Collaborate Disseminate
In this Help Net Security video, Trevor Hilligoss, VP of SpyCloud Labs, discusses the 2024 SpyCloud Identity Exposure Report, an annual report examining the latest trends in cybercrime and its impact. Researchers recaptured nearly 1.38 billion password… Continue reading Understanding next-level cyber threats
As many people suspected, Omni Hotels & Resorts was the target of a ransomware attack in March. Omni first described the incident as a chain-wide “outage” due to IT issues. By April 1, guests were losing patience with the “outage…. Continue reading Omni Hotels & Resorts attack claimed by Daixin Team; 3.5 million guests’ data stolen (2)
Acuity, the tech firm from which hackers claimed to have stolen State Department and other government data, confirms hack, but says stolen info is old.
The post Acuity Responds to US Government Data Theft Claims, Says Hackers Obtained Old Info appeared… Continue reading Acuity Responds to US Government Data Theft Claims, Says Hackers Obtained Old Info
AT&T has confirmed that the data set leaked on the dark web some two weeks ago does, indeed, contain “AT&T data-specific fields”. The company is reaching out to affected customers and offering credit monitoring services. What type… Continue reading AT&T data leaked: 73 million customers affected
NHS Dumfries and Galloway (part of NHS Scotland) has confirmed that a “recognised ransomware group” was able to “access a significant amount of data including patient and staff-identifiable information,” and has published “… Continue reading NHS Scotland confirms ransomware attackers leaked patients’ data
A weakness in a Firebase implementation allowed researchers to gain access to names, phone numbers, email addresses, plaintext passwords, confidential messages, and more.
The post Misconfigured Firebase Instances Expose 125 Million User Records appeare… Continue reading Misconfigured Firebase Instances Expose 125 Million User Records
12.8 million new secrets occurrences were leaked publicly on GitHub in 2023, +28% compared to 2022, according to GitGuardian. Remarkably, the incidence of publicly exposed secrets has quadrupled since the company started reporting in 2021. Companies ne… Continue reading 90% of exposed secrets on GitHub remain active for at least five days
GitHub push protection – a security feature aimed at preventing secrets such as API keys or tokens getting accidentally leaked online – is being switched on by default for all public repositories. “This means that when a supported sec… Continue reading GitHub push protection now on by default for public repositories
The alliance between ransomware groups and initial access brokers (IABs) is still the powerful engine for cybercriminal industry, as evidenced by the 74% year-on-year increase in the number of companies that had their data uploaded on dedicated leak si… Continue reading Cybercriminals harness AI for new era of malware development
ExpressVPN disables split tunneling on Windows after learning that DNS requests were not properly directed.
The post ExpressVPN User Data Exposed Due to Bug appeared first on SecurityWeek.
Continue reading ExpressVPN User Data Exposed Due to Bug