Security News
In October, a threat actor attempted to sell 23andMe customer data and, after failing to do so, leaked the data for 1 million Ashkenazi Jews and 4.1 million people living in the United Kingdom. 23andMe told BleepingComputer that the data was obtained through credential stuffing attacks to breach customer accounts.
Japanese car maker Nissan is investigating a cyberattack that targeted its systems in Australia and New Zealand, which may have let hackers access personal information. Details of the attack have not been published but the company informed customers of its Nissan Oceania division of a potential data breach, warning them that there is a risk of scams in the upcoming days.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned of active exploitation of a high-severity Adobe ColdFusion vulnerability by unidentified threat actors to gain initial...
The U.S. Cybersecurity and Infrastructure Security Agency is warning about hackers actively exploiting a critical vulnerability in Adobe ColdFusion identified as CVE-2023-26360 to gain initial access to government servers. The security issue allows executing arbitrary code on servers running Adobe ColdFusion 2018 Update 15 and older, and 2021 Update 5 and earlier.
Strategies for cultivating a supportive culture in zero-trust adoptionIn this Help Net Security interview, Wolfgang Goerlich, Advisory CISO at Cisco, discusses the benefits of implementing a mature zero-trust model for both security and business outcomes, revealing a decrease in reported security incidents and enhanced adaptability. Vigil: Open-source LLM security scannerVigil is an open-source security scanner that detects prompt injections, jailbreaks, and other potential threats to Large Language Models.
Cactus ransomware has been exploiting critical vulnerabilities in the Qlik Sense data analytics solution to get initial access on corporate networks. In a recent report, cybersecurity company Arctic Wolf warns of Cactus ransomware actively exploiting these flaws on publicly-exposed Qlik Sense instances that remain unpatched.
Discount store chain Dollar Tree was impacted by a third-party data breach affecting 1,977,486 people after the hack of service provider Zeroed-In Technologies. Dollar Tree is a discount retail company that operates the Dollar Tree and Family Dollar stores in 23,000 locations in the United States and Canada.
Discount store chain Dollar Tree was impacted by a third-party data breach affecting 1,977,486 customers after the hack of service provider Zeroed-In Technologies. Dollar Tree is a discount retail company that operates the Dollar Tree and Family Dollar stores in 23,000 locations in the United States and Canada.
CISA is warning that threat actors breached a U.S. water facility by hacking into Unitronics programmable logic controllers exposed online. PLCs are crucial control and management devices in industrial settings, and hackers compromising them could have severe repercussions, such as water supply contamination through manipulating the device to alter chemical dosing.
Okta has admitted that the number of customers affected by its October customer support system data breach is far greater than previously thought. In the process of figuring out how the mistake came to be, it also identified additional reports accessed by the attackers, including employee information and the contact details of all Okta certified users and some Okta Customer Identity Cloud customers.