April 15, 2024 at 10:07AM Delinea’s Secret Server customers are urged to upgrade installations immediately due to a critical vulnerability discovered by researcher Johnny Yu. The vulnerability allows attackers to gain admin-level access, putting account credentials at risk. Delinea fixed the vulnerability but did not credit Yu, leading to concerns about transparency. The incident also … Read more
April 11, 2024 at 12:42PM CISA issued a red-alert notice about a potential supply chain breach at Sisense, a data analytics company. The agency advised Sisense customers to reset credentials and report any suspicious activity. CISA is collaborating with industry partners to address the incident, emphasizing its potential impact on critical infrastructure. Sisense has not … Read more
March 27, 2024 at 07:05AM The Big Issue’s parent company is dealing with a serious cybersecurity incident claimed by the Qilin ransomware gang. The gang claims to have stolen 550 GB of company data, including sensitive personal information of company executives and employees, as well as subscriber data. The Information Commissioner’s Office has been notified, … Read more
March 24, 2024 at 06:15AM Clothing and footwear company VF Corporation informed 35.5 million customers of a potential identity theft risk due to a security breach last year. The breach did not involve credit card or bank account details, but personal information may have been exposed. VF denies data theft related to financial information and … Read more
March 19, 2024 at 08:19AM Nations Direct Mortgage notified over 83,000 individuals of a December 2023 data breach leading to unauthorized access of personal information including names, addresses, and Social Security numbers. The company claims no evidence of data exfiltration or fraudulent use and is offering identity monitoring services. Nations Direct faces a class action … Read more
March 18, 2024 at 10:21AM Fujitsu, a leading Japanese technology company, confirmed a cyberattack resulting in the likely theft of personal and customer information. Malware infected work computers, prompting immediate disconnection and enhanced monitoring. The company is investigating the incident, informed relevant authorities, and has begun notifying affected individuals and customers while continuing to assess … Read more
March 18, 2024 at 10:09AM Fujitsu, a leading Japanese tech giant, reported a major cybersecurity incident where malware compromised its systems and customer data. The company, known for its global IT services and government projects, promptly isolated affected computers and intensified monitoring. The breach follows a previous hack in 2021, exposing government offices and potentially … Read more
March 12, 2024 at 03:52PM Stanford University reported a ransomware attack on its Department of Public Safety (SUDPS) network, compromising personal information of 27,000 individuals. The breach occurred between May 12 and September 27, 2023. Stolen data included sensitive details like Social Security numbers and health/medical information. The Akira ransomware gang claimed responsibility and leaked … Read more
February 27, 2024 at 12:23PM The Economist and 8,000 other entities were compromised in Operation SubdoMailing, part of a larger single threat actor operation. Trusted brands, such as The Economist, were affected. It appears that Trusted brands like The Economist are among 8,000 entities compromised by Operation SubdoMailing, which is part of a larger operation … Read more
February 27, 2024 at 07:27AM U-Haul has informed 67,000 customers of a data breach targeting their personal information, accessed through a system used by U-Haul Dealers and Team Members. The breach occurred in December 2023, and exposed names, dates of birth, and driver’s license numbers, but not financial data. U-Haul is offering free identity protection … Read more