Tangerine Telecom says attackers stole the personal information of 230,000 individuals from a legacy customer database. The post 230k Individuals Impacted by Data Breach at Australian Telco Tangerine appeared first on SecurityWeek. Read More
SecurityWeek RSS Feed…
Eye care practice management firm American Vision Partners faces lawsuit over data breach impacting 2.3 million patients. The post Eye Care Services Firm Faces Lawsuit Over Data Breach Impacting 2.3 Million appeared first on SecurityWeek. Read More
SecurityWeek RSS Feed…
Creates, a popular online retailer of hair styling tools, has suffered a significant data breach that exposed credit card details, names, addresses, and possibly even more sensitive personal information belonging to thousands of customers. An investigation revealed that attackers found weaknesses in the company’s old e-commerce platform to steal data during the checkout process.…
The cybercrime ecosystem has created a supply chain of stolen accounts and breached networks that are used to fuel ransomware attacks and data breaches. Learn more from Flare about how this supply chain has led to an explosion of cybercrime. […] Read More
BleepingComputer…
Respondents to Dark Reading’s Strategic Security Survey believe the primary cause of their organizations’ next major data breach will involve social engineering, negligent users, and insecure remote workers. Read More
darkreading…
In a worrisome turn of events, messaging app giant Line Yahoo Corporation has revised the scope of its previously reported data breach. A deeper investigation uncovered additional compromises, significantly boosting the number of potentially leaked data points. This incident underscores the far-reaching consequences of a single infection and the challenges of securing interconnected systems.…
Prudential Financial says administrative and user data was compromised in a cyberattack earlier this month. The post Prudential Financial Discloses Data Breach appeared first on SecurityWeek. Read More…
Ransomware threat actors have been extorting money after taking control over organizations’ internal networks, distributing ransomware, encrypting systems, and holding system restoration for ransom. Recently, however, threat actors not only encrypts the systems but also leaks internal data and threatens to expose them publicly if the ransom is not paid.…
On February 2, 2024, AnyDesk, a popular remote desktop software provider, announced that it had fallen victim to a cyberattack that compromised its production systems. The breach, orchestrated by malicious actors, has far-reaching implications for AnyDesk customers.
The incident came to light when AnyDesk released a public statement about possible security breaches on some of its systems.…
AnyDesk, a widely used remote desktop software, recently announced a significant breach within its production environment. Despite the unsettling access gained by hackers, AnyDesk assured its user base that no authentication tokens were compromised, as these crucial elements reside solely on the user’s device, tethered to its unique fingerprint.…
Ofuji Fishing Tackles, a renowned fishing tackle wholesaler and manufacturer in Japan has recently faced a severe cyber threat. The company disclosed a potential data breach involving personal customer information, a consequence of a ransomware attack targeting their systems. This incident, confirmed on December 13, 2023, has raised concerns about the leakage of customer data, including membership numbers, names, addresses, dates of birth, and phone numbers, affecting approximately 200,000 individuals.…
A colossal wave of stolen personal identifiable information (PII) from Thailand has crashed onto the shores of the dark web, marking a disturbing escalation in cybercriminal activities. This massive leak, unprecedented in its scale and audacity, has exposed the personal data of millions, casting a long shadow over the digital safety and privacy of Thai citizens.…
Ateam Inc., a developer of content for smartphones, disclosed that 935,779 personal data records stored in their cloud service were accessible over the Internet.
The company stated that they use the cloud service ‘Google Drive’ across their group. However, they discovered permission-setting errors in 1,369 files containing personal information.…
Panasonic Avionics Corporation (PAC), revealed that they suffered a cyberattack at the end of 2022, which may have led to the leak of personal information related to employees.
According to Panasonic, the internal network systems of PAC were compromised in a cyberattack. The breach was discovered approximately a year ago, on December 30, 2022, and an investigation ensued with external assistance.…
As the world adorned its festive attire, the cybercriminal community in the shadowy realms of the Dark Web orchestrated their chilling celebration – “Leaksmas.” This event, coinciding with the Christmas season, unfolded as a sinister display of data sharing among hackers, as observed by Resecurity.
The “Free Leaksmas” tag, a twisted token of gratitude, marked the substantial data dumps resulting from breaches and intrusions across a diverse range of companies and government agencies.…
Hackers use weaponized LNK files to exploit vulnerabilities in Windows operating systems. These files often contain malicious code that can be executed when the user clicks on the shortcut.
These weaponized files allow threat actors to perform several types of malicious activities like:-
Gain unauthorized access Deliver malware Deliver malicious payloadRecently, cybersecurity researchers at ASEC identified that the Kimsuky group has been actively using the weaponized LNK file to deploy AppleSeed malware.…
The ransomware group Akira has declared responsibility for the recent cyberattack on the systems of Nissan in Australia and New Zealand. The hackers claim to have exfiltrated over 100 GB of documents from the automaker.
Now, the malefactors are threatening to release confidential business and client data online, as negotiations with Nissan regarding a ransom have been unsuccessful—either due to the company’s refusal to engage with the hackers or its unwillingness to pay the demanded sum.…
French video game developer Ubisoft has once again fallen victim to a cyberattack. On the morning of December 22, 2023, a security research team shared screenshots allegedly from Ubisoft’s internal services. Ubisoft subsequently acknowledged a suspected data breach incident, confirming that an investigation is currently underway.…
For the latest discoveries in cyber research for the week of 27th November, please download our Threat_Intelligence Bulletin. TOP ATTACKS AND BREACHES Nevada-based medical transcription company, Perry Johnson & Associates (PJ&A), has disclosed a data breach that affected more than 9M patients at multiple healthcare providers in the US.…