July 3, 2024 at 12:00PM FIA, the international auto racing governing body, revealed unauthorized access to personal data in a phishing attack. It has informed data protection regulators and implemented additional security measures. However, specific details regarding the breach, affected individuals, and stolen data remain undisclosed. The organization emphasized its commitment to data protection and … Read more
July 1, 2024 at 07:08PM In a time of sophisticated cyber threats, protecting sensitive data is standard. Papua New Guinea (PNG) stands out by embracing proactive cybersecurity measures, including a comprehensive National Data Protection and Governance Policy. PNG’s strategy emphasizes responsible data sharing, establishes clear guidelines, and aligns with international standards, demonstrating its commitment to … Read more
July 1, 2024 at 03:19PM Prudential Financial disclosed a data breach to the SEC in February, initially stating that it minimally impacted residents. However, an updated notice revealed over 2.5 million individuals were compromised, far surpassing the original estimate of 36,000. Stolen information includes personal details, with legal proceedings already underway. Recovery efforts will include … Read more
July 1, 2024 at 09:06AM On June 18, 2024, cybersecurity firm Rapid7 discovered trojanized installers for three software products from Indian company Conceptworld, distributing information-stealing malware. The compromise was remediated by Conceptworld within 12 hours of disclosure. The malware is capable of stealing browser credentials, cryptocurrency wallet information, logging keystrokes, and establishing connections with command-and-control … Read more
June 27, 2024 at 05:20AM A high-severity security flaw (CVE-2024-5565, CVSS score: 8.1) has been disclosed in the Vanna.AI library, which could lead to remote code execution via prompt injection techniques. This vulnerability allows the execution of arbitrary commands, posing a significant risk to the security of organizations using this Python-based machine learning library. Prompt … Read more
June 26, 2024 at 08:47PM A 22-year-old Russian, Amin Timovich Stigal, has been indicted by the US Department of Justice for allegedly targeting Ukrainian government computers in a cyber attack known as “WhisperGate”. Stigal faces a potential five-year prison sentence and a $10 million reward has been offered for information leading to his location. The … Read more
June 21, 2024 at 06:39AM The US cybersecurity agency CISA has notified participants of the CFATS program that personal information and user accounts may have been compromised following a hack of the CSAT. The incident, considered “a major incident”, potentially impacts over 100,000 individuals. While CISA found no evidence of data exfiltration, some information may … Read more
June 18, 2024 at 06:19AM Blackbaud was ordered to pay $6.75 million in a settlement for a ransomware attack and data breach. The company paid a $250,000 ransom and later revealed that sensitive information from 13,000 organizations using its services was compromised. Blackbaud has agreed to a $49.5 million settlement and to develop a comprehensive … Read more
June 17, 2024 at 03:56PM The Los Angeles County Department of Public Health suffered a phishing attack on Feb. 19-20, leading to the compromise of 53 employees’ credentials and personal information of over 200,000 people. After disabling affected email accounts, the department launched an investigation and notified law enforcement. Potentially accessed sensitive information includes medical … Read more
June 13, 2024 at 03:59PM The New York Times notified contributors of a data breach on its GitHub repositories, leading to the exposure of personal information, including names, phone numbers, and email addresses. A 273GB torrent file containing stolen data was leaked, raising concerns about potential misuse of personal information. Affected individuals were advised to … Read more