Security News

A group of hackers has started to advertise on the dark web data allegedly stolen as a result of multiple recent breaches, including ones that affected Tokopedia, Styleshare, Minted, ChatBooks, and others. Known as "Shiny Hunters," the group recently claimed responsibility for hacking Tokopedia, Indonesia's largest online store, and claimed last week to have breached Microsoft's GitHub account.

Ermetic, the cloud access risk security company, emerged from stealth mode and announced an analytics-based solution that prevents cloud data breaches by automating the detection and remediation of identity and access risks in Infrastructure as a Service and Platform as a Service offerings from Amazon, Google and Microsoft. Analyze all access activity to detect and alert on privilege escalation, suspicious access and data deletion indicative of credential theft or abuse.

Ermetic, the cloud access risk security company, emerged from stealth mode and announced an analytics-based solution that prevents cloud data breaches by automating the detection and remediation...

UPDATE. GoDaddy, the world's largest domain name registrar, is warning customers that attackers may have obtained their web hosting account credentials. The company said that the breach only affected hosting accounts, not general GoDaddy.com customer accounts, and that no customer data in the main accounts was accessed.

A new report compiling information from PrivacyRights.org on data breaches in the United States found that California has had the highest number of documents lost during attacks since 2005. Using data on the total number of records lost per breach from 2005 to 2019, email marketing company Omnisend compiled a study ranking US states and companies.

Fears over data leaks from remote workers are not only founded, they're much worse than anticipated, said the International Association of IT Asset Managers. The International Association of IT Asset Managers is warning that at-home work due to the COVID-19 pandemic is leading to a spike in data breaches that's greater than anticipated.

The 2019 Cost of a Data Breach Report, conducted by Ponemon Institute, estimates the average total cost of a data breach in the United States to be close to $4 million. The average price for each lost data record, says the report, is around $150. Breaches happen in so many ways, a one-size-fits-all solution doesn't exist.

77% think employees have put data at risk accidentally in the past 12 months and 78% think employees have put data at risk intentionally. "Egress CEO Tony Pepper believes the findings show how IT leaders are resigned to the inevitability of insider breaches and don't have adequate risk management processes and technology in place."Given the sensitivity of the information they handle, the legal industry is one of the most at-risk sectors from both accidental and intentional insider data breaches.

Passwords remain the dominant method of authentication and top cause of data breaches, according to MobileIron. "The digital workplace is driving transformation within organizations of all sizes as employees are increasingly accessing business apps and data from locations outside of their offices and homes," said Steve Brasen, research director of endpoint and identity management at EMA. "At the same time, mobile threats are increasing. More than 60 percent of respondents indicated their organization had experienced a security breach in just the last year. Organizations need to implement context-aware security and passwordless authentication to dynamically adapt to modern threats while removing the friction that is inhibiting end user productivity."

More than 50 percent of security and IT leaders agree that they are very concerned about the security of corporate endpoints given the prevalence of sophisticated attack vectors like ransomware, disruptionware, phishing and more, according to a survey from RSA Conference 2020 by Absolute. According to recent industry reports, 2019 saw a record number of more than 5,000 breaches as well "An unprecedented and unrelenting barrage of ransomware attacks" in the U.S. that impacted at least 966 businesses, government agencies, educational establishments and healthcare providers at a potential cost of more than $7.5 billion.