Security News

The BlackCat ransomware gang is behind a February cyberattack on Reddit, where the threat actors claim to have stolen 80GB of data from the company. On February 9th, Reddit disclosed that its systems were hacked on February 5th after an employee fell victim to a phishing attack.

The BlackCat ransomware gang is behind a February cyberattack on Reddit, where the threat actors claim to have stolen 80GB of data from the company. On February 9th, Reddit disclosed that its systems were hacked on February 5th after an employee fell victim to a phishing attack.

Louisiana and Oregon warn that millions of driver's licenses were exposed in a data breach after a ransomware gang hacked their MOVEit Transfer security file transfer systems to steal stored data. The agency says there is no indication that Clop used, sold, shared, or released any of that data, so the stolen data may have been deleted as the ransomware actors promised in their announcement to delete any stolen government data.

Capita is facing its first legal claim over the high profile digital burglary in late March that exposed some customer data to intruders and will cost the outsourcing biz around £20 million to clean up. Barings Law, based in England's northwest, says it dispatched a Letter of Claim to Capita last week to outline its clients' case and their list of worries.

See the NetSPI centralized detective control validation platform in action and learn how it allows companies to create and execute custom procedures using proven technology and expert human penetration testers. Ready to continuously simulate real-world attack behaviors, not just IoCs, and put your detective controls to the test in a way no other organization can? See BAS in action or schedule a 1:1 meeting with the NetSPI BAS team to get started.

Zacks Investment Research has reportedly suffered an older, previously undisclosed data breach impacting 8.8 million customers, with the database now shared on a hacking forum. Data breach notification service Have I Been Pwned listed an additional Zacks breach this weekend after being sent a database containing 8.8 million user records.

Verizon Business today released the results of its 16th annual Data Breach Investigations Report, which analyzed 16,312 security incidents and 5,199 breaches. Chief among its findings is the soaring cost of ransomware - malicious software that encrypts an organization's data and extorts large sums of money to restore access.

Last week, Progress Software Corporation, which sells software and services for user interface developement, devops, file management and more, alerted customers of its MOVEit Transfer product about a critical vulnerability dubbed CVE-2023-34362. If the backend data is stored in a SQL database, the web server might convert that URL into a SQL command like the one shown below.

Leading snowboard maker Burton Snowboards confirmed notified customers of a data breach after some of their sensitive information was "Potentially" accessed or stolen during what the company described in February as a "Cyber incident." The attack was discovered by Burton on February 11 after causing a "System outage" and forcing the company to cancel online orders.

Managed Care of North America Dental has published a data breach notification on its website, informing almost 9 million patients that their personal data were compromised.MCNA Dental is one of the largest government-sponsored dental care and oral health insurance providers in the U.S. In a notice published Friday, MCNA says it became aware of unauthorized access to its computer systems on March 6th, 2023, with an investigation revealing that the hackers first gained access to MCNA's network on February 26th, 2023.