Security News
Based on customer data, the findings clearly illustrate there is a magnitude of SaaS data exposure, with 40% of all SaaS assets unmanaged, providing internal, external and public data access. Although cloud-based applications dramatically increase the efficiency and productivity throughout an enterprise, there is a significant threat that is often underestimated by CIOs and CISOs - unchecked and unmanaged data access by the SaaS provider.
Accenture, a global IT consultancy giant has allegedly been hit by a ransomware cyberattack from the LockBit ransomware gang. A ransomware group known as LockBit 2.0 is threatening to publish files data allegedly stolen from Accenture during a recent cyberattack.
Northern Ireland's Department of Health has temporarily halted its COVID-19 vaccine certification online service following a data exposure incident. Some users of the COVIDCert NI service were presented with data of other users, under certain circumstances, says the Department.
Northern Ireland's Department of Health has temporarily halted its COVID-19 vaccine certification online service following a data exposure incident. Some users of the COVIDCert NI service were presented with data of other users, under certain circumstances, says the Department.
As cloud adoption accelerates and the scale of cloud environments grows, engineering and security teams say that risks-and the costs of addressing them-are increasing. The survey of 300 cloud pros found that 36% of organizations suffered a serious cloud security data leak or a breach in the past 12 months, and eight out of ten are worried that they're vulnerable to a major data breach related to cloud misconfiguration.
The Ragnar Locker ransomware gang have published download links for more than 700GB of archived data stolen from Taiwanese memory and storage chip maker ADATA. A set of 13 archives, allegedly containing sensitive ADATA files, have been publicly available at a cloud-based storage service, at least for some time. On Saturday, the ransomware actor published on their leak site the download links to a new set of ADATA corporate documents, warning interested parties that the links would not survive for long.
The Marketo data theft marketplace is applying maximum pressure on victims by emailing their competitors and offering sample packs of the stolen data. The data sold on these sites are obtained through the marketplace's own attacks, from other threat actors, or by collecting data released in other attacks, such as ransomware or website data breaches.
Alibaba's Chinese shopping operation Taobao has suffered a data breach of over a billion data points including usernames and mobile phone numbers. Both reports state that a developer created a crawler that was able to reach beneath information available to the human eye on Taobao, and that the crawler operated for several months before Alibaba noticed the effort.
The Indonesian government is blocking access to the RaidForums hacking forum after the alleged personal information of Indonesian citizens was posted online. While the Indonesian government has not confirmed if the data is legitimate, they have performed a random investigation of 1 million records and believe a more thorough investigation needs to be conducted by the government's information technology and cybersecurity agencies.
The High Court of Ireland has issued an injunction against the Conti Ransomware gang, demanding that stolen HSE data be returned and not sold or published. Today, Conti released a decryptor for encrypted files but warned that they still intend to publish or sell data stolen during the attack on the HSE. To try and prevent the release of personal and potentially sensitive medical data, the HSE has received an injunction against the Conti ransomware again from the High Court of Ireland.