Data Breaches

Data Breach vs. Data Leak: What's the Difference?

Feb 24, 2022 By Edward Kost In UpGuard

Simply put, a data leak is when sensitive data is unknowingly exposed to the public, and a data breach is an event caused by a cyberattack. An example of a data leak is a software misconfiguration facilitating unauthorized access to sensitive resources - such as the major Microsoft Power Apps data leak in 2021. An example of a data breach is a cybercriminal overcoming network security controls to gain access to sensitive resources.

Read Post

UpGuard

Read more about Data Breach vs. Data Leak: What's the Difference?

Lessons From Billions of Breached Records by Troy Hunt of https://haveibeenpwned.com

Feb 18, 2022 By Teleport In Teleport

Security flaws, hackers and data breaches are the new normal. It’s not just those of us in the industry facing these foes every single day; it’s everyone. Whether you’re online or offline, you simply cannot exist today without your personal information being digitized in systems which are often left vulnerable and exploited at the whim of attackers. But who are these people — the ones who seek to break through our defenses and exploit our data? And how are they continually so effective at doing so, despite our best efforts?

View Video

Teleport

Read more about Lessons From Billions of Breached Records by Troy Hunt of https://haveibeenpwned.com

How to Detect Data Exfiltration (Before It's Too Late)

Feb 10, 2022 By Edward Kost In UpGuard

A data exfiltration attack involves the unauthorized transfer of sensitive data, such as personal data and intellectual property, out of a target system and into a separate location. These transfers could either occur internally, through insider threats, or externally, through remote Command and Control servers. Every cyberattack with a data theft objective could be classified as a data exfiltration attack.

Read Post

UpGuard

Read more about How to Detect Data Exfiltration (Before It's Too Late)

What Is the Cost of a Third Party Data Breach?

Feb 4, 2022 By RiskOptics In RiskOptics

Data breaches are cybersecurity events that significantly harm a company’s reputation, finances, and compliance posture. When information is leaked or extracted from your database via a third-party partner, that is known as a third-party data breach. These events can have a devastating impact when your company handles sensitive information belonging to clients.

Read Post

RiskOptics

Read more about What Is the Cost of a Third Party Data Breach?

365 Breaches Anticipated in 2021 and How Predictions Can Protect Your Firm in 2022

Feb 3, 2022 By SecurityScorecard In SecurityScorecard

What would you do, if you could predict a data breach? In this webinar recording, Penguin, Sainsbury’s, Tesco, and others will show how they use SecurityScorecard to predict and prevent data breaches. They will explain how they engage with their subsidiaries and suppliers, showing you how hundreds of breaches have been predicted in 2021 and what that means for 2022.

View Video

SecurityScorecard

Read more about 365 Breaches Anticipated in 2021 and How Predictions Can Protect Your Firm in 2022

2021 Data Breaches in Review: A Glimpse at the Most Damaging Cybercrimes of the Year

Feb 3, 2022 By Arctic Wolf In Arctic Wolf

2021 was another record-breaking year for cyber attacks, with reports of massive breaches and huge ransomware demands dominating headlines. It’s a trend that does not seem to be slowing any time soon, either. Currently, there are thousands of vendors in the market, with over $130 billion spent annually on defense and yet, the number of breaches continues to rise. Arctic Wolf's 2021 Data Breaches in Review counts down the most noteworthy, high-profile, and damaging data cybercrimes of the year.

Read Post

Arctic Wolf

Read more about 2021 Data Breaches in Review: A Glimpse at the Most Damaging Cybercrimes of the Year

5 ways to protect critical healthcare infrastructure from cyberattacks

Feb 2, 2022 By ManageEngine In ManageEngine

Picture this. You’re an administrator in charge of providing basic amenities and day-to-day needs across 1,000 beds in an urban multispecialty hospital. One fine morning, you notice that all the patients’ bedside monitoring systems (the computer-like devices that display patient vitals like heartbeat and blood pressure) have stopped functioning, leaving doctors and nurses in the dark.

Read Post

ManageEngine

Read more about 5 ways to protect critical healthcare infrastructure from cyberattacks

A Malicious Package Found Stealing AWS AIM data on npm has Similarities To Capital One Hack

Feb 2, 2022 By Patricia Johnson In Mend

In the latter part of December 2021, WhiteSource Diffend detected the new release of a package called @maui-mf/app-auth. This package used a vector of attack that was similar to the server side request forgery (SSRF) attack against Capital One in 2019, in which a server was tricked into executing commands on behalf of a remote user, thereby enabling the user to treat the server as a proxy for requests and gain access to non-public endpoints.

Read Post

Mend

Read more about A Malicious Package Found Stealing AWS AIM data on npm has Similarities To Capital One Hack

Lessons from 2021: Painful Misconfigurations

Feb 1, 2022 By Tsippi Dach In AlgoSec

Tsippi Dach explores some notable breaches caused by mis configuration s and how organizations can avoid becoming the next big headline.

Read Post

AlgoSec

Read more about Lessons from 2021: Painful Misconfigurations

How a Dark Web Monitoring Can Save Your Organization

Jan 29, 2022 By giusel In UTMStack

Organizations often have their confidential information illicitly for sale on the darknets, but they don’t know it. Statistically, over 75% of compromised credentials are reported to the victim organization by law enforcement when it has become too late. That’s why dark web monitoring tools providers are the appropriate solution to help you know on time when your credentials are stolen and exposed on the dark web.

Read Post