Data Breach Today

FEBRUARY 5, 2019

Business and Healthcare Sectors Suffered Most US Breaches, ITRC Finds In 2018, the Identity Theft Resource Center counted 1,244 U.S. data breaches - involving the likes of Facebook, Marriott and Exactis - that exposed 447 million sensitive records, such as Social Security numbers, medical diagnoses and payment card data.

Data breaches 191

Data breaches Security 191

Data Breach Today

OCTOBER 4, 2024

Nonprofit Group Hit 3 Times in 3 Weeks in 2018, Affecting PHI of 85,000 Patients Federal regulators have hit a California physician services organization with a $240,000 HIPAA civil penalty following an investigation into three ransomware attacks that occurred within a three-week span in early 2018, compromising the sensitive information of 85,000 (..)

Ransomware 276

Ransomware 276

Security Affairs

JUNE 20, 2021

Norway police secret service states said that China-linked APT31 group was behind the 2018 cyberattack on the government’s IT network. Norway’s Police Security Service (PST) said that the China-linked APT31 cyberespionage group was behind the attack that breached the government’s IT network in 2018. Pierluigi Paganini.

Government 133

Government Passwords Access Cloud 133

Krebs on Security

JULY 10, 2018

According to SANS, at least three of the flaws — CVE-2018-8278 , CVE-2018-8313 , and CVE-2018-8314 — were previously disclosed publicly, meaning that attackers may have had a head start figuring out how to exploit these flaws for criminal gain.

Security 132

Security IT 132

Data Breach Today

SEPTEMBER 26, 2018

A Guide to Video Interviews With Thought Leaders at This Year's Event At RSA Conference 2018 Asia Pacific & Japan, Information Security Media Group conducted dozens of video interviews with industry thought leaders. Here are the highlights.

Information Security 141

Information Security Security 141

Data Breach Today

AUGUST 21, 2019

White House Report: No 'Major' Breaches Reported; Incidents Down 12 Percent Federal government agencies experienced 12 percent fewer cyber incidents in 2018, when there were no "major" data breaches, according to a new White House report. But the report notes there's still plenty of risk mitigation work to be done.

Data breaches 142

Data breaches Risk Government 142

Security Affairs

OCTOBER 16, 2020

Britain’s information commissioner has fined British Airways 20 million pounds for the 2018 hack that exposed data of 400,000 customers. In September 2018, British Airways suffered a data breach that exposed the personal information of 400,000 customers. ” concludes the ICO. Pierluigi Paganini.

GDPR 116

GDPR Personal data Data breaches Communications 116

Security Affairs

SEPTEMBER 14, 2021

The network equipment maker MikroTik revealed that the routers were previously compromised in 2018. “As far as we have seen, these attacks use the same routers that were compromised in 2018, when MikroTik RouterOS had a vulnerability, that was quickly patched.” ” reads a post published by MikroTik in a forum post.

Passwords 85

Passwords Access Security IT 85

Data Breach Today

NOVEMBER 4, 2019

Patient Portal Incident Involved Third-Party Vendor A Utah eye clinic began notifying thousands of patients last week about a 2018 breach involving a third-party portal provider. What should other healthcare organizations learn from this incident?

103

103

Krebs on Security

AUGUST 15, 2018

According to security firm Ivanti , the first of the two zero-day flaws ( CVE-2018-8373 ) is a critical flaw in Internet Explorer that attackers could use to foist malware on IE users who browse to hacked or booby-trapped sites. One nifty little bug fixed in this patch batch is CVE-2018-8345. Microsoft’s analysis is here.

Paper 114

Paper Security IT 114

Security Affairs

DECEMBER 21, 2019

Cisco has warned customers that hackers continue to target Cisco ASA and Firepower Appliance products by exploiting the CVE-2018-0296 flaw. Experts warn that threat actors continue to exploit the CVE-2018-0296 flaw to target Cisco ASA and Firepower Appliance. SecurityAffairs – Cisco ASA, CVE-2018-0296). Pierluigi Paganini.

Risk 68

Risk Authentication Security Cloud 68

Data Breach Today

AUGUST 21, 2018

million individuals - have been added in recent weeks to the official federal tally, pushing the total victim count for 2018 so far to 4.3 Analyzing the Latest 'Wall of Shame' Trends About 30 new health data breaches - including a phishing attack impacting 1.4

Data breaches 122

Data breaches Phishing 122

Data Breach Today

JULY 24, 2018

A Guide to Video Interviews With Thought Leaders at This Year's Event At Infosecurity Europe 2018, Information Security Media Group conducted dozens of video interviews with industry thought leaders. Here are the highlights.

Information Security 103

Information Security Security 103

IT Governance

MAY 25, 2023

As Andrea Jelenik, the chair of the EDPB, told a recent panel discussion at the IAPP 2023 Global Privacy Summit : When we started from scratch we had to give guidance because everyone wanted to have guidance because the elephant in the room in 2018 was the GDPR. We’ve been analysing GDPR fines since the Regulation took effect in May 2018.

GDPR 85

GDPR Compliance Personal data Data Privacy 85

Data Breach Today

MAY 3, 2018

At RSA 2018, RSA's president said WannaCry was a wakeup call for vulnerability and risk management. Artificial Intelligence, Bug Squashing, Secure DevOps and More What matters most, right now, to the information security community? Other experts see artificial intelligence, machine learning and secure coding as hot trends.

Artificial Intelligence 118

Artificial Intelligence Cybersecurity Information Security Risk 118

Security Affairs

JANUARY 30, 2019

According to the ENISA Threat Landscape Report 2018, 2018 has brought significant changes in the techniques, tactics, and procedures associated with cybercrime organizations and nation-state actors. 2018 was characterized by significant changes in the cyber threat landscape especially for TTPs associated with threat agent groups. .

IoT 85

IoT Cybersecurity Phishing Risk 85

Data Breach Today

JANUARY 4, 2018

Why Making a Prediction Is So Difficult So what actions can we expect in 2018 from the Department of Health and Human Services' Office for Civil Rights as it enforces the HIPAA privacy, security and breach notification rules? Making a prediction is difficult, given all the changes at HHS.

Privacy 103

Privacy Security IT 103

Data Breach Today

JANUARY 4, 2018

A look ahead at five trends that should have a significant impact on cybersecurity in 2018 is featured in the final ISMG Security Report for 2017. Cybersecurity and privacy thought leader Christopher Pierson forecasts the likely occurrences.

Cybersecurity 128

Cybersecurity Privacy Security 128

Data Breach Today

MAY 24, 2018

A Guide to Video Interviews With Thought Leaders at This Year's Event At RSA Conference 2018 in San Francisco, Information Security Media Group's editorial team conducted more than 100 video interviews with industry thought leaders. Here are the highlights.

Information Security 100

Information Security Security 100

Security Affairs

OCTOBER 26, 2018

Security researcher discovered a highly critical vulnerability (CVE-2018-14665) in X.Org Server package that affects major Linux distributions. Xorg published a security advisory on the CVE-2018-14665 flaw. OpenBSD #0day Xorg LPE via CVE-2018-14665 can be triggered from a remote SSH session, does not need to be on a local console.

Security 102

Security IT 102

IT Governance

MARCH 8, 2019

2018 saw some of the biggest data breaches yet , with Marriott, Under Armour and Facebook suffering breaches that affected 500 million, 150 million and 100 million people respectively. Using our monthly ‘ List of data breaches and cyber attacks ’ blog posts, we’ve created an infographic to sum up the reported data breaches of 2018.

Data breaches 103

Data breaches GDPR Personal data Compliance 103

Security Affairs

DECEMBER 5, 2018

Adobe released security updates for Flash Player that address two vulnerabilities, including a critical flaw, tracked as CVE-2018-15982, exploited in targeted attacks. Adobe is aware of reports that an exploit for CVE-2018-15982 exists in the wild.” Securi ty Affairs – Flash zero-day, CVE-2018-15982). Pierluigi Paganini.

Archiving 106

Archiving Security Access IT 106

Security Affairs

OCTOBER 6, 2018

Users are reporting problems with the CCleaner software that appears to be partially broken after the installation of Windows 10 October 2018 Update. Other users discovered that some files on their machines were deleted after the Windows 10 October 2018 Update was installed. Security Affairs – Windows 10 October 2018 Update ).

Security 92

Security IT 92

Security Affairs

SEPTEMBER 23, 2021

BulletProofLink has been active since 2018, it was used by multiple threat actors in either one-off or monthly subscription-based business models. The post BulletProofLink, a large-scale phishing-as-a-service active since 2018 appeared first on Security Affairs. ” Follow me on Twitter: @securityaffairs and Facebook.

Phishing 95

Phishing Ransomware IT Access 95

Security Affairs

SEPTEMBER 28, 2018

Google Project Zero disclosed details for a high severity Linux kernel a use-after-free vulnerability tracked as CVE-2018-1718. The vulnerability is a use-after-free tracked as CVE-2018-17182, it was discovered by Google Project Zero’s Jann Horn. ships a kernel that was last updated 2018-08-27.” of the Linux kernel.

Security 102

Security IT 102

Security Affairs

SEPTEMBER 18, 2021

” Our research shows that this actor has been targeting the aviation industry since at least 2018, with files mentioning both “Trip Itinerary Details” and “Bombardier” at the time using the URL akconsult[.]linkpc[.]net.” ” Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Phishing 105

Phishing Marketing Security Risk 105

Security Affairs

DECEMBER 12, 2018

Experts from Kaspersky Lab reported that that the recently patched Windows kernel zero-day vulnerability ( CVE-2018-8611 ) has been exploited by several threat actors. Microsoft’s Patch Tuesday updates for December 2018 address nearly 40 flaws, including a zero-day vulnerability affecting the Windows kernel. Pierluigi Paganini.

Security 99

Security IT 99

PerezBox

OCTOBER 20, 2018

On September 28th, 2018, Facebook announced it’s biggest data breach to date. The post The 2018 Facebook Data Breach appeared first on PerezBox. They estimated 50 million accounts were affected at the time of the disclosure. Subsequent to the disclosure, security.

Data breaches 76

Data breaches Security IT Cybersecurity 76

Security Affairs

NOVEMBER 14, 2018

Kaspersky revealed that the CVE-2018-8589 Windows 0-day fixed by Microsoft Nov. 2018 Patch Tuesday has been exploited by at least one APT group in attacks in the Middle East. Kaspersky Lab described the CVE-2018-8589 flaw as a race condition in win32k!xxxMoveWindow Securi ty Affairs – CVE-2018-8589, hacking).

Authentication 91

Authentication Government Security IT 91

Security Affairs

MAY 8, 2019

Threat actors are exploiting a Jenkins vulnerability (CVE-2018-1000861) disclosed in 2018 to deliver a cryptocurrency miner using the Kerberods dropper. According to SANS handler Renato Marinho, a proof-of-concept (PoC) exploit for CVE-2018-1000861 was released in early March. ” reads the analysis published by Marinho. .

Honeypots 91

Honeypots Libraries IT Security 91

OpenText Information Management

JANUARY 2, 2018

Over the next 10 years, there will be five billion … The post 2018 top tech predictions appeared first on OpenText Blogs. Software is powering digital transformations and will enable the Intelligent Enterprise—and a new way to work.

Digital transformation 75

Digital transformation IT Artificial Intelligence Big data 75

Security Affairs

NOVEMBER 1, 2018

Cyber Defense Magazine November 2018 Edition has arrived. INFOSEC AWARDS FOR 2019 OPEN ON NOVEMBER 1, 2018. The post Cyber Defense Magazine – November 2018 has arrived. Sponsored by: Bosch. We hope you enjoy this month’s edition…packed with 100+ pages of excellent content. InfoSec Knowledge is Power.

IT 85

IT Libraries Security Cybersecurity 85

OpenText Information Management

JANUARY 29, 2018

Digital transformation continues to progress in the government sector and this is unlikely to change in 2018. Instead, they cover areas where government agencies are likely to begin to realize … The post Top 2018 tech trends for Government appeared first on OpenText Blogs.

Government 87

Government Digital transformation 87

Security Affairs

JANUARY 20, 2019

Unpatched critical flaw CVE-2018-15439 could be exploited by a remote, unauthenticated attacker to gain full control over the device. Cisco Small Business Switch software is affected by a critical and unpatched vulnerability (CVE-2018-15439) that could be exploited by a remote, unauthenticated attacker to gain full control over the device.

Passwords 102

Passwords Authentication Cloud Access 102

Security Affairs

NOVEMBER 14, 2018

The Zero Day Initiative’s Pwn2Own Tokyo 2018 is a success, participants earned over $300,000 for disclosing flaws affecting iPhone X, Xiaomi Mi 6 and Samsung Galaxy S9 smartphones. During the first day of the Pwn2Own Tokyo 2018 contest, participants hacked Apple iPhone X, Samsung Galaxy S9 and Xiaomi Mi 6 devices earning more than $225,000.

IoT 86

IoT Security Access IT 86

Security Affairs

SEPTEMBER 19, 2018

Adobe releases a critical out-of-band patch for CVE-2018-12848 Acrobat flaw, the security updates address a total of 7 vulnerabilities. The security patches have been released just one week after Adobe released its Patch Tuesday updates for September 2018 that addressed 10 vulnerabilities in Flash Player and ColdFusion.

Security 84

Security IT 84