Traditional SIEM falls short for CISOs due to evolving threats and data overload. The need for advanced analytics is clear to effectively identify and detect threats. Costs are a major concern, and budgets are tight. Automation is desired, especially in the triage phase, but confusing cost models for tools add...
This week, U.S. short seller lender EquiLend Holdings was hacked, the Ivanti exploitation continued, Apple addressed the first zero-day of 2024, Ukraine said hackers had hit a Russian research center, Kasseika ransomware evolved, North Korean hackers were active, and Trello experienced a data leak.
Supply chain attacks and zero-day exploits surged in 2023, helping to set yet another record for data breaches tracked by the Identity Theft Resource Center. James E. Lee, COO of the group, explained why the number of compromises grew so dramatically - from 1,801 incidents in 2022 to 3,205 in 2023.
Does a day ever go by without a fresh set of data breach notifications? Some organizations' breach notifications at least signal respect for the recipient. But others play it shadier, by resorting to marketing spin, minimizing the blame, and in some cases, even indulging in corporate cheerleading.
Hewlett Packard Enterprise in an after-hours regulatory filing disclosed that suspected Russian state hackers had gained access to corporate email inboxes for more than seven months. A threat group tracked as "Midnight Blizzard" first penetrated HPE's cloud-based email service in May 2023.
Federal regulators have released guidance that spells out voluntary cybersecurity performance goals for the healthcare sector. The document is a first step in fleshing out the Biden administration's strategy to push hospitals and other healthcare entities to adopt a stronger cybersecurity posture.
A security vulnerability in Fortra's GoAnywhere managed file transfer software can allow unauthorized users to create a new admin user. The vulnerability is a remotely exploitable authentication bypass flaw. Hackers have targeted file transfer software over the past year, including GoAnywhere MFT.
An unsecured database appearing to belong to a Netherlands-based medical laboratory exposed 1.3 million records on the internet, including COVID test results and other personal identifiable information, said a security researcher who discovered the trove and reported his findings to the company.
Non-bank mortgage lending giant LoanDepot says hackers stole "sensitive personal information" pertaining to 16.6 million customers when they breached its systems earlier this month as part of a ransomware attack. The company said it will directly notify all affected customers.
Skateboarding shoe and outdoor apparel maker VF Corp. said data pertaining to 35.5 million customers appears to have been stolen in a data breach the company detected and disclosed last month. The breach disrupted e-commerce order fulfillment as well as inventory replenishment at retail stores.
The appearance of Naz.api - a massive collection of online credentials harvested by information-stealing malware that contains 71 million unique email addresses - illustrates the scale at which such data is being collected, shared and sold, security experts warn.
Enterprises continue to invest in cybersecurity solutions, with spending projected to double from US$92 billion in 2022 to over US$170 billion by 2027. The 2023 Exabeam Global State of Threat Detection, Investigation, and Response (TDIR) Report, conducted with more than 1,100 senior security and IT professionals...
This week, Microsoft expanded plans to store EU citizens' data locally, shipping-themed phishing spam is a threat, the British Library overcame a ransomware setback, the FBI warned of Androxgh0st malware, Remcos RAT targeted South Korea, and eBay was fined $3 million for a cyberstalking campaign.
It's last call for Drizly, the alcohol delivery service Uber bought for $1.1 billion in 2021. Whether or not Drizly's past cybersecurity missteps - leading to a two-decade consent agreement with regulators - played any part in its being retired by Uber remains unclear.
With employees working remotely and accessing resources and services across public, private, and hybrid clouds through several devices and networks, the attack surface for malicious actors continues to grow.
SOC teams can harden their security posture by combining security and IT operations solutions to defend...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.asia, you agree to our use of cookies.