Businesses today face a more diverse and more dangerous array of cybersecurity threats than ever before. With external threats like ransomware gangs and internal threats posed by disgruntled or departing employees, corporate digital forensics professionals need to be able to investigate possible malfeasance quickly...
Once ransomware hackers get inside a healthcare sector organization's systems, 3 in 4 attackers will also maliciously encrypt data, says security firm Sophos. Attackers successfully encrypted data in 75% of ransomware attacks on healthcare sector entities, researchers report.
This week: espionage group exploits a zero-day in Roundcube Webmail, Cloudflare records a surge in HTTP DDoS attacks, ZScaler detects a spike in IoT hacks, the International Criminal Court says its cyber incident was espionage and the Kansas court system still offline.
Widely used password management software provider 1Password said a hacker breached had one of its systems but failed to steal any sensitive data, after stealing a valid session cookie from the customer support system of its access and identity management provider, Okta.
A breach of Okta's support case management system using a stolen credential allowed attackers to access sensitive files uploaded by the identity security giant's customers. San Francisco-based Okta said the threat actor could view filed uploaded by certain customers as part of recent support cases.
The biggest challenges in threat detection and response today are the inability to cover the entire attack surface and a lack of insight into who is attacking and why. To address these issues, Cisco introduced Breach Protection, a suite of products that combines email, endpoint and XDR protection.
The Kansas Supreme Court said it is probing a "security incident" that has disrupted access to IT systems also used by the state's Court of Appeals and every District Court but one, leaving them unable to accept electronic filing of documents or process some cases.
A British financial regulator fined American credit reporting agency Equifax 11 millions pounds ($13.4 million) for its role in one of the world's largest data breaches. Chinese military hackers in 2017 exploited a well-known vulnerability in the company's online dispute portal.
This week: Google began phasing out passwords, Microsoft to bid VBScript goodbye, payment card information exposed in Air Europa hack, Magecart attack uses sneaky 404 page tactic, U.S. voter registration data stolen from the District of Columbia, and Volex reports a hack attack.
Hotel and casino giant MGM Resorts says the recent hack attack against it cost $110 million in lost revenue and mitigation expenses. The publicly traded company expects to recoup losses and costs to date via cyber insurance. MGM Resorts says that its investigation remains ongoing.
Fundraising software powerhouse Blackbaud will pay $49.5 million to settle a multistate investigation into the company's data security practices and its response to a 2020 ransomware attack. The firm must also enhance its security and not misrepresent its data security practices.
Trick question for CSOs: When does a security incident qualify as being a data breach? The answer is that it's "a very complicated question" best left to the legal team, said former Uber CSO Joe Sullivan, sharing lessons learned from the U.S. Department of Justice's case against him.
This week, Johnson Controls suffered a ransomware attack, the Philippine state health insurance program was recovering from ransomware, Air Canada reported a cyberattack, an APT group used the American Red Cross as bait, new malware targeted Bitwarden, and a LATAM cybersecurity conference occurred.
The count of organizations affected by the Clop ransomware group's most recent mass targeting of Progress Software's secure file transfer software doubled last week. National Student Clearinghouse warned that data tied to nearly 900 colleges and universities had been stolen from its MOVEit server.
This week, Colombia grappled with the aftermath of a ransomware attack against IFX Networks, Clorox suffered product shortages, a glitch allowed T-Mobile users to access other users' data, California passed restrictions for data brokers and Finland seized a dark web marketplace.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.