Mon.Feb 19, 2024

article thumbnail

Zenlayer Exposes 384 Million Records

Data Breach Today

Exposed Database at Network Services Firm Included Server Log Details A global data center provider Zenlayer exposed an internal database accessible on the internet, revealing approximately 384 million records. A spokesperson said no internal or customer operational data, credentials or network traffic was impacted.

Access 288
article thumbnail

Russia-linked APT TAG-70 targets European government and military mail servers exploiting Roundcube XSS

Security Affairs

An APT group, tracked as TAG-70, linked to Belarus and Russia exploited XSS flaws in Roundcube webmail servers to target over 80 organizations. Researchers from Recorded Future’s Insikt Group identified a cyberespionage campaign carried out by an APT group, tracked as TAG-70, linked to Belarus and Russia. The nation-state actors are known to carry out cyber-espionage against targeting government, military, and national infrastructure entities in Europe and Central Asia since at least December 20

Military 144
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

LockBit Infrastructure Seized By US, UK Police

Data Breach Today

LockBit Ransomware Operations Is Latest to Fall in Series of Takedowns An international law enforcement operation seized the infrastructure of Russian-speaking cybercriminal group LockBit, a prolific ransomware-as-a-service operation, marking the latest in a series of digital takedowns. The group’s dark web leak site now displays a seizure notice.

article thumbnail

Cactus ransomware gang claims the theft of 1.5TB of data from Energy management and industrial automation firm Schneider Electric

Security Affairs

The Cactus ransomware gang claims the theft of 1.5TB of data from the Energy management and industrial automation firm Schneider Electric. The Cactus ransomware group claims responsibility for pilfering 1.5TB of data from the Energy management and industrial automation giant Schneider Electric. Schneider Electric is a multinational company that specializes in energy management, industrial automation, and digital transformation.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Ransomware Experts See Problems With Banning Ransom Payments

Data Breach Today

Would Criminals Care? Might Victims Still Pay? Would Hospitals Be Exempt? As the damage caused by ransomware and profits flowing to attackers reaches record levels, a panel of cybersecurity and policy experts reviewed what it might take to ban ransom payments and whether such a ban might take a bite out of cybercrime or have unwelcome consequences.

More Trending

article thumbnail

LockBit Infrasttructure Seized By US, UK Police

Data Breach Today

LockBit Ransomware Operations Is Latest to Fall in Series of Takedowns An international law enforcement operation seized the infrastructure of Russian-speaking cybercriminal group LockBit, a prolific ransomware-as-a-service operation, marking the latest in a series of digital takedowns. The group’s dark web leak site now displays a seizure notice.

article thumbnail

Operation Cronos: law enforcement disrupted the LockBit operation

Security Affairs

An international law enforcement operation codenamed ‘Operation Cronos’ led to the disruption of the LockBit ransomware operation. A joint law enforcement action, code-named Operation Cronos, conducted by law enforcement agencies from 11 countries has disrupted the LockBit ransomware operation. Below is the image of the Tor leak site of the Lockbit ransomware gang that was seized by the UK National Crime Agency (NCA). “The site is now under the control of law enforcement.

article thumbnail

NIST Offers Concrete Steps for Secure Software Development

Data Breach Today

New Guidelines Include 'Absolutely Crucial' Steps to Enhance Security, Experts Say The National Institute of Standards and Technology issued new guidelines to help software developers integrate software supply chain security into every phase of the software development life cycle as experts say organizations are seeking comprehensive guidance on how to accomplish federal mandates.

Security 245
article thumbnail

Anatsa Android banking Trojan expands to Slovakia, Slovenia, and Czechia

Security Affairs

The Android banking trojan Anatsa resurged expanding its operation to new countries, including Slovakia, Slovenia, and Czechia. In November 2023, researchers from ThreatFabric observed a resurgence of the Anatsa banking Trojan, aka TeaBot and Toddler. Between November and February, the experts observed five distinct waves of attacks, each focusing on different regions.

Access 135
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Protecting EHR Systems Against Attacks and Compromises

Data Breach Today

Why Are EHRs So Vulnerable and How Can Organizations Get Better at Protecting Them? When a hospital or clinic is hit with a cyberattack, it often seems as if the electronic health record systems just can't win. Even if the EHR system is not the prime target of the attack, it's still frequently taken off line as the organization responds to the incident.

IT 242
article thumbnail

A Ukrainian Raccoon Infostealer operator is awaiting trial in the US

Security Affairs

The Raccoon Infostealer operator, Mark Sokolovsky , was extradited to the US from the Netherlands to appear in a US court. In October 2020, the US Justice Department charged a Ukrainian national, Mark Sokolovsky (28), with computer fraud for allegedly infecting millions of computers with the Raccoon Infostealer. The man was held in the Netherlands, and he was charged for his alleged role in the international cybercrime operation known as Raccoon Infostealer.

Sales 134
article thumbnail

Ukrainian Extradited to US Over Alleged Raccoon Stealer Ties

Data Breach Today

Mark Sokolovsky Has Fought Extradition From the Netherlands Since March 2022 Arrest A Dutch court extradited a Ukrainian national to the United States, where he faces criminal charges related to his role in the malware-as-a-service Raccoon Stealer. The extradition of Mark Sokolovsky, 28, comes nearly two years after Netherlands police arrested him in March 2022.

233
233
article thumbnail

Only 7% of Organizations Can Restore Data Processes within 1-3 Days After a Ransomware Attack

KnowBe4

New data on how organizations are able to respond to ransomware attacks also shows that paying a ransom is highly likely, despite having a policy of “Do Not Pay.

article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

Tech Giants Pledge to Curb AI-Made Election Misinformation

Data Breach Today

AI's Speed and Scale of Deception Is 'Unprecedented," Says US Senator Twenty technology giants including Google and Meta pledged Friday to combat the presence of artificially generated deepfake content meant to deceive voters as more than 4 billion people in more than 70 countries prepare for elections this year.

208
208
article thumbnail

State-Sponsored Threat Actors Targeting European Union Entities With Spear Phishing Campaigns

KnowBe4

Numerous state-sponsored threat actors frequently launched spear phishing attacks against European Union entities last year, according to a new report from the EU’s Emergency Response Team (CERT-EU).

Phishing 115
article thumbnail

VulnRecap 2/19/2024: News from Microsoft, Zoom, SolarWinds

eSecurity Planet

While this week was a little light on vulnerability news, it’s still been significant, with Microsoft’s Patch Tuesday happening as well as updates for major products, like Zoom. Akira ransomware vulnerabilities have also surfaced in older Cisco products, and SolarWinds patched some remote code execution flaws in its Access Rights Manager product.

article thumbnail

The IT Pro's How-to Guide to Building a Strong Security Culture

KnowBe4

The thought of building and improving your organization’s security culture can seem like a daunting task. How can you influence an entire culture? With the right plan, buy-in and content, we assure you it IS possible… and maybe even easier than you thought!

IT 111
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Streamlining supply chain management: Strategies for the future

IBM Big Data Hub

In today’s complex global business environment, effective supply chain management (SCM) is crucial for maintaining a competitive advantage. The pandemic and its aftermath highlighted the importance of having a robust supply chain strategy , with many companies facing disruptions due to shortages in raw materials and fluctuations in customer demand.

article thumbnail

The Scarcity of the Long-Term via The Technium

IG Guru

Check out the post here. The post The Scarcity of the Long-Term via The Technium first appeared on IG GURU.

article thumbnail

The Clock To Q-Day Is Ticking: InfoSec Global and Thales Provide Collaborative Path to Quantum Readiness

Thales Cloud Protection & Licensing

The Clock To Q-Day Is Ticking: InfoSec Global and Thales Provide Collaborative Path to Quantum Readiness madhav Tue, 02/20/2024 - 05:16 Blair Canavan, Thales & Dr. Vladimir Soukharev, InfoSec Global The advent of quantum computers poses a substantial threat to various industries due to their potential to compromise standard encryption methods that protect global data, communications, and transactions.

article thumbnail

Unlocking financial benefits through data monetization

IBM Big Data Hub

Data monetization empowers organizations to use their data assets and artificial intelligence (AI) capabilities to create tangible economic value. This value exchange system uses data products to enhance business performance, gain a competitive advantage, and address industry challenges in response to market demand. Financial benefits include increased revenue through the creation of adjacent industry business models, accessing new markets to establish more revenue streams, and growing existing

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

When PKI Excels for Passwordless Authentication

HID Global

PKI benefits passwordless authentication because it provides a set of tools that can verify a single entity’s identity across multiple security domains.

article thumbnail

New Guides Aim to Help Health Sector Beef Up Cyber, Privacy

Data Breach Today

HHS OCR, NIST Finalize HIPAA Cyber Guide; HSCC Issues Security, Privacy Resource Two new guidance resources - one from regulators and the other from an industry council - aim to help healthcare firms strengthen their protection of sensitive patient information and critical IT systems. The publications come as the Biden administration is pushing the sector to up its cyber game.

Privacy 237
article thumbnail

EU Court of Human Rights Rejects Encryption Backdoors

Schneier on Security

The European Court of Human Rights has ruled that breaking end-to-end encryption by adding backdoors violates human rights : Seemingly most critically, the [Russian] government told the ECHR that any intrusion on private lives resulting from decrypting messages was “necessary” to combat terrorism in a democratic society. To back up this claim, the government pointed to a 2017 terrorist attack that was “coordinated from abroad through secret chats via Telegram.” The govern