The Breach News

Are Neglected AD Service Accounts Putting Your Organization at Risk?

Date: June 17, 2025
Category: Password Security / Active Directory

In many organizations, Active Directory (AD) service accounts are often overlooked, quietly lingering long after their intended use has faded. These orphaned accounts—typically created for legacy applications, automated tasks, or testing—often remain active with non-expiring or outdated passwords. It’s no surprise that these service accounts frequently escape the routine scrutiny of security teams. Burdened by daily challenges and ongoing technical debts, security personnel often neglect these accounts, which are disconnected from individual users and seldom reviewed. Unfortunately, this lack of attention makes them prime targets for attackers looking to infiltrate networks undetected. If left unmonitored, these forgotten service accounts can become silent gateways for security breaches and lateral movement within enterprise environments. In this article, we’ll delve into the dangers posed by neglected AD service accounts…

Are Forgotten AD Service Accounts Exposing Your Organization to Threats? In today’s cybersecurity landscape, the often-overlooked Active Directory (AD) service accounts pose significant risks to organizations. These accounts, created for purposes such as legacy applications, automation scripts, and testing environments, can easily become abandoned relics of systems no longer in…

Read More

Are Neglected AD Service Accounts Putting Your Organization at Risk?

Date: June 17, 2025
Category: Password Security / Active Directory

In many organizations, Active Directory (AD) service accounts are often overlooked, quietly lingering long after their intended use has faded. These orphaned accounts—typically created for legacy applications, automated tasks, or testing—often remain active with non-expiring or outdated passwords. It’s no surprise that these service accounts frequently escape the routine scrutiny of security teams. Burdened by daily challenges and ongoing technical debts, security personnel often neglect these accounts, which are disconnected from individual users and seldom reviewed. Unfortunately, this lack of attention makes them prime targets for attackers looking to infiltrate networks undetected. If left unmonitored, these forgotten service accounts can become silent gateways for security breaches and lateral movement within enterprise environments. In this article, we’ll delve into the dangers posed by neglected AD service accounts…

NY State Imposes $2M Fine on Dental Plan Company for Phishing Breach

Data Privacy, Data Security, Healthcare Healthplex, a UnitedHealth Group Subsidiary, Fined for Lacking MFA on Compromised Email Account Marianne Kolbasuk McGee (HealthInfoSec) • August 18, 2025 New York State fined a dental plan administrator owned by insurer UnitedHealth Group $2 million for failing to protect data with multifactor authentication. (Image:…

Read MoreNY State Imposes $2M Fine on Dental Plan Company for Phishing Breach

Manpower Data Breach Affects 144K as Workday Confirms Third-Party CRM Hack

A cyberattack on Manpower’s Michigan office has compromised the data of 144,000 individuals, while Workday faces a data breach linked to a broader social engineering scheme. These incidents underscore the escalating risks posed by cyber threats. Recently, two significant organizations—global staffing agency Manpower and software provider Workday—have reported separate cyberattacks…

Read MoreManpower Data Breach Affects 144K as Workday Confirms Third-Party CRM Hack

Google Chrome’s New Feature Allows One-Click Password Updates for Breached Accounts

May 21, 2025
Data Breach / Account Security

Google has introduced an innovative feature in its Chrome browser that enables its built-in Password Manager to automatically change a user’s password when it identifies compromised credentials. According to Google’s Ashima Arora, Chirag Desai, and Eiji Kitamura, “When Chrome detects a compromised password during sign-in, Google Password Manager prompts the user with an option to fix it automatically.” On supported websites, Chrome can create a strong new password and update the user’s credentials seamlessly. This feature enhances the Password Manager’s existing functionalities, which include generating secure passwords during account creation and flagging credentials involved in data breaches. Google has informed The Hacker News that this feature has not yet been officially released for end users, as it is primarily focused on developers to help optimize their websites in anticipation of the rollout. The automated password change aims to streamline the process and reduce friction for users concerned about their account security.

Google Chrome Introduces Automated Password Update Feature Amid Rising Data Breach Concerns May 21, 2025 Cybersecurity / Data Protection In a significant update aimed at enhancing online security, Google has unveiled a new feature for its Chrome browser that empowers the built-in Password Manager to automatically update compromised passwords. This…

Read More

Google Chrome’s New Feature Allows One-Click Password Updates for Breached Accounts

May 21, 2025
Data Breach / Account Security

Google has introduced an innovative feature in its Chrome browser that enables its built-in Password Manager to automatically change a user’s password when it identifies compromised credentials. According to Google’s Ashima Arora, Chirag Desai, and Eiji Kitamura, “When Chrome detects a compromised password during sign-in, Google Password Manager prompts the user with an option to fix it automatically.” On supported websites, Chrome can create a strong new password and update the user’s credentials seamlessly. This feature enhances the Password Manager’s existing functionalities, which include generating secure passwords during account creation and flagging credentials involved in data breaches. Google has informed The Hacker News that this feature has not yet been officially released for end users, as it is primarily focused on developers to help optimize their websites in anticipation of the rollout. The automated password change aims to streamline the process and reduce friction for users concerned about their account security.

Veeam Releases Patches for Critical RCE Vulnerability (CVE-2025-23121) Scoring 9.9 CVSS in Backup & Replication

Date: Jun 18, 2025
Category: Vulnerability / Data Protection

Veeam has issued patches to address a severe security vulnerability in its Backup & Replication software that permits remote code execution under specific circumstances. Identified as CVE-2025-23121, this flaw has a CVSS score of 9.9 out of 10. According to the company’s advisory, it allows remote code execution (RCE) on the Backup Server by an authenticated domain user. The vulnerability affects all earlier builds of version 12, including 12.3.1.1139, and has been remedied in version 12.3.2 (build 12.3.2.3617). The discovery and reporting of this vulnerability were credited to security researchers from CODE WHITE GmbH and watchTowr. Cybersecurity firm Rapid7 suggests that this update addresses concerns raised by CODE WHITE in March 2025 regarding the potential bypassing of a previous patch for a related vulnerability (CVE-2025-23120, also scored 9.9). Additionally, Veeam has resolved another issue within the same product.

Veeam Addresses Critical RCE Vulnerability in Backup & Replication Software On June 18, 2025, Veeam Software announced the release of critical patches addressing a severe vulnerability identified as CVE-2025-23121 within its Backup & Replication platform. This flaw, rated at an alarming 9.9 on the Common Vulnerability Scoring System (CVSS), poses…

Read More

Veeam Releases Patches for Critical RCE Vulnerability (CVE-2025-23121) Scoring 9.9 CVSS in Backup & Replication

Date: Jun 18, 2025
Category: Vulnerability / Data Protection

Veeam has issued patches to address a severe security vulnerability in its Backup & Replication software that permits remote code execution under specific circumstances. Identified as CVE-2025-23121, this flaw has a CVSS score of 9.9 out of 10. According to the company’s advisory, it allows remote code execution (RCE) on the Backup Server by an authenticated domain user. The vulnerability affects all earlier builds of version 12, including 12.3.1.1139, and has been remedied in version 12.3.2 (build 12.3.2.3617). The discovery and reporting of this vulnerability were credited to security researchers from CODE WHITE GmbH and watchTowr. Cybersecurity firm Rapid7 suggests that this update addresses concerns raised by CODE WHITE in March 2025 regarding the potential bypassing of a previous patch for a related vulnerability (CVE-2025-23120, also scored 9.9). Additionally, Veeam has resolved another issue within the same product.

WarLock Ransomware Group Claims Cyber Breach at Colt Telecom and Hitachi

WarLock ransomware has reportedly breached Colt and Hitachi, prompting an investigation and efforts to restore systems at Colt while cybersecurity experts examine the alleged data breach. A new ransomware group, WarLock, which emerged just two months ago, is seeking to establish its credibility by targeting prominent organizations. Recently, it added…

Read MoreWarLock Ransomware Group Claims Cyber Breach at Colt Telecom and Hitachi

State Settles for $2M with Dental Insurer Over Cybersecurity Breaches – Crain’s New York Business

State Settles for $2 Million with Dental Insurer Over Cybersecurity Breaches In a significant development within the realm of cybersecurity compliance, a settlement has been reached between state authorities and a dental insurance provider concerning serious violations of data security protocols. The agreement, totaling $2 million, highlights the legal and…

Read MoreState Settles for $2M with Dental Insurer Over Cybersecurity Breaches – Crain’s New York Business