July 12, 2024 at 10:33AM American automotive aftermarket parts provider Advance Auto Parts disclosed that personal information of over 2.3 million individuals was compromised in a recent data breach. The incident was part of the Snowflake campaign, with threat actors accessing accounts and attempting to extort victim organizations. Advance Auto Parts is providing affected individuals … Read more
July 10, 2024 at 09:58AM Fujitsu Japan confirmed an “advanced” malware strain, not ransomware, was responsible for a March data theft affecting individuals with personal and customer information. Despite isolating infected machines and enhancing monitoring, the company didn’t disclose the scale but notified affected individuals. It aims to further bolster information security following the incident. … Read more
July 9, 2024 at 12:59PM In May 2024, the City of Philadelphia disclosed a data breach affecting over 35,000 individuals’ personal and protected health information. The breach, which occurred between May and July 2023, exposed demographic, medical, and limited financial data. The City has notified affected individuals and is taking steps to improve security and … Read more
July 7, 2024 at 09:52PM OpenAI faced backlash this week, following revelations of a 2023 system breach and privacy issues with its ChatGPT app for macOS. Moreover, the departure of key personnel raised concerns about its safety culture. The International Automobile Federation also reported a data breach, and a new ransomware group, Volcano Demon, was … Read more
July 3, 2024 at 12:00PM FIA, the international auto racing governing body, revealed unauthorized access to personal data in a phishing attack. It has informed data protection regulators and implemented additional security measures. However, specific details regarding the breach, affected individuals, and stolen data remain undisclosed. The organization emphasized its commitment to data protection and … Read more
July 1, 2024 at 07:08PM In a time of sophisticated cyber threats, protecting sensitive data is standard. Papua New Guinea (PNG) stands out by embracing proactive cybersecurity measures, including a comprehensive National Data Protection and Governance Policy. PNG’s strategy emphasizes responsible data sharing, establishes clear guidelines, and aligns with international standards, demonstrating its commitment to … Read more
July 1, 2024 at 03:19PM Prudential Financial disclosed a data breach to the SEC in February, initially stating that it minimally impacted residents. However, an updated notice revealed over 2.5 million individuals were compromised, far surpassing the original estimate of 36,000. Stolen information includes personal details, with legal proceedings already underway. Recovery efforts will include … Read more
July 1, 2024 at 09:06AM On June 18, 2024, cybersecurity firm Rapid7 discovered trojanized installers for three software products from Indian company Conceptworld, distributing information-stealing malware. The compromise was remediated by Conceptworld within 12 hours of disclosure. The malware is capable of stealing browser credentials, cryptocurrency wallet information, logging keystrokes, and establishing connections with command-and-control … Read more
June 27, 2024 at 05:20AM A high-severity security flaw (CVE-2024-5565, CVSS score: 8.1) has been disclosed in the Vanna.AI library, which could lead to remote code execution via prompt injection techniques. This vulnerability allows the execution of arbitrary commands, posing a significant risk to the security of organizations using this Python-based machine learning library. Prompt … Read more
June 26, 2024 at 08:47PM A 22-year-old Russian, Amin Timovich Stigal, has been indicted by the US Department of Justice for allegedly targeting Ukrainian government computers in a cyber attack known as “WhisperGate”. Stigal faces a potential five-year prison sentence and a $10 million reward has been offered for information leading to his location. The … Read more