Security News

Business jet maker Bombardier is the latest company to suffer a data breach by the Clop ransomware gang after attackers exploited a zero-day vulnerability to steal company data. Soon after BleepingComputer contacted the company about the data leak, Bombardier issued a press release stating that they suffered a breach after hackers stole data from their "File-transfer application."

Silicon Valley-based venture capital giant Sequoia Capital informed investors last week that their information may have been compromised in a data breach. Axios, which broke the news on Saturday, said investors were told that some of their personal and financial information may have been accessed after a Sequoia employee fell victim to an email phishing attack.

Grocery and pharmacy chain Kroger has started informing customers and associates of a data breach involving Accellion's file transfer service FTA. The Cincinnati-based retail company operates more than 2,900 locations across 35 states and the District of Columbia, including department stores, hypermarkets, jewelry stores, supermarkets, and superstores. In a data breach notification on its website, the company says that a data security incident involving Accellion's FTA service has resulted in unauthorized access to certain Kroger data.

Supermarket giant Kroger has suffered a data breach after a service used to transfer files securely was hacked, and threat actors stole files. Yesterday, Kroger disclosed that they were the latest company to be affected by a security vulnerability in the Accellion FTA software that allowed hackers to steal data from companies utilizing the service.

Yandex - one of Europe's largest internet companies - is warning of a data breach that compromised 4,887 email accounts. The company found that a Yandex employee had been providing unauthorized access to users' mailboxes "For personal gain." This employee was one of three system administrators, who had the access privileges to provide technical support for mailboxes, said Yandex.

Russian internet and search company Yandex announced today that one of its system administrators had enabled unauthorized access to thousands of user mailboxes. The investigation revealed that the employee's actions led to the compromise of almost 5,000 Yandex email inboxes.

Researchers say they found several stolen and leaked credentials for a Florida water-treatment plant, which was hacked last week. Researchers at CyberNews said they found 11 credential pairs linked to the Oldsmar water plant, in a 2017 compilation of stolen breach credentials.

Antivirus solutions provider Emsisoft revealed last week that a third-party had accessed a publicly exposed database containing technical logs. The database was initially exposed on January 18, 2021, and remained so until the data breach was identified, on February 3.

The new release brings together the capabilities of user and entity behavior analytics, endpoint data loss prevention, digital forensics and insider threat management into a cloud-native platform to empower customers to mitigate the risk of data and IP loss. "Our overarching goal at DTEX is to help our customers better understand their workforces, protect their data and make smarter, more informed business decisions more rapidly," said Mohan Koo, co- founder and CTO, DTEX Systems.

Web development resources provider SitePoint has notified users of a data breach that resulted in some of their information being stolen. Based in Melbourne, Australia, and established more than two decades ago, SitePoint provides users with access to tutorials and books that can help them learn the basics of web development.