This week, Japan's cybersecurity agency reportedly was breached, social media companies were urged to ward off data scraping, the NSA said it respects foreign intelligence targets, Polish authorities arrested two for hacking a rail network, and a ransomware gang used GDPR fines as scare tactics.
Cybersecurity doublespeak is never a good sign, especially when it comes in a letter this week addressed to half a million current and former employees of fast-fashion retailer Forever 21, warning them that their personal information was stolen in an eight-week breach discovered in March.
SailPoint has agreed to buy U.K.-based privileged access management vendor Osirium for $8.3 million to better protect privileged and non-privileged identities on a single platform. The deal will allow Osirium to benefit from SailPoint's increased scale and enhanced sector and regional capabilities.
London's Metropolitan Police Service is investigating a serious data breach that may have exposed names, ranks and photographs for potentially all 47,000 personnel, after someone gained "unauthorized access to the IT system" of one of its suppliers.
APIs have become increasingly popular as they are used to connect different systems, services and applications. But this makes them an attractive target for cybercriminals who want to exploits flaws and access sensitive data. Here are five critical reasons you need to conduct API security testing.
Ransomware and data exfiltration attacks continue to stick victims with serious bills to cover cleanup, legal and other resulting costs - to the tune of $10.8 million and counting for cloud computing giant Rackspace, for one. Rackspace was hit by the Play ransomware group last year.
Venture-backed cloud security firm Wiz swallowing up publicly traded endpoint security firm SentinelOne would be one of the most unorthodox and surprising acquisitions the cybersecurity industry has ever seen. But despite the major financial hurdles, the potential technology synergies are obvious.
Two financial services giants hit by the mass attack on MOVEit file-sharing software - Prudential and Schwab - are the latest victims to face lawsuits from affected individuals. The suit filed against Prudential seeks 10 years of prepaid identity theft monitoring services instead of the usual two.
The tally of entities notifying federal regulators about mega health data breaches involving Clop cybercrime group hacks on Progress Software's MOVEit file transfer application keeps growing, and millions of additional individuals have been affected.
Ransomware-wielding hackers are moving faster than ever to pull the trigger on malicious encryption - but they could be bumping up against the limits of how fast they can go, say security researchers at Sophos. Better endpoint detection may be spurring ransomware hackers into acting faster.
Tesla says it is suing two former employees for perpetrating a May data breach that exposed personal information for 75,735 current and former employees. The information was contained in a massive set of data leaked to a publication on whistleblowing grounds.
This week, Raccoon Stealer returned, hackers used QR codes, Belarus ISPs were used to spy on diplomats, Geico reported a MOVEit breach, an Israeli hospital dealt with ransomware extortion, Clorox took systems offline after an attack, and researchers found flaws in AudioCodes phones and Zoom's ZTP.
In this episode of CyberEd.io's podcast series "Cybersecurity Insights," Alex Waintraub, DFIR expert evangelist at CYGNVS, discusses how generative AI will play a role in the future of incident response - and in all aspects of cybersecurity - and emphasizes its dangers as well as its benefits.
A global law firm that handles data breach litigation is faced with defending itself against a proposed class action lawsuit filed in the aftermath of its own data breach. The lawsuit stems from a March hacking incident at San Francisco-based Orrick, Herrington & Sutcliffe.
In an after-action report on how the Lapsus$ crime group hacked "dozens of well-defended companies with low-complexity attacks," the U.S. Cyber Safety Review Board urges organizations to implement more robust two-factor authentication systems, plus regulations to combat SIM swapping.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.