United Nations discloses possible data breach
The systems of the United Nations Environmental Program (UNEP) were found to have contained a vulnerability that could have exposed 100,000 personal data records, Bleeping Computer has reported. Ethical hackers from Sakura Samurai set out to analyze the strength of the UN’s network and managed to obtain the data in less than 24 hours. By abusing exposed Git directories and …
Tovább a bejegyzéshez
SolarWinds hackers also used brute force password techniques to breach victims
While the majority of victims of the SolarWinds supply chain attack were breached through the compromised Orion update, some had their perimeters breached via brute force password techniques. According to a recently updated advisory from the US Cybersecurity and Infrastructure Security Agency (CISA), the SolarWinds attackers didn’t always rely on the poisoned Orion update as the initial access vector. “CISA …
Tovább a bejegyzéshez
British Airways will pay billions in compensation over infamous data breach
British Airways (BA) has acknowledged it was responsible for two major 2018 data breaches and is looking to settle. According to an InfoSecurity report, BA is aiming to avoid litigation and is willing to pay out as much as $4 billion to settle the case. A total of 565,000 customers had their personal data exposed by the breaches, including their …
Tovább a bejegyzéshez
Microsoft Azure breach left thousands of customer records exposed
Another day, another company failing to secure sensitive customer data held in the cloud. It has been discovered that UK-based app developer Probase exposed information – including medical records, recruitment data, occupational health assessments, insurance claim documents and more – via an unsecured cloud database. The news was first broken by The Register, which was tipped off by cybersecurity researcher …
Tovább a bejegyzéshez
Sophos warns customers it was hit by data breach
Cybersecurity firm Sophos has confirmed it experienced a data incident that caused thepersonal information of some users to be exposed to third parties. Describing the incident in an email notification sent to affected customers, Sophos said the data was exposed through a tool used by customer support. The tool stores full names, email addresses and phone numbers (if provided) from …
Tovább a bejegyzéshez
Half of UK universities suffered a data breach last year
More than half of UK universities reported a data breach to the Information Commissioner’s Office (ICO) last year, according to a new report from security firm Redscan. The company delivered Freedom of Information (FoI) requests to 134 universities in the country and received confirmation of an incident from 86. Of those that did respond, almost half employ staff that have …
Tovább a bejegyzéshez
