admin

Joined: September 10, 2024
Articles: 2484

data-breaches

Data Vigilante Exposes 8 Million Employee Records from Amazon, HP, and More

Data Vigilante Exposes 8 Million Employee Records in MOVEit Vulnerability Breach In a significant breach linked to the vulnerabilities of the MOVEit file transfer software, a self-styled “Data Vigilante” identified as Nam3L3ss has leaked approximately 8 million employee records from…

admin
November 12, 2024

data-breaches

Massive Data Breach at Hot Topic Exposes Information of 57 Million Customers

Recent reports indicate a significant data breach affecting multiple prominent lifestyle retail brands, with an estimated 57 million customers potentially impacted. The breach appears to involve customer data from Hot Topic, Box Lunch, and Torrid, raising serious cybersecurity concerns amongst…

admin
November 12, 2024

cyber-attacks

New SEC Regulations Mandate U.S. Companies Disclose Cyber Attacks Within 4 Days The U.S. Securities and Exchange Commission (SEC) recently approved regulations requiring publicly traded companies to disclose details about cyber attacks within four days of determining that the incident has a “material” impact on their financials. This marks a significant change in the way data breaches are reported. SEC Chair Gary Gensler stated, “Whether a company loses a factory in a fire or millions of files in a cybersecurity incident, it may be material to investors.” He emphasized that while many public companies currently offer cybersecurity disclosures, there would be greater benefits from a more consistent, comparable, and useful approach. The new rules stipulate that companies must share information regarding the incident’s nature, scope, and timing, along with its financial impact. However, companies may request a postponement of up to 60 days for such disclosures if it is deemed necessary.

New SEC Regulations Mandate Prompt Disclosure of Cyber Incidents by Public Companies On July 26, 2023, the U.S. Securities and Exchange Commission (SEC) enacted new regulations requiring publicly traded companies to disclose significant cyber attacks within four days of recognizing…

admin
November 12, 2024

cyber-attacks

The WIRED Handbook for Safeguarding Against Government Surveillance

Maintaining Privacy in a Connected World: Strategies and Considerations In an era where digital tracking is increasingly prevalent, many individuals seek ways to maintain their privacy. According to cybersecurity expert Sandvik, one of the most straightforward methods to evade tracking…

admin
November 12, 2024

vulnerabilities

UK Seniors Urged to Stay Vigilant Against SMS Scams Related to Winter Heating Payments

Since 1958, the UK government has provided Winter Fuel Payments to support pensioners and senior citizens in maintaining warmth during the winter months. Managed by the Department for Work and Pensions (DWP), these payments typically appear as direct deposits into…

admin
November 12, 2024

data-breaches

Snyk Acquires Probely to Enhance API Security for AI Applications

Snyk Acquires Probely to Enhance API Security Amid Rising Demand Snyk, a Boston-based security company, has announced its acquisition of Probely, a dynamic application security testing firm based in Porto, Portugal. This strategic move comes in response to the escalating…

admin
November 12, 2024

data-breaches

MOVEit Data Breach Reveals Employee Information from Amazon, HSBC, and Others – Key Details You Should Know

Recent MOVEit Data Breach Exposes Sensitive Information of Major Corporations A significant new wave of data breaches has emerged, linked to the well-known MOVEit vulnerability, shaking the cybersecurity community. This incident, distinct from the Cl0p ransomware attacks of the previous…

admin
November 12, 2024

cyber-attacks

BlueBravo Targets European Diplomats with GraphicalProton Backdoor July 28, 2023 Cyber Espionage / Malware The Russian state-sponsored group known as BlueBravo has been detected attacking diplomatic entities in Eastern Europe with the intent of deploying a new backdoor malware dubbed GraphicalProton. This move highlights the ongoing evolution of cyber threats, according to a recent report from Recorded Future. The phishing campaign, active from March to May 2023, employs legitimate internet services (LIS) to obscure command-and-control (C2) activities. BlueBravo, also referred to as APT29, Cloaked Ursa, and Midnight Blizzard (formerly Nobelium), is linked to Russia’s Foreign Intelligence Service (SVR) and has historically utilized platforms like Dropbox, Firebase, Google Drive, Notion, and Trello to bypass detection and maintain covert communication with compromised systems. GraphicalProton marks the latest in a series of malware targeting diplomatic organizations, following GraphicalNeutrino (SNOWYAMBER), HALFRIG, and QUARTERRIG.

BlueBravo Deploys GraphicalProton Backdoor Targeting European Diplomatic Entities On July 28, 2023, reports emerged detailing a sophisticated cyber espionage campaign orchestrated by the Russian state-sponsored group known as BlueBravo. This threat actor has turned its focus towards diplomatic institutions located…

admin
November 12, 2024

vulnerabilities

Escalating Risks of Malware and DDoS Attacks Targeting Government Agencies

In July 2024, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) issued stark warnings regarding a surge in Distributed Denial of Service (DDoS) attacks on election-related infrastructure. SonicWall, a cybersecurity firm, reports a significant escalation in such attacks…

admin
November 12, 2024

data-breaches

Potential Responses of Global Threat Actors to a Second Trump Administration

Cybercrime, Fraud Management & Cybercrime, Government Experts Anticipate Escalating Cyber Threats as Trump Eyes Second Term Chris Riotta (@chrisriotta) • November 11, 2024 Experts warn of intensified Russian attacks on countries aligning with the European Union. (Image: Shutterstock) As speculation…

admin
November 12, 2024