LATEST POST
VeriSource now says February data breach impacts 4 million people
Bleeping Computer reports: Employee benefits administration firm VeriSource Services is warning that a data breach exposed the personal information of four million people. VeriSource is a Texas-based employee benefits administration and HR outsourcing solutions provider with diverse clients across the U.S. The firm has begun data breach notifications to impacted individuals about a cybersecurity incident […]
Marks & Spencer breach linked to Scattered Spider ransomware attack
Bleeping Computer reports: Ongoing outages at British retail giant Marks & Spencer are caused by a ransomware attack believed to be conducted by a hacking collective known as “Scattered Spider” BleepingComputer has learned from multiple sources. Marks & Spencer (M&S) is a British multinational retailer that employs 64,000 employees and sells various products, including clothing, food, […]
Breach exposes 2.9 lakh Bangalore Water Supply and Sewerage Board’ customers’ data
Deccan Herald reports: A major data breach in the Bangalore Water Supply and Sewerage Board’s (BWSSB) application portal for water connection has exposed over 2.90 lakh customer records. The access to these records, including PAN, Aadhaar numbers, payment data and mobile numbers, was put on sale on an underground data leaks forum on the internet […]
‘Dangerous’ Russian hacking group exploits bugs in Microsoft Windows, Firefox browser: What users should do
TOI Tech Desk reports: A Russian-linked hacking group is reportedly exploiting two newly discovered zero-day vulnerabilities. Security researchers have warned that the Russian cybercrime group known as RomCom has been misusing these security flaws to target Firefox and Windows users in Europe and North America. These “zero-click” exploits, identified by security firm ESET, allowed hackers […]
North Dakota Expands Data Security Requirements
Seen on The National Law Review: On April 11, North Dakota enacted HB 1127, overhauling its regulatory framework for financial institutions and nonbank financial service providers. The law amends multiple chapters of the North Dakota Century Code and creates a new data security mandate for financial corporations—a category that includes non-depository entities regulated by the Department of Financial Institutions […]
DragonForce expands ransomware model with white-label branding scheme
Bleeping Computer reports: The ransomware scene is re-organizing, with one gang known as DragonForce working to gather other operations under a cartel-like structure. DragonForce is now incentivizing ransomware actors with a distributed affiliate branding model, providing other ransomware-as-a-service (RaaS) operations a means to carry out their business without dealing with infrastructure maintenance cost and effort. […]
Gallagher hammered in £11 million broker negligence ruling
Broker found at fault over Lloyd’s, Hiscox, QBE policy mess up Insurance Business Magazine reports: Read more at Insurance Business Magazine.
FBI IC3, Verizon DBIR, Google M-Trends reports are out—here are key takeaways
Risky Biz News reports: There are a handful of seminal reports in the cybersecurity industry, and lo and behold, three of them were released on Wednesday. Mandiant’s team, now part of Google Cloud, released M-Trends, Verizon released its Data Breach Investigations Report (aka DBIR), and the FBI Internet Crime Complaint Center (IC3) released its yearly Internet Crime Report [PDF]. […]