LATEST POST
COVID Test Data Breach: 1.3 Million Patient Records Exposed Online
Jeremy Fowler reports: Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to vpnMentor about a non-password protected database that contained nearly 1.3 million records, which included COVID-19 testing information and personally identifiable information such as the patient’s name, date of birth, and passport number. The publicly exposed database contained an estimated 1.3 million records that included 118,441 certificates, […]
Microsoft network breached through password-spraying by Russian-state hackers
Ars Technica reports: Read more at Ars Technica.
Hackers Stole Data of Over 35M Customers from V.F. Corp (NYSEVFC) in December
Tip Ranks reports: V.F. Corp., the name behind brands such as The North Face, Timberland, Dickies, and Vans, announced that a cyber incident in December resulted in the data breach of nearly 35.5 million customers. Last month, the cyber incident hampered VFC’s order fulfillment on its eCommerce portal. At the time, the company expected the […]
‘Punishing the victims’: Would banning ransom payments stop hospital cyberattacks?
In its The State of Ransomware in the U.S. report for 2023, Emsisoft opined that the only solution to the ransomware crisis is to completely ban ransomware payments. That recommendation has generated some discussion, and now Becker’s has also reached out to health system CISOs to get their reaction to the recommendation. The majority’s opinion […]
23andMe Blames Victims For Data Breach
Today’s General Counsel reports: Genetic testing company 23andMe, which is facing more than 30 lawsuits from the victims of a massive data breach, is claiming that the victims themselves are to blame for the loss of their own data, TechCrunch reports. In a letter to hundreds of 23andMe users suing the company, 23andMe said the victims “negligently […]
CISA pushes federal agencies to patch Citrix RCE within a week
Bleeping Computer reports: Today, CISA ordered U.S. federal agencies to secure their systems against three recently patched Citrix NetScaler and Google Chrome zero-days actively exploited in attacks, pushing for a Citrix RCE bug to be patched within a week. The cybersecurity agency added the flaws to its Known Exploited Vulnerabilities Catalog today, saying that such vulnerabilities are “frequent attack […]
How SolarWinds Responded to the 2020 SUNBURST Cyberattack
From the Harvard Business Review: In December of 2020, SolarWinds learned that they had fallen victim to hackers. Unknown actors had inserted malware called SUNBURST into a software update, potentially granting hackers access to thousands of its customers’ data, including government agencies across the globe and the US military. General Counsel Jason Bliss needed to […]
Four-in-ten employees sacked over email security breaches as firms tackle “truly staggering” increase in attacks
ITPro reports: Nearly half of workers responsible for email security breaches over the last year have been sacked, according to new search, as cyber leaders begin taking a tougher stance amid a surge in attacks. Research from cyber security firm Egress found that 94% of organizations globally have experienced a serious email security incident in […]