FireEye, one of the world's top cybersecurity firms, says attackers stole its penetration testing tools and sought information about government clients. But FireEye doesn't believe the suspected nation-state hackers exfiltrated any data.
The U.S. National Security Agency is warning that Russian state-sponsored threat actors are attempting to exploit a known vulnerability in several VMware products, according to an alert. Federal agencies are urged to apply fixes as soon as possible.
Ransomware innovation seems to know no bounds, as crime gangs seek new ways to make crypto-locking malware ever more profitable. Beyond data-leak sites and affiliate programs, gangs have also been using call centers to cold-call victims, tell them they've been hit by ransomware and request payment.
A source code flaw in the Google Play store platform could enable attackers to perform remote code execution for credential theft on several prominent apps, a new report by security firm Check Point Research finds.
A recent data breach at a Colorado-based mental health clinic that exposed data on nearly 300,000 individuals is the latest of several in the mental health sector this year.
New Zealand's refreshed Privacy Act, which came into effect Tuesday, introduces breach notification requirements and civil penalties. It also holds data handlers to higher responsibilities to counter new threats to personal data. But the law doesn't impose financial penalties as severe as the EU's GDPR.
Canon USA has finally acknowledged that a ransomware attack earlier this year involved the theft of corporate data, including such employee information as Social Security numbers and financial account numbers.
Sophos is warning that some of its customers may have had their data exposed to a misconfigured internal system, according to a published report. The security firm confirmed that a "small set" of customers was affected.
Last week, fraudsters targeted two cryptocurrency platforms by accessing domains managed by GoDaddy, according to notices published by the victimized firms. The domain register company previously has had issues with unauthorized access.
A U.S. unit of Italian-based eyewear maker and eye care center conglomerate Luxottica has reported a breach affecting over 829,000 individuals - the fourth largest health data breach added to the U.S. federal tally so far this year. It's unclear if a recent ransomware attack is related.
Japanese computer game company Capcom acknowledged this week that a November security incident was a Ragnar Locker ransomware attack that resulted in about 350,000 customer and company records, including sales and shareholder data, potentially being compromised.
An unauthorized person apparently gained access to a database of insurance software firm Vertafore and compromised the driver's license information of over 27 million Texans. Security analysts say a misconfigured database is the likely culprit.
Chat and collaboration software tools such as Slack are critical for software development teams. But a data breach experienced by Utah-based software developer WildWorks illustrates why developers should think twice before sharing sensitive database keys over chat.
Hacking incidents - including ransomware attacks - continue to be the most common type of health data breaches added to the federal tally this year. And the ongoing COVID-19 crisis will put healthcare organizations at heightened risk for such incidents in the months to come, some experts predict.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.