data leak
You should know that most websites share your in-site search queries with third parties
If you are using a website’s internal search function, chances are good that your search terms are being leaked to third parties in some form, researchers with …
COVID-19 data put for sale on the Dark Web
Resecurity, a California-based cybersecurity company protecting Fortune 500, has identified leaked PII stolen from Thailand’s Department of Medical Sciences containing …
Conti effectively created an extortion-oriented IT company, says Group-IB
In slightly more than a month, the Conti ransomware collective compromised more than 40 companies worldwide, and the fastest attack took only three days, Group-IB’s noted in …
Ransomware gang publishes stolen victim data on the public Internet
The Alphv (aka BlackCat) ransomware group is trying out a new tactic to push companies to pay for their post-breach silence: a clearnet (public Internet) website with …
The most common exploit paths enterprises leave open for attackers
Exposed version control repositories, leaked secrets in public code repositories, a subdomain vulnerable to takover, exposed Amazon S3 buckets, and Microsoft Exchange Server …
Data leaks and shadow assets greatly exposing organizations to cyberattacks
CybelAngel published a research revealing that data leaks and shadow assets are the greatest source of exposure to cyberattacks faced by large organizations across the globe. …
Your supply chain: How and why network security and infrastructure matter
With digital transformation, the rapid adoption of cloud computing and the IoT, and the global scale of today’s supply chains, cybercriminals have more entry points to …
File security violations within organizations have spiked 134% as the world reopened for business
BetterCloud surveyed more than 500 IT and security professionals—and examined internal data from thousands of organizations and users—to understand their top challenges, …
It’s time for companies to take a hard look at how they manage secrets
Leaked infrastructure secrets – code, credentials and keys – which are exposed accidentally or intentionally cost companies an average of $1.2 million in revenue …
Unprotected CVS database exposed sensitive customer searches
Researchers have discovered an unprotected, exposed online database with over a billion records belonging to American healthcare company CVS Health. The discovery, made by …
Using memory encryption in web applications to help reduce the risk of Spectre attacks
There’s nothing quite like an actual proof-of-concept to make everyone listen. I was pleased by the PoC released by Google security engineers Stephen Röttger and Artur Janc …
Open-source tool BlobHunter helps pinpoint public Azure blobs that might contain sensitive files
CyberArk researchers have released BlobHunter, an open-source tool organizations can use to discover Azure blobs containing sensitive files they have inadvertently made …
Featured news
Resources
Don't miss
- Acronis CISO on why backup strategies fail and how to make them resilient
- Ransomware attackers are “vishing” organizations via Microsoft Teams
- Scam Yourself attacks: How social engineering is evolving
- Addressing the intersection of cyber and physical security threats
- Fleet: Open-source platform for IT and security teams