Security News
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039) November 2024 Patch...
The business contact information for 122 million people circulating since February 2024 is now confirmed to have been stolen from a B2B demand generation platform. [...]
A threat actor who goes by the online moniker “Nam3L3ss” has leaked employee data belonging to a number of corporations – including Amazon, 3M, HSBC and HP – ostensibly compromised during the May...
Nokia's investigation of recent claims of a data breach found that the source code leaked on a hacker forum belongs to a third party and company and customer data has not been impacted. [...]
An affiliate of the Mallox ransomware operation, also known as TargetCompany, was spotted using a slightly modified version of the Kryptina ransomware to attack Linux systems. [...]
Would paying a ransom - or better security - have been cheaper and safer? A US healthcare giant will pay out $65 million to settle a class-action lawsuit brought by its own patients after...
National Public Data Breach: Only 134 Million Unique Emails Leaked and Company Acknowledges Incident
It wasn't until earlier this month that a user named "Fenice" leaked 2.7 billion unencrypted records on the dark web site known as "Breached," in the form of two csv files totalling 277GB. These did not contain phone numbers and email addresses, and Fenice said that the data originated from SXUL. As individuals will each have multiple records associated with them, one for each of their previous home addresses, the breach does not expose information about 2.7 billion different people. Must-read security coverage What security experts are saying about the breach Why are the National Public Data records so valuable to cyber criminals?
Flight tracking platform FlightAware is asking some users to reset their account login passwords due to a data security incident that may have exposed personal information. [...]
Former US president Donald Trump's re-election campaign has claimed it's been the victim of a cyber attack. The claim was made after US outlet Politico reported an anonymous email account sent it a dossier of information sourced from within the campaign operation, but the entity who sent the docs declined to explain how they came by the info.
ADT Inc. disclosed via a Form 8-K filing at the U.S. Securities and Exchange Commission (SEC) that hackers have gained access to its systems, which hold customer order details. [...]