about unusual network behavior, according to the draft letter.” The review process is still ongoing. OCC on Feb.

Accountability 123

Accountability Banking Information Security Hacking 123

Malwarebytes

NOVEMBER 12, 2024

In 2023, cybercriminals put up information belonging to as many as seven million 23andMe customers for sale on criminal forums following a credential stuffing attack against the genomics company. This makes the information a treasure trove for advertisers, insurance companies, and Big Pharma.

Insurance 145

Insurance Accountability Risk Data breaches 145

Security Affairs

FEBRUARY 25, 2025

” NKTsKI recommends organizations to strengthen monitoring of threats and information security events in systems provided by LANIT. LANIT Group (Laboratory of New Information Technologies) is one of Russia’s largest IT service and software providers. ” said U.S.

Telecommunications 101

Telecommunications Software Technology Healthcare 101

Security Affairs

NOVEMBER 11, 2024

Amazon disclosed a data breach exposing employee data, with information allegedly stolen in the May 2023 MOVEit attacks. Amazon disclosed a data breach that exposed employee information after data was allegedly stolen during the May 2023 MOVEit attacks. Exposed data did not include Social Security numbers or financial information.

Data breaches 126

Data breaches Hacking Ransomware Technology 126

Security Affairs

DECEMBER 8, 2024

The investigation aimed to determine the extent of the activity, and whether individual personal information, if any, may have been accessed or acquired by an unauthorized third party. ” reads the notice of security incident shared with the Maine Attorney General.

Data breaches 116

Data breaches Insurance Healthcare Ransomware 116

Security Affairs

APRIL 7, 2025

These falsely obtained credentials enable cyber criminals to successfully mimic a real-world investigation by inducing platform operators to provide extremely sensitive information. FROM ACCOUNT THEFT TO A FULL-FLEDGED SERVICE: THE EVOLUTION OF THE MODEL The phenomenon has rapidly upgraded complexity, as detailed in the Meridian Group report.

Cybercrime 139

Cybercrime Social Engineering Accountability Government 139

Jane Frankland

JUNE 8, 2025

For decades, the Chief Information Officer (CIO) was the central authority on IT, overseeing infrastructure, systems, and digital initiatives. The modern enterprise C-suite is undergoing a seismic shift—not over profits or market share, but over who leads technology, shapes strategy, and ultimately defines the future of the business.

CISO 130

CISO Digital transformation Technology Risk 130

Security Affairs

DECEMBER 21, 2024

” Recently, The Federal Office for Information Security (BSI) announced it had blocked communication between the 30,000 devices infected with the BadBox malware and the C2. .” continues the report “Second, let’s talk volume. The devices were all located in Germany, they were all using outdatedAndroidversions.

Firmware 142

Firmware Malware Internet Internet 142

Security Affairs

OCTOBER 11, 2024

. “CyberAv3nger accounts also asked our models high-level questions about how to obfuscate malicious code, how to use various security tools often associated with post-compromise activity, and for information on both recently disclosed and older vulnerabilities from a range of products.” ” continues the report.

Malware 136

Malware Social Engineering Engineering Hacking 136

Security Affairs

NOVEMBER 24, 2024

Stolen information offered for sale on the carding website included bank account, credit card, and debit card numbers and associated information for conducting transactions. million in revenue.

Cybercrime 130

Cybercrime Cryptocurrency Banking Accountability 130

Security Affairs

MARCH 8, 2025

A data breach suffered by the Japanese telecom giant NTT exposed information of nearly 18,000 corporate customers. Japanese telecom giant NTT suffered a data breach that exposed information of nearly 18,000 corporate customers. Please note that information about services for individual customers was not included.”

Data breaches 115

Data breaches Mobile Hacking Malware 115

Security Affairs

NOVEMBER 21, 2024

The authorities launched an investigation after the ransomware gang Ransomhub claimed the attack and published samples of personal information from a database of government. This is not the first time Mexico’s presidential office has been targeted in a hack involving sensitive information. ” reported the Associated Press.

Government 144

Government Hacking Ransomware Insurance 144

Security Affairs

MARCH 4, 2025

Implications The infiltration of IT workers with fraudulent or espionage purposes and perhaps belonging to nation-state affiliations poses a serious threat to national and corporate security. He is also the author of the book La Gestione della Cyber Security nella Pubblica Amministrazione. Education improves awareness is his slogan.

Risk 122

Risk Education Scams VPN 122

Security Affairs

OCTOBER 31, 2024

Peruvian Interbank confirmed a data breach after threat actors accessed its systems and leaked stolen information online. Faced with this situation, we immediately deployed additional security measures to protect the operations and information of our clients.” ” reads the statement published by the company.

Data breaches 128

Data breaches Financial Services Hacking Mobile 128

Security Affairs

MAY 20, 2025

In April, SK Telecom reported that threat actors gained access to USIM-related information for customers following a malware attack. Upon discovering the infection, the company promptly reported it to the Korea Internet & Security Agency (KISA) on Sunday, April 20, sanitized the impacted systems, and isolated the suspected hacking device.

Malware 106

Malware Mobile Data breaches Wireless 106

Security Affairs

JUNE 4, 2025

Luxury-goods conglomerate Cartier disclosed a data breach that exposed customer information after a cyberattack. Cartier has disclosed a data breach following a cyberattack that compromised its systems, exposing customers’ personal information. The incident comes amid a wave of cyberattacks targeting luxury fashion brands.

Data breaches 97

Data breaches Cyber Attacks Manufacturing Banking 97

Security Affairs

MAY 17, 2025

Access to personal or official accounts operated by US officials could be used to target other government officials, or their associates and contacts, by using trusted contact information they obtain.” ” reads the alert issued by the FBI.

Government 122

Government Social Engineering Authentication Accountability 122

The Last Watchdog

DECEMBER 5, 2024

5, 2024, CyberNewswire — One Identity proudly announces it has been named a winner in the Hot Company: Privileged Access Management (PAM) category in the 12th annual Cyber Defense Awards by Cyber Defense Magazine (CDM), the industrys leading information security magazine. Alisa Viejo, Calif.,

InfoSec 130

InfoSec Cyber Risk CISO Cybersecurity 130

eSecurity Planet

OCTOBER 18, 2024

Blockchain: Developed primarily for cryptocurrency applications and maligned for manipulating those markets, blockchain can be a valuable security tool, as its universe of connected nodes is almost impossible to corrupt or destroy. Security Engineer Security engineers build secure systems. Salary: $124,424, Cyberseek.

Cybersecurity 125

Cybersecurity Artificial Intelligence Penetration Testing CISO 125

Security Affairs

MARCH 4, 2025

HGFS information-disclosure vulnerability: the vulnerability is an information disclosurevulnerability that impacts VMware ESXi, Workstation, and Fusion. The virtualization giant confirmed that it has information to suggest that exploitation of the three flaws has occurred in the wild. CVE-2025-22226 (CVSS score of 7.1)

Hacking 114

Hacking Information Security 114

Security Affairs

OCTOBER 21, 2024

Internet Archive Zendesk emails sent by the threat actor Source: BleepingComputer The message highlights a poor security posture by the Internet Archive. Hunt will add the information of the impacted users to HIBP very soon. Hunt also verified the authenticity of the information included in the stolen archive.

Internet 128

Internet Internet Data breaches Authentication 128

Security Affairs

APRIL 13, 2025

Compromised data includes full names, contact details, ID numbers, banking information, drivers license numbers, medical records and passport details. The company engaged top cybersecurity and forensic experts, informed authorities, and is actively supporting affected stakeholders. The gang claimed the theft of 2 TB of data.

Data breaches 128

Data breaches Unstructured Data Identity Theft Healthcare 128

Security Affairs

DECEMBER 3, 2024

Securities and Exchange Commission (SEC), the company discovered the attack on November 25. The threat actors had access to the company’s information technology systems and encrypted some of its data files. According to the FORM 8-K report filed with the U.S. ” reads the report filed with SEC.

Ransomware 119

Ransomware Encryption Technology Cybersecurity 119

SecureWorld News

MARCH 31, 2025

A critical business function, not just a checkbox "World Backup Day acts as a crucial reminder that data loss is inevitable, encouraging us to take proactive steps to protect our information," says Emilio Sepulveda , Manager of Information Security at Deepwatch.

Backups 99

Backups Mobile Encryption CISO 99

Security Affairs

DECEMBER 7, 2024

Allegedly, invoice receipts, accounting documents, personal data, certificates, employment contracts, a huge amount of confidential information, confidentiality pic.twitter.com/Tad7LeOcsk — HackManac (@H4ckManac) December 6, 2024 According to the announcement published by the group on its Tor leak site, stolen data includes: Invoice Receipts (..)

Ransomware 124

Ransomware Hacking Accountability Cyber Attacks 124

Security Affairs

MARCH 4, 2025

HGFS information-disclosure vulnerability: the vulnerability is an information disclosurevulnerability that impacts VMware ESXi, Workstation, and Fusion. The virtualization giant confirmed that it has information to suggest that exploitation of the three flaws has occurred in the wild. CVE-2024-50302 (CVSS score of 5.5)

Mobile 113

Mobile Hacking Cybersecurity Risk 113

Security Affairs

DECEMBER 5, 2024

Gathering information from the huge number of sources inherent in modern IT environments is laborious, mundane, and mentally exhausting. For instance, a simple suspicious login alert might require an analyst to check user activity logs, verify access patterns, and cross-reference data across various security platforms.

Artificial Intelligence 136

Artificial Intelligence Data collection Cybersecurity Risk 136

Adam Shostack

JANUARY 2, 2025

Fifteen years ago, Andrew Stewart and I published The New School of Information Security , in which we called for greater disclosure of cyber incidents and learning more from them. The interesting parts of the rule ends around page 80, moving to technical matters like foreign issuers and structured information in submissions.

Cybersecurity 130

Cybersecurity Marketing Information Security 130

Security Affairs

OCTOBER 28, 2024

The charges being pursued by investigators include criminal conspiracy for unauthorized access to computer systems, illegal interception, falsification of electronic communications, disclosure of confidential information, aiding and abetting, and extortion. ” reads a statement from a lawyer for Del Vecchio.

Computers and Electronics 136

Computers and Electronics Banking Marketing Hacking 136

Security Affairs

JANUARY 26, 2025

“Hackers stole sensitive information belonging to around 190 million people in a cyberattack on a UnitedHealth Group subsidiary last year that roiled the U.S. According to the Associated Press, UnitedHealth booked $1.1 billion in total costs from the cyberattack in the second quarter. healthcare industry, the company said Friday.”

Healthcare 129

Healthcare Data breaches Insurance Cybercrime 129

Security Affairs

OCTOBER 25, 2024

According to the Associated Press, UnitedHealth booked $1.1 billion in total costs from the cyberattack in the second quarter.

Data breaches 129

Data breaches Healthcare Cybercrime Insurance 129

Security Affairs

MARCH 19, 2025

California Cryobank, the largest US sperm bank, suffered a data breach exposing customer information. The company disclosed a data breach that exposed customers’ personal information. At this time, it is unclear if the exposed information includes any donor data.

Data breaches 108

Data breaches Banking Insurance Hacking 108

Security Affairs

FEBRUARY 1, 2025

“Pursuant to Regulation 30 of the SEBI (Listing Obligations and Disclosure Requirements) Regulations, 2015, this is to inform you that the Company has become aware of a ransomware incident that has affected a few of our IT assets.” Threat actors hit the company’s information technology (IT) infrastructure.

Technology 117

Technology Ransomware Engineering Manufacturing 117

Security Affairs

APRIL 5, 2025

The ransomware gang hit organizations in multiple industries, including education, healthcare, manufacturing, information technology, and government sectors. The Port started notifying impacted individuals after their personal information was compromised. Please visit our cyberattack webpage for additional information.”

Data breaches 95

Data breaches Ransomware Cyber Attacks Manufacturing 95

Security Affairs

NOVEMBER 13, 2024

Additionally, configuring Group Policy to store BitLocker recovery information in Active Directory Domain Services (AD DS) and enforcing the policy “Do not enable BitLocker until recovery information is stored to AD DS for operating system drives” can prevent unauthorized encryption.

Ransomware 123

Ransomware Encryption Passwords Backups 123

Security Affairs

MAY 3, 2025

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. The victims of the group are targets of opportunity. In December 2023, FBI and CISA published a joint Cybersecurity Advisory (CSA) to warn of Rhysida ransomware attacks.

Government 125

Government Hacking Ransomware Manufacturing 125

Security Affairs

OCTOBER 25, 2024

These assessments help identify and protect sensitive information – including personally identifiable information (PII), intellectual property, and financial data – and sniff out vulnerabilities in existing defenses to ensure protection against cyberattacks and inadvertent data exposure.

Risk 122

Risk Cybersecurity Data breaches Cyber threats 122