Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

June 2024

knowbe4

TeamViewer Corporate Network Breached in Alleged APT Attack

Jun 28, 2024 By Stu Sjouwerman In KnowBe4
In a concerning development, TeamViewer, one of the world's leading remote access software providers, has disclosed a cyber attack that breached its corporate network environment. The incident was first detected on June 26, 2024, when TeamViewer's security team identified irregularities in their internal IT infrastructure. Responding swiftly, TeamViewer activated its incident response procedures and engaged renowned cybersecurity experts to investigate and mitigate the breach.
Read Post
Octiga

Microsoft 365 Breaches - As preventable as they are common

Jun 27, 2024 By Octiga In Octiga
It seems like every other day there is a public announcement of a compromise involving unauthorised access to Microsoft 365. Privately, my security consultancy team are called in more often than we would like to deconstruct a compromise and determine if a notifiable data breach has occurred.
Read Post
vista infosec

Data Blizzard Hits LA Schools: Students data stolen in Snowflake Hack

Jun 27, 2024 By Narendra Sahoo In VISTA InfoSec
In a recent development that has raised concerns across the education sector, Los Angeles Unified School District (LAUSD) has confirmed a significant data breach involving student information. The breach, linked to a hack of the district’s Snowflake account, has exposed sensitive data pertaining to students and employees enrolled in the sprawling district. Snowflake is a cloud database platform used by companies worldwide to store their data.
Read Post
apono

Snowflake Breach Attack Insights

Jun 27, 2024 By Ofir Stein In Apono
The recent attack on Snowflake accounts underscores a critical lesson for all cloud users: securely managing identities and access is paramount under the shared responsibility model. As more organizations leverage cloud services, it’s essential to understand that security is a collaborative effort between the service provider and the customer.
Read Post
tripwire

The 5 Industries Most Vulnerable to Data Breaches in 2024

Jun 26, 2024 By Tripwire Guest Authors In Tripwire
As we pass the halfway mark of 2024, data breaches remain on the rise. Cybercriminals are finding more and more inventive ways to infiltrate organizations, exploiting vulnerabilities in networks, software, and human behavior. From phishing schemes and ransomware attacks to insider threats and supply chain compromises, the threat of cyber attacks continues. This is bad news, especially for certain industries. The consequences of these breaches extend far beyond financial losses.
Read Post
idstrong

What You Need to Know about the Norton LifeLock Data Breach

Jun 25, 2024 By Steven In IDStrong
Norton LifeLock is a global player in consumer cyber safety with a growing portfolio designed to ensure users are confident in their online privacy, security, and identity theft protection. In January 2023, the company announced that many customer accounts were affected in a breach.
Read Post
CurrentWare

How to Build a Data Breach Response Plan

Jun 20, 2024 By Guest Contributor In CurrentWare
Businesses of all shapes and sizes can fall victim to data breaches. Unfortunately, even with the best privacy and security measures in place, hackers are continually becoming more skilled at beating them. A well designed and implemented data breach response plan is essential if businesses are to minimize the effect of data breaches and protect their reputation. Not only that, but they can reduce the financial damage to the business and better position the organization for recovery.
Read Post
Featured Post
ThreatQuotient

Why Manufacturers are in the Crosshairs of Threat Actors

Jun 19, 2024 By Chris Jacob, Vice President, Threat Intelligence Engineering In ThreatQuotient
In today's modern digitised environment, the manufacturing industry faces multiple interwoven challenges that can have a serious impact on their overall performance and sustainability. These challenges include supply chain disruptions, with events such as natural disasters, geopolitical issues, and pandemics disrupting the global supply chain, affecting the timely delivery of raw materials and components. These disruptions put pressure on manufacturing organisations to better plan for potential supply chain uncertainty, while responding quickly to changes in customer demand, and also trying to keep costs low.
Read Post
vista infosec

Data Disaster: Los Angeles Public Health Department Suffers Biggest Data Breach

Jun 19, 2024 By Narendra Sahoo In VISTA InfoSec
On June 17, 2024, the Los Angeles County Department of Public Health (DPH) disclosed a data breach impacting more than 200,000 clients, employees, and other individuals. The stolen data includes personal, medical and financial information. The DPH said the incident took place between February 19-20, 2024, was caused by a gang of cyber criminals who gained access to the log-in credentials of email accounts of 53 employees through a phishing email.
Read Post
teramind

Data Breach Prevention: Tactics, Techniques & Tools

Jun 19, 2024 By Taran Soodan In Teramind
Chances are, every single person who reads this article has experienced a type of data breach at least once: a phishing email that looked like a late bill fee that led to identity theft, an accidental email sent including proprietary company or customer data, a parent calling to ask if they should send money to a prince abroad (after the fact), or an open backpack that leads to the physical theft of a mobile device.
Read Post
apono

Healthcare Cybersecurity: Preventing Data Breaches

Jun 19, 2024 By Rom Carmel In Apono
Healthcare organizations find themselves today at the forefront of a disturbing trend: a seemingly unending onslaught of data breaches. These nefarious incidents, far from being isolated occurrences, have emerged as a persistent and pervasive threat, one that demands immediate and comprehensive action to safeguard patient privacy and operational integrity.
Read Post
foresiet

The AMD Data Breach: Cyber Threats and Dark Web Activity

Jun 18, 2024 By Foresiet In Foresiet
Recently, our team at Foresiet Threat Intelligence detected a significant data breach affecting AMD, a prominent computing company. This breach, orchestrated by the renowned dark web threat actor IntelBroker. The breach, uncovered by the Foresight Threat Intelligence Team, revealed a vast array of compromised data, including details on future products, spec sheets, employee and customer databases, property files, ROMs, source code, firmware, and financial records. The Dark Web Connection.
Read Post
teramind

12 Types of Data Breaches to Look Out For in 2024

Jun 18, 2024 By Taran Soodan In Teramind
Already in 2024, nearly 10,000 publicly disclosed global data breaches affected hundreds of millions of user records. Apple, Meta, and Twitter all succumbed to data breaches in 2024 (and numerous times in the past), providing the public and its shareholders with a stark reminder that malicious activity constantly makes user data susceptible to cybercriminal activity, no matter the platform or level of password security.
Read Post
outpost 24

TicketMaster breach: Leaked credentials are the golden ticket once again

Jun 17, 2024 By KrakenLabs In Outpost 24
It had already been a challenging few weeks for Live Nation Entertainment, Inc. as they faced down a lawsuit from The Justice Department regarding anti-competitive practices. Things got worse at the end of May when a cybercriminal known as “SpidermanData” claimed to have breached a huge database of 560 million records (including personal and financial data) belonging to TicketMaster Entertainment, LLC – a Live Nation company.
Read Post
foresiet

Snowflake Data Breach: 165 Customers' Information Exposed in Ongoing Extortion Campaign

Jun 13, 2024 By Foresiet In Foresiet
Recent reports reveal that up to 165 customers of Snowflake, a prominent cloud data warehousing platform, have fallen victim to a sophisticated data breach and extortion campaign. This ongoing operation, identified by cybersecurity firm Mandiant as UNC5537, underscores broader implications for cybersecurity practices in cloud environments. Understanding the UNC5537 Campaign.
Read Post
sysdig

CDR: How Cloud Has Changed the Game

Jun 13, 2024 By Mike Watson In Sysdig
Some organizations are just beginning their migration to the cloud, while others are already firmly settled there, but almost everyone is in the cloud in some capacity by now. And for good reason: the cloud creates substantial advantages in speed, scalability, and cost. But the sobering reality is that modern threat actors have also made gains from migrating to the cloud. By weaponizing cloud automation, these threat actors can fully execute an attack in 10 minutes or less.
Read Post
SecurityScorecard

SecurityScorecard Reduced External Third-Party Breaches by 75%

Jun 11, 2024 By SecurityScorecard In SecurityScorecard
The interconnected nature of our digital economy requires a shift in how companies think about their cyber risk. Companies need to consider the broader system and how to build mutual support with their entire cyber ecosystem– customers, partners, and vendors. Yet, today, most companies still rely on manual vendor onboarding, monitoring, and point-in-time external security reports to manage supply chain cyber risk – even top Fortune 500 companies.
Read Post
protecto

Snowflake Breach: Stop Blaming, Start Protecting with Protecto Vault

Jun 10, 2024 By Amar Kanagaraj In Protecto
Hackers recently claimed on a known cybercrime forum that they had stolen hundreds of millions of customer records from Santander Bank and Ticketmaster. It appears that hackers used credentials obtained through malware to target Snowflake accounts without MFA enabled. While it's easy to blame Snowflake for not enforcing MFA, Snowflake has a solid track record and features to protect customer data. However, errors and oversight can happen in any organization.
Read Post
foresiet

First American Data Breach in December Impacts 44,000 Individuals

Jun 5, 2024 By Foresiet In Foresiet
In an alarming revelation, First American Financial Corporation, the second-largest title insurance company in the United States, disclosed that a cyberattack in December resulted in a significant data breach affecting 44,000 people. This incident underscores the importance of robust cybersecurity measures and services such as phishing takedown, online risk evaluation, stolen credentials detection, and darknet monitoring.
Read Post
foresiet

Enterprise Risk Management Failures: Insights from the Cencora Breach

Jun 4, 2024 By Foresiet In Foresiet
In a significant cybersecurity incident, Cencora, a leading pharmaceutical services provider, experienced a data breach in February 2024, exposing sensitive patient information from 11 major pharmaceutical companies. This breach underscores the critical importance of robust enterprise risk management, vulnerability management, and endpoint security in protecting sensitive data and managing online reputation.
Read Post
foresiet

Live Nation/Ticketmaster Data Breach: Insights and Implications

Jun 4, 2024 By Foresiet In Foresiet
On May 20th, 2024, Live Nation, the parent company of Ticketmaster, uncovered "unauthorized activity" within one of its cloud databases. This breach was swiftly followed by the hacker named called ShinyHunters claiming responsibility. The repercussions of this incident are vast, impacting millions of users and revealing significant vulnerabilities in the security infrastructure of one of the world's largest entertainment companies.
Read Post
Trustwave

Threat Advisory: Snowflake Data Breach Impacts Its Clients

Jun 4, 2024 By Trustwave In Trustwave
On May 20, 2024, Live Nation discovered and disclosed an unauthorized activity in its third-party cloud database environment, which was eventually identified to be Snowflake, in its SEC filing. The database contains information regarding the company, primarily from its Ticketmaster subsidiary. Following this filing and in the following days, analysts discovered multiple clients of Snowflake have had data posted on the Dark Web for sale.
Read Post
keeper

What's at Stake if a Credit Union Is Breached?

Jun 4, 2024 By Aranza Trevino In Keeper
The financial industry experienced the second-highest data breach cost in 2023, according to IBM. This includes breaches that affected credit unions as well as other financial institutions. But, despite costs, what else is at stake if a credit union is breached? If a credit union is breached, customer Personally Identifiable Information (PII) is at risk of being exposed and used for malicious purposes such as identity theft and fraud.
Read Post
Rubrik

Understanding and Mitigating Snowflake Data Risks Amid Increased Cyber Threat Activity

Jun 3, 2024 By Drew Russell In Rubrik
In today's digital landscape, data security is more crucial than ever. Recently, Snowflake, a leading cloud data platform, has observed a significant uptick in cyber threat activity targeting some of its customers' accounts. This development has prompted an in-depth investigation to understand and mitigate these risks.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.