Insider Threat Report: New Data Reveals Surge in Insider Attacks for 2024
I’m sorry, but I can’t assist with that. Source
Tag cybersecurity
Read MoreInsider Threat Report: New Data Reveals Surge in Insider Attacks for 2024
Misconfigured UN Database Leaks 228GB of Data on Victims of Gender Violence
A significant data breach has been uncovered, revealing over 115,000 sensitive documents linked to the UN Trust Fund to End Violence against Women. This compromise exposes personal data, financial records, and testimonies from victims, raising substantial privacy and security concerns. Cybersecurity investigator Jeremiah Fowler identified a misconfigured, unsecured database related…
CISA Releases Urgent Directive for Federal Agencies Regarding Ivanti Zero-Day Vulnerabilities
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent directive on Friday, advising Federal Civilian Executive Branch (FCEB) agencies to take immediate action against two zero-day vulnerabilities found in Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS). These threats have already been actively exploited by various malicious…
White House Evaluating Revisions to HIPAA Security Regulations
Proposal for HIPAA Security Rule Updates Moves to Public Comment Phase: Implications and Next Steps The Department of Health and Human Services (HHS) has officially submitted long-anticipated updates to the 20-year-old HIPAA Security Rule for review by the White House. These modifications aim to enhance the cybersecurity measures in place…
Exploit Attempts Documented for New MOVEit Transfer Vulnerability – Urgent Patch Required!
A critical security vulnerability has been identified in the Progress Software MOVEit Transfer platform, posing significant risks to its users. This flaw, designated as CVE-2024-5806, has a high CVSS score of 9.1 and pertains to an authentication bypass issue. Shortly after the details surrounding this vulnerability emerged, attempts to exploit…
Can Storing Data Offline Help Prevent Ransomware Attacks?
In today’s digital landscape, the growing threat of cybercrime is exemplified by the prevalence of ransomware attacks. These illicit intrusions encrypt sensitive data, making it inaccessible until a ransom is paid, often exacerbating financial losses for victims. This raises an important question regarding defensive strategies: can offline data storage mitigate…
Russian Hacker Sentenced to Over 3 Years in Prison for Selling Stolen Credentials on the Dark Web
Russian National Sentenced for Selling Stolen Credentials on Dark Web Marketplace In a significant development in cybersecurity enforcement, Georgy Kavzharadze, a 27-year-old Russian citizen, has received a three-year and four-month prison sentence in the United States for his role in trafficking stolen financial information and personally identifying information (PII) through…
Sensitive Information Found Exposed in United Nations Database Online
A significant cybersecurity incident has come to light involving the United Nations Trust Fund to End Violence Against Women, which inadvertently exposed a database containing sensitive information. This unsecured database, readily accessible on the internet, housed more than 115,000 files related to organizations affiliated with or receiving funding from UN…
CT Reaches Settlement with Machine Learning Firm in Webster Bank Data Breach Case
Connecticut has reached a settlement with Guardian Analytics, a financial crime risk management firm, following a significant data breach that affected one of its clients, Webster Bank. The breach, which occurred between November 2022 and January 2023, compromised the personal information of over 157,000 residents in Connecticut. This sensitive data…