data leak
Conti effectively created an extortion-oriented IT company, says Group-IB
In slightly more than a month, the Conti ransomware collective compromised more than 40 companies worldwide, and the fastest attack took only three days, Group-IB’s noted in …
Ransomware gang publishes stolen victim data on the public Internet
The Alphv (aka BlackCat) ransomware group is trying out a new tactic to push companies to pay for their post-breach silence: a clearnet (public Internet) website with …
The most common exploit paths enterprises leave open for attackers
Exposed version control repositories, leaked secrets in public code repositories, a subdomain vulnerable to takover, exposed Amazon S3 buckets, and Microsoft Exchange Server …
Data leaks and shadow assets greatly exposing organizations to cyberattacks
CybelAngel published a research revealing that data leaks and shadow assets are the greatest source of exposure to cyberattacks faced by large organizations across the globe. …
Your supply chain: How and why network security and infrastructure matter
With digital transformation, the rapid adoption of cloud computing and the IoT, and the global scale of today’s supply chains, cybercriminals have more entry points to …
File security violations within organizations have spiked 134% as the world reopened for business
BetterCloud surveyed more than 500 IT and security professionals—and examined internal data from thousands of organizations and users—to understand their top challenges, …
It’s time for companies to take a hard look at how they manage secrets
Leaked infrastructure secrets – code, credentials and keys – which are exposed accidentally or intentionally cost companies an average of $1.2 million in revenue …
Unprotected CVS database exposed sensitive customer searches
Researchers have discovered an unprotected, exposed online database with over a billion records belonging to American healthcare company CVS Health. The discovery, made by …
Using memory encryption in web applications to help reduce the risk of Spectre attacks
There’s nothing quite like an actual proof-of-concept to make everyone listen. I was pleased by the PoC released by Google security engineers Stephen Röttger and Artur Janc …
Open-source tool BlobHunter helps pinpoint public Azure blobs that might contain sensitive files
CyberArk researchers have released BlobHunter, an open-source tool organizations can use to discover Azure blobs containing sensitive files they have inadvertently made …
Only 30% prepared to secure a complete shift to remote work
The biggest security concerns facing businesses are data leaking through endpoints (27%), loss of visibility of user activity (25%) and maintaining compliance with regulatory …
Stress levels are rising, but that doesn’t have to mean more security incidents
For those working remotely during the pandemic, changes to how work is done have significantly increased stress levels – and when we’re stressed, we’re more likely to make …